Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
File: e07d74df-535d-4244-b607-95997aa421a3.roa (raw, json)
Hash identifier: Y4iuufkkf+wYqzn2FcotvbwppH6DAAOK1Z8AT3CY9mc=
Subject key identifier: 86:B7:98:AA:C8:0F:25:6C:F1:E4:8F:3C:42:03:D8:2B:28:EB:D8:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C71E26FABB5FD2BB1FDA27FF22A6648AA46EDA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:71:e2:6f:ab:b5:fd:2b:b1:fd:a2:7f:f2:2a:66:48:aa:46:ed:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:25:07:04:f0:7e:0e:da:83:42:51:8f:1e:cc:
f3:04:7e:22:14:a7:00:15:84:63:27:f3:7f:8a:6d:
61:74:20:7b:3d:49:c8:59:5c:b2:9d:73:28:6d:95:
53:b5:75:87:41:fd:25:f3:4b:f2:fe:03:b7:5f:15:
bd:41:05:4e:4c:74:43:db:b0:d1:73:f6:71:84:ce:
4e:0f:64:51:ce:cf:77:cc:40:77:ce:57:4a:3a:33:
d2:95:40:bb:24:75:1c:04:d4:52:3a:f4:ff:40:ce:
66:9f:ab:1f:97:6d:e0:c2:ed:8e:49:86:28:79:da:
55:97:a5:fe:5c:2b:15:e9:c1:86:80:2a:55:48:4d:
69:45:14:60:c2:b7:9b:3c:d6:46:18:22:37:c7:e2:
05:60:c1:0a:78:84:10:77:e4:79:63:01:f8:4a:f8:
8c:84:09:ee:0e:b7:26:2f:a4:2a:e9:a8:08:e9:3c:
d4:1b:e9:6a:8b:66:f9:ca:49:c4:cf:04:29:67:ec:
27:d2:08:f8:33:23:ad:a1:27:9e:30:30:43:60:00:
79:d6:65:69:c5:d9:38:f2:e4:7c:a7:5e:1d:9a:71:
5f:7c:dc:8a:f8:5e:71:20:6c:29:0e:a4:ee:a2:ec:
cb:4f:01:ef:07:f5:2e:e6:a6:00:ba:d6:3f:fa:e3:
c4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B7:98:AA:C8:0F:25:6C:F1:E4:8F:3C:42:03:D8:2B:28:EB:D8:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:07:cf:a5:57:4b:3f:07:bc:23:08:dc:8e:9a:ca:09:fb:55:
00:90:1c:70:82:95:d4:56:ae:7a:95:09:d5:58:79:a8:e7:8e:
74:c1:48:f4:ae:4f:27:7a:72:71:d8:b0:20:a2:3f:99:73:8c:
33:6c:7b:6d:76:21:7a:7d:63:1a:16:5d:32:9d:1c:00:ee:c5:
e3:14:39:4d:9b:a2:f5:98:04:ee:de:10:86:80:e6:e8:68:8d:
76:81:86:5c:b6:44:24:65:2d:3b:b3:fd:47:04:58:5e:4f:8e:
af:4f:ee:b4:56:ab:e1:36:ef:9e:79:05:e5:5f:b8:46:ae:28:
d9:2d:b4:79:57:a0:94:8d:3e:3a:ff:dc:d8:26:cd:2d:ed:b8:
a0:2d:63:be:fd:71:da:69:c9:f6:1f:ac:df:c4:64:50:f0:d6:
26:24:b8:3b:b0:44:2c:b2:be:65:9b:f7:ca:97:9a:4d:e9:d1:
3c:56:c8:23:df:08:3f:01:b2:cd:42:18:e6:d7:ad:69:1d:67:
97:08:f3:ae:27:0e:3b:cf:27:4a:8d:59:b6:e8:08:88:4d:cb:
18:61:37:8a:9f:37:5a:dc:a4:79:b8:c4:a7:8e:7b:6b:32:9d:
b7:72:f3:0f:ca:0b:37:3d:0a:f7:6e:4a:85:5e:60:79:f6:af:
9e:49:fb:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbHHib6u1/Sux/aJ/8ipmSKpG7aEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNWEyNDE2ODcwMzgyMjRkMGZlYWFkYjQ2MWQ2M2NmZjJkOWU0ZmZiZjcy
Y2MzOThlNmVkMmI4ZmQyNGZkZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwlBwTwfg7ag0JRjx7M8wR+IhSnABWEYyfzf4ptYXQgez1JyFlcsp1zKG2V
U7V1h0H9JfNL8v4Dt18VvUEFTkx0Q9uw0XP2cYTOTg9kUc7Pd8xAd85XSjoz0pVA
uyR1HATUUjr0/0DOZp+rH5dt4MLtjkmGKHnaVZel/lwrFenBhoAqVUhNaUUUYMK3
mzzWRhgiN8fiBWDBCniEEHfkeWMB+Er4jIQJ7g63Ji+kKumoCOk81Bvpaotm+cpJ
xM8EKWfsJ9II+DMjraEnnjAwQ2AAedZlacXZOPLkfKdeHZpxX3zcivhecSBsKQ6k
7qLsy08B7wf1LuamALrWP/rjxIkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSGt5iq
yA8lbPHkjzxCA9grKOvYljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTA3ZDc0ZGYtNTM1ZC00MjQ0LWI2MDctOTU5OTdhYTQyMWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAegfPpVdLPwe8IwjcjprKCftVAJAccIKV1FauepUJ
1Vh5qOeOdMFI9K5PJ3pycdiwIKI/mXOMM2x7bXYhen1jGhZdMp0cAO7F4xQ5TZui
9ZgE7t4QhoDm6GiNdoGGXLZEJGUtO7P9RwRYXk+Or0/utFar4TbvnnkF5V+4Rq4o
2S20eVeglI0+Ov/c2CbNLe24oC1jvv1x2mnJ9h+s38RkUPDWJiS4O7BELLK+ZZv3
ypeaTenRPFbII98IPwGyzUIY5tetaR1nlwjzricOO88nSo1ZtugIiE3LGGE3ip83
WtykebjEp457azKdt3LzD8oLNz0K925KhV5gefavnkn7+Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:26:45 2025 by rpki-client