Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae322439-8d21-418e-aecb-d1ef1e317dbe.roa
File: ae322439-8d21-418e-aecb-d1ef1e317dbe.roa (raw, json)
Hash identifier: g/dxVmsqRLKLZRuyVHXiNkd9Khu7dJ97nzUWchahyIo=
Subject key identifier: 4E:36:BB:F2:08:EB:FD:69:FB:89:E1:10:B0:BE:B0:96:74:94:89:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1EC7866F1D24D57655E6D80C305CB5114BE6EC83
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae322439-8d21-418e-aecb-d1ef1e317dbe.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:c7:86:6f:1d:24:d5:76:55:e6:d8:0c:30:5c:b5:11:4b:e6:ec:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:61:3a:24:aa:aa:34:2f:71:08:32:4f:f5:
0c:c4:79:ff:cc:34:ad:04:f5:c9:09:38:15:fb:f3:
45:53:a6:4d:38:a0:0a:57:ce:d4:02:d9:59:0e:dd:
17:01:6d:c8:63:19:77:53:89:24:d5:30:15:f8:e5:
f9:6f:fe:a2:2d:3f:9a:0f:9b:f1:b9:96:cc:a3:62:
da:cd:39:a9:12:e3:b1:a9:fb:de:f5:0e:65:d5:5e:
28:ac:dc:24:db:fe:65:ef:ac:4b:c0:8e:12:83:19:
1c:3b:e2:a8:62:4d:4b:fd:11:6c:c0:e7:60:1f:dc:
4c:5a:f7:74:fb:6c:3d:6f:07:79:b6:28:2b:35:97:
27:ef:4c:75:ab:94:26:46:7b:71:4f:e2:69:a4:b4:
b6:bb:23:3c:a0:c6:b0:18:6b:25:95:7f:2b:51:24:
51:5f:06:b9:aa:60:f7:b5:c6:29:6c:ef:5a:c2:42:
54:96:f4:8a:4c:c2:a2:25:f1:80:0e:c7:f2:49:a5:
1f:4a:8a:c4:c7:e1:1f:27:05:13:b4:ee:4f:ec:10:
7a:a9:ff:ee:79:ef:6a:1d:66:1d:b4:84:bc:ad:29:
2e:9c:9d:64:f3:db:93:54:a3:72:c1:9d:24:78:ac:
80:a8:4d:d4:56:fe:06:b8:57:79:78:17:52:2a:d1:
45:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:36:BB:F2:08:EB:FD:69:FB:89:E1:10:B0:BE:B0:96:74:94:89:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ae322439-8d21-418e-aecb-d1ef1e317dbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
d3:83:0c:14:2d:53:96:d7:13:0d:3b:9a:ce:ff:ca:0f:b6:55:
38:73:29:10:a5:c5:0d:29:71:5d:fc:a0:52:18:75:7e:a0:26:
9e:a8:20:4d:32:fc:26:4a:69:0b:b8:1e:ab:e1:02:34:f7:b5:
c6:fa:a0:96:b5:ac:a9:2c:5c:2e:08:e2:a3:42:2a:b4:57:66:
74:8b:a1:2a:8f:e9:57:ea:95:6f:d9:41:e5:81:1e:c1:0d:b9:
3c:52:21:9e:d3:bd:1c:2f:74:fe:96:af:64:15:a4:44:28:33:
f6:5c:be:ab:4e:6d:67:58:27:13:ae:a0:cd:cf:8e:5f:93:e4:
d1:26:3e:ed:10:e1:26:1b:64:94:d6:0b:85:79:e1:a4:50:26:
ee:b1:fc:51:83:e5:3c:ad:e0:32:cd:40:2f:fd:70:98:d4:32:
48:9b:80:e0:2f:58:1d:78:cd:24:97:dc:0c:4b:89:42:f6:21:
1c:ce:e6:0e:e5:9a:bd:00:da:4d:b2:23:70:c2:7a:87:40:21:
58:c0:92:e8:55:ab:d3:4e:f6:34:34:cc:d9:3a:b6:10:f0:bc:
1b:de:11:23:80:ff:01:3f:b6:db:e7:a8:3e:30:9c:c4:79:a5:
4e:ab:cb:21:30:ea:20:ad:ec:dc:d9:a2:ce:98:1f:76:28:09:
f5:d5:dc:a8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHseGbx0k1XZV5tgMMFy1EUvm7IMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1YWVlZDUyZTlmM2FjNDNjZjdjODg2ZmYxOGEyNTQxN2NhNWM1NmNjNjgx
YWU3YjczY2NlZDNmZTFjZDg0ZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhiYTokqqo0L3EIMk/1DMR5/8w0rQT1yQk4FfvzRVOmTTigClfO1ALZWQ7d
FwFtyGMZd1OJJNUwFfjl+W/+oi0/mg+b8bmWzKNi2s05qRLjsan73vUOZdVeKKzc
JNv+Ze+sS8COEoMZHDviqGJNS/0RbMDnYB/cTFr3dPtsPW8HebYoKzWXJ+9MdauU
JkZ7cU/iaaS0trsjPKDGsBhrJZV/K1EkUV8Guapg97XGKWzvWsJCVJb0ikzCoiXx
gA7H8kmlH0qKxMfhHycFE7TuT+wQeqn/7nnvah1mHbSEvK0pLpydZPPbk1SjcsGd
JHisgKhN1Fb+BrhXeXgXUirRRT0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRONrvy
COv9afuJ4RCwvrCWdJSJSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWUzMjI0MzktOGQyMS00MThlLWFlY2ItZDFlZjFlMzE3ZGJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEA04MMFC1TltcTDTuazv/KD7ZVOHMpEKXFDSlxXfyg
Uhh1fqAmnqggTTL8JkppC7geq+ECNPe1xvqglrWsqSxcLgjio0IqtFdmdIuhKo/p
V+qVb9lB5YEewQ25PFIhntO9HC90/pavZBWkRCgz9ly+q05tZ1gnE66gzc+OX5Pk
0SY+7RDhJhtklNYLhXnhpFAm7rH8UYPlPK3gMs1AL/1wmNQySJuA4C9YHXjNJJfc
DEuJQvYhHM7mDuWavQDaTbIjcMJ6h0AhWMCS6FWr0072NDTM2Tq2EPC8G94RI4D/
AT+22+eoPjCcxHmlTqvLITDqIK3s3NmizpgfdigJ9dXcqA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:03:02 2025 by rpki-client