Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
File: c8417d8d-dd59-4c9c-9131-401f49361e96.roa (raw, json)
Hash identifier: 0EaMR5boU15nlnP7F2vfuQG5Pd+sqR9G8fQZQDWxoAk=
Subject key identifier: 6B:C9:6D:6B:FB:0F:9A:7F:1F:79:A1:09:48:8F:51:BB:F8:57:7D:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 336DED8577C36609BEB40A52CD04648FDC8F6B89
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:6d:ed:85:77:c3:66:09:be:b4:0a:52:cd:04:64:8f:dc:8f:6b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:26:44:e3:11:07:80:e5:6f:30:3a:95:2d:7f:
77:4d:eb:ee:6c:35:4d:69:a7:a4:c4:78:48:bd:12:
e0:fe:59:09:2c:03:d6:77:06:dd:70:d7:1f:4d:96:
e0:fd:54:7e:15:f6:42:b6:e2:2f:29:87:6a:5f:d3:
61:56:b5:a6:48:cb:2d:ba:55:7a:7a:c3:52:e0:36:
e3:78:7c:43:47:42:5d:1f:13:07:53:f6:84:6c:18:
2b:d7:14:57:b7:5f:9b:6e:bf:0a:1a:98:75:f7:6f:
22:20:8d:f0:38:12:0a:65:a3:98:86:b9:95:9b:03:
e0:5c:b0:1c:83:02:6c:2d:cd:e3:72:aa:55:00:bc:
4e:95:74:3d:e8:b8:eb:03:d2:1e:6c:ec:77:8d:74:
e1:3d:28:54:fe:d9:05:52:1f:3d:d5:37:b9:64:9e:
e2:52:23:13:17:9c:63:56:38:c7:e4:bd:bc:fc:2a:
82:56:70:1c:ec:5f:4a:b4:91:0b:6d:e9:13:d2:46:
9e:bd:8d:8a:aa:1d:dd:d7:8b:ca:74:7a:2e:15:dc:
ec:da:93:b1:70:97:22:f2:72:a9:25:8c:fb:85:bf:
87:88:65:13:f5:db:3d:29:45:42:c6:c6:14:fe:8c:
60:73:9c:df:ac:2c:47:b6:36:1d:c2:9c:45:fc:80:
53:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C9:6D:6B:FB:0F:9A:7F:1F:79:A1:09:48:8F:51:BB:F8:57:7D:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2d:6d:4c:af:2a:90:15:4c:d2:94:76:0d:43:dc:e0:63:48:89:
91:d3:d8:ba:5b:c3:00:96:42:2d:33:20:05:f4:f9:79:64:ba:
43:b8:b9:12:bc:75:d6:c3:2f:4b:fb:d3:4d:ec:99:58:99:30:
e3:b5:8f:a7:52:8c:7e:9e:ab:7c:5a:af:63:05:07:64:20:e7:
c3:25:f9:6e:a7:d6:43:24:ae:d4:7c:77:08:b8:3d:79:1c:b0:
f6:9d:e5:b3:1b:55:3f:9c:a6:c4:05:cc:c9:78:9e:c7:e9:50:
61:06:57:89:5d:33:87:61:e5:a7:34:73:1e:71:00:e7:e2:4b:
65:17:cf:b3:27:08:dc:f4:17:7f:48:d0:b7:c6:64:d7:e1:54:
2a:f5:f9:5e:f3:24:08:15:81:55:76:bb:9e:64:26:9f:3c:e7:
8b:32:f8:48:da:c1:a5:31:f8:6d:7c:61:a1:96:f8:f7:83:a7:
eb:a9:c3:c3:ec:18:6a:16:35:d5:5b:2f:9d:28:99:0b:99:43:
72:90:08:28:6b:c0:d9:58:fd:6f:9a:0a:c4:64:07:f8:49:57:
5c:2f:61:b2:c2:06:37:3a:b2:9a:f6:89:36:d2:e3:36:a1:0c:
3f:6e:fb:85:6d:98:e5:56:58:12:40:3b:4f:ff:45:7c:64:e9:
6f:da:8e:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM23thXfDZgm+tApSzQRkj9yPa4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDllZjk2YzZkZTMwMTIyYjk2YzEzZDhiN2RlMTdkMTFhNjgxYTYyOTk1M2Iy
MmFkNGE4ZDgyYjk2NzM5NDZjODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsmROMRB4DlbzA6lS1/d03r7mw1TWmnpMR4SL0S4P5ZCSwD1ncG3XDXH02W
4P1UfhX2QrbiLymHal/TYVa1pkjLLbpVenrDUuA243h8Q0dCXR8TB1P2hGwYK9cU
V7dfm26/ChqYdfdvIiCN8DgSCmWjmIa5lZsD4FywHIMCbC3N43KqVQC8TpV0Pei4
6wPSHmzsd4104T0oVP7ZBVIfPdU3uWSe4lIjExecY1Y4x+S9vPwqglZwHOxfSrSR
C23pE9JGnr2Niqod3deLynR6LhXc7NqTsXCXIvJyqSWM+4W/h4hlE/XbPSlFQsbG
FP6MYHOc36wsR7Y2HcKcRfyAU6sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRryW1r
+w+afx95oQlIj1G7+Fd9pTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yzg0MTdkOGQtZGQ1OS00YzljLTkxMzEtNDAxZjQ5MzYxZTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEALW1MryqQFUzSlHYNQ9zgY0iJkdPYulvDAJZCLTMg
BfT5eWS6Q7i5Erx11sMvS/vTTeyZWJkw47WPp1KMfp6rfFqvYwUHZCDnwyX5bqfW
QySu1Hx3CLg9eRyw9p3lsxtVP5ymxAXMyXiex+lQYQZXiV0zh2HlpzRzHnEA5+JL
ZRfPsycI3PQXf0jQt8Zk1+FUKvX5XvMkCBWBVXa7nmQmnzznizL4SNrBpTH4bXxh
oZb494On66nDw+wYahY11VsvnSiZC5lDcpAIKGvA2Vj9b5oKxGQH+ElXXC9hssIG
NzqymvaJNtLjNqEMP277hW2Y5VZYEkA7T/9FfGTpb9qOzQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:41 2025 by rpki-client