Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
File: baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa (raw, json)
Hash identifier: KyWvTPebLYogOdHuUCSlmKvnrkNXn4HpDIDpns+IhW4=
Subject key identifier: 2F:AE:E3:F2:2E:1E:4C:3D:D4:7C:37:D7:70:68:FC:E2:A8:6E:73:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EA6B74EEB64968BF7204D177BB74FA99B309E11
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:a6:b7:4e:eb:64:96:8b:f7:20:4d:17:7b:b7:4f:a9:9b:30:9e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e3:e1:96:dc:df:5f:06:5c:e7:99:89:38:51:
a7:cf:cd:0b:12:33:10:07:5a:5c:78:f3:6b:3a:94:
02:7d:7c:54:4f:fe:28:a4:73:ef:d7:b8:cc:66:2c:
bb:71:91:89:91:23:69:12:d4:bc:75:5b:5a:63:06:
35:84:03:86:ac:98:e2:35:94:05:58:4b:c6:9c:1d:
0e:4f:48:1e:21:cf:26:0e:1f:64:b4:6c:26:36:27:
51:2b:e6:f0:75:e5:54:98:8f:b6:0a:67:6e:78:58:
28:38:7c:48:75:07:d6:5b:f8:c8:fc:53:32:8d:0a:
a1:54:c3:81:81:86:e2:a2:b4:0d:25:e3:54:3d:aa:
20:06:c8:ff:cc:c4:d6:e6:f1:2d:11:e9:c7:1f:85:
d1:b2:57:da:9d:bc:9e:46:17:95:09:9b:aa:d4:d7:
1f:f8:08:6b:70:b7:82:be:db:06:c9:db:ef:19:d1:
6b:b1:de:7d:22:3c:e4:b1:76:90:21:88:58:0a:ae:
f6:83:8a:b3:ef:4d:c1:67:bf:8f:eb:f9:ae:63:c4:
73:f2:20:b5:61:92:b2:e2:8b:ad:6e:e0:8e:09:85:
52:3c:76:7b:e0:53:9e:db:76:b8:a0:8c:37:84:cb:
a8:c7:a9:6e:57:79:e8:8a:11:0f:14:d4:e9:55:03:
4e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:AE:E3:F2:2E:1E:4C:3D:D4:7C:37:D7:70:68:FC:E2:A8:6E:73:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
22:48:5f:49:68:8f:ca:1b:e8:03:72:9e:17:8a:c3:7d:04:bc:
ad:e3:a3:30:97:75:8a:97:85:a4:81:08:21:7c:c4:76:b6:c6:
24:4b:8b:f6:e0:a2:5d:f6:3b:22:cc:e0:f0:5a:cd:17:ce:2c:
c4:d4:49:8d:56:da:fb:99:e6:4d:ff:f9:54:7b:e5:e4:92:7a:
98:58:50:45:2c:b9:35:0d:f0:6a:c5:0c:56:53:c4:43:98:15:
ae:00:4d:ff:03:52:61:e5:2b:99:22:d7:33:d0:7d:60:81:93:
a4:a4:6c:0e:53:ff:b7:83:89:10:52:f4:b0:86:dc:a9:2f:ea:
fd:28:bf:32:27:ad:fa:38:95:a4:cc:5a:5e:a4:65:6e:8b:6d:
82:61:8d:d9:7c:2c:92:05:e8:05:b8:b0:53:14:53:5e:76:9c:
65:3f:2b:77:ac:ee:fa:7d:d6:11:6b:d5:d6:74:01:08:12:34:
8a:5e:26:2d:ed:f2:40:9b:0d:c1:22:e5:05:32:9b:2a:ec:b6:
17:e4:3b:ff:8a:70:9d:73:4c:cd:2d:2d:ce:67:f9:1d:6a:29:
93:62:a7:a7:c1:a9:50:ed:a8:eb:f8:8b:f1:6c:d2:df:f8:c7:
3d:1b:44:85:80:cc:77:35:cf:00:a1:f9:a9:f1:53:2d:a9:ed:
34:e3:bd:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXqa3Tutklov3IE0Xe7dPqZswnhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNGQwZmM1YjBiNGFkZGIyNDgzMjBjZjc5OGFlNDg5OTIxMzM1YzRlNzZh
NzIxNmIzNGUxZTU4NThhMjI0NmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrj4Zbc318GXOeZiThRp8/NCxIzEAdaXHjzazqUAn18VE/+KKRz79e4zGYs
u3GRiZEjaRLUvHVbWmMGNYQDhqyY4jWUBVhLxpwdDk9IHiHPJg4fZLRsJjYnUSvm
8HXlVJiPtgpnbnhYKDh8SHUH1lv4yPxTMo0KoVTDgYGG4qK0DSXjVD2qIAbI/8zE
1ubxLRHpxx+F0bJX2p28nkYXlQmbqtTXH/gIa3C3gr7bBsnb7xnRa7HefSI85LF2
kCGIWAqu9oOKs+9NwWe/j+v5rmPEc/IgtWGSsuKLrW7gjgmFUjx2e+BTntt2uKCM
N4TLqMepbld56IoRDxTU6VUDTlsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQvruPy
Lh5MPdR8N9dwaPziqG5zHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFhYWM1MGItZWM0Yy00MDY0LWFlNWYtOWQwYzE2ODA2ZDYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQAiSF9JaI/KG+gDcp4XisN9BLyt46Mwl3WKl4WkgQgh
fMR2tsYkS4v24KJd9jsizODwWs0XzizE1EmNVtr7meZN//lUe+XkknqYWFBFLLk1
DfBqxQxWU8RDmBWuAE3/A1Jh5SuZItcz0H1ggZOkpGwOU/+3g4kQUvSwhtypL+r9
KL8yJ636OJWkzFpepGVui22CYY3ZfCySBegFuLBTFFNedpxlPyt3rO76fdYRa9XW
dAEIEjSKXiYt7fJAmw3BIuUFMpsq7LYX5Dv/inCdc0zNLS3OZ/kdaimTYqenwalQ
7ajr+IvxbNLf+Mc9G0SFgMx3Nc8Aofmp8VMtqe00472m
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:17 2025 by rpki-client