Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
File: b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa (raw, json)
Hash identifier: SMfo6ZD1NINRtf6nSMCgEoMx1zQ/xiD55DLLbZZhOVc=
Subject key identifier: 88:41:9D:F6:A5:2E:46:05:35:94:0F:F3:46:3D:71:1D:13:88:76:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E085F783421A4805B65FF764918C28893FE6A32
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:08:5f:78:34:21:a4:80:5b:65:ff:76:49:18:c2:88:93:fe:6a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4e:4e:a8:e2:81:1e:9d:d1:00:a2:b8:0d:5a:
ac:d5:1d:9e:81:ef:36:59:3d:c9:02:f1:19:80:47:
5c:99:e9:a5:db:94:2c:66:59:fa:c1:6e:88:98:7a:
9f:9c:d5:04:08:ab:93:31:58:4c:18:a6:66:94:dd:
7d:a9:e5:09:6c:6a:5c:23:bb:73:87:46:d6:e2:2e:
c0:e0:71:74:65:15:75:9c:47:62:e1:2d:08:e6:32:
af:52:2c:29:1f:5b:97:04:61:f3:98:e1:c3:72:1b:
dd:60:68:98:51:35:1a:0e:dc:e8:74:90:38:9f:fe:
64:a5:42:8c:ee:0e:70:4a:c2:53:6a:39:05:7a:8c:
a0:d5:b3:11:8e:ed:1d:38:37:3d:62:f4:25:a8:2b:
e8:42:69:ce:a8:7b:3f:b7:e2:a9:8a:c5:fc:80:f2:
75:86:ec:7e:d5:8d:34:b1:92:c7:ff:af:45:c3:50:
25:07:cd:7d:63:6a:30:29:ba:13:a2:93:d1:3f:80:
fe:64:94:93:e2:fc:ef:95:34:28:e9:a7:00:24:2d:
04:0c:b1:d9:9e:c7:0e:c8:e5:2c:a8:75:77:5d:c3:
66:e3:60:ea:c0:a7:0f:d4:a2:bc:72:0c:82:0f:de:
a8:77:00:75:c6:86:48:13:72:5f:e3:30:f5:b4:ed:
4b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:41:9D:F6:A5:2E:46:05:35:94:0F:F3:46:3D:71:1D:13:88:76:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:70:79:05:49:e0:c9:1d:d6:94:54:1b:fd:ef:4c:8f:30:3a:
e4:a1:25:e7:7a:dd:2d:38:72:cd:80:31:1e:7a:61:28:0c:a5:
45:5c:c5:2a:a5:e4:35:52:31:26:91:08:11:a2:ac:db:a4:a9:
69:42:d7:7b:98:a2:9b:f7:2e:ab:8c:d5:2e:cb:68:54:4e:db:
50:91:51:8e:b6:88:96:e9:ee:db:36:7e:a1:bb:a0:b0:ab:e2:
09:34:8e:9b:a9:d0:fc:68:d3:94:51:88:54:dc:57:05:8f:bc:
d6:81:34:10:4f:8d:3c:a3:36:81:4f:7a:10:65:a1:66:53:f6:
02:10:6a:b6:b0:ff:d5:02:ad:1c:4d:0d:25:bd:96:49:06:af:
a9:e8:63:9a:3a:be:ee:49:f0:5f:e5:45:e0:54:6e:43:a0:32:
9e:07:b2:77:03:02:dc:3d:90:d1:60:63:1a:b5:b5:4c:ef:32:
8c:ce:79:92:3a:c6:25:32:97:eb:03:64:21:47:1a:31:19:8d:
92:df:ec:65:06:1d:61:a0:6c:a9:3e:04:16:20:81:51:33:2d:
01:54:00:0c:84:e9:51:b2:bb:af:17:df:5e:20:be:8b:ed:4a:
e5:2a:73:c5:0f:db:bd:7b:92:fd:ec:6e:dd:0f:6d:d0:5b:a5:
69:40:94:61
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfghfeDQhpIBbZf92SRjCiJP+ajIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2Yzg1OGRjYzBmNzlmOWUwY2M2ZDY3MmM4OTRiOWIyMTgxMmU3ZTkzZWM1
OWFlODFiNGUxMGQ5NTE2MTdmZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhOTqjigR6d0QCiuA1arNUdnoHvNlk9yQLxGYBHXJnppduULGZZ+sFuiJh6
n5zVBAirkzFYTBimZpTdfanlCWxqXCO7c4dG1uIuwOBxdGUVdZxHYuEtCOYyr1Is
KR9blwRh85jhw3Ib3WBomFE1Gg7c6HSQOJ/+ZKVCjO4OcErCU2o5BXqMoNWzEY7t
HTg3PWL0Jagr6EJpzqh7P7fiqYrF/IDydYbsftWNNLGSx/+vRcNQJQfNfWNqMCm6
E6KT0T+A/mSUk+L875U0KOmnACQtBAyx2Z7HDsjlLKh1d13DZuNg6sCnD9SivHIM
gg/eqHcAdcaGSBNyX+Mw9bTtS7ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIQZ32
pS5GBTWUD/NGPXEdE4h2jzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjhhMmI0MmEtOWVhMy00ZThkLTkyZWMtZTg5YzljNDQ2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQC0cHkFSeDJHdaUVBv970yPMDrkoSXnet0tOHLNgDEe
emEoDKVFXMUqpeQ1UjEmkQgRoqzbpKlpQtd7mKKb9y6rjNUuy2hUTttQkVGOtoiW
6e7bNn6hu6Cwq+IJNI6bqdD8aNOUUYhU3FcFj7zWgTQQT408ozaBT3oQZaFmU/YC
EGq2sP/VAq0cTQ0lvZZJBq+p6GOaOr7uSfBf5UXgVG5DoDKeB7J3AwLcPZDRYGMa
tbVM7zKMznmSOsYlMpfrA2QhRxoxGY2S3+xlBh1hoGypPgQWIIFRMy0BVAAMhOlR
sruvF99eIL6L7UrlKnPFD9u9e5L97G7dD23QW6VpQJRh
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:36 2025 by rpki-client