Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
File: e5242553-2ce0-44b9-a44b-832a808bc6b1.roa (raw, json)
Hash identifier: g4jVfskbF4XRkp/v0sDPWRqVe+dyzJR/f1Nn/QTDjQg=
Subject key identifier: F1:F6:23:73:09:81:48:9D:0B:37:58:C5:87:FF:CA:00:9E:BA:50:28
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EDFD09A19D01B0267A5AD1A83ADC5D33D121BCF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:df:d0:9a:19:d0:1b:02:67:a5:ad:1a:83:ad:c5:d3:3d:12:1b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f7:03:b2:96:b6:f4:88:d5:f4:c1:fe:1a:4a:
95:96:5e:b6:5b:db:f8:6c:42:5d:6a:f0:3d:80:d9:
6b:91:85:8b:1a:be:42:c8:05:d5:db:ed:26:99:b0:
f8:3a:e0:fc:eb:01:a6:95:08:99:c2:ea:4d:65:76:
68:36:e0:26:75:35:e3:5e:2d:be:30:b3:94:5b:68:
b9:ab:2d:7e:83:d3:f4:41:66:8b:02:ff:f1:17:b6:
72:47:7b:d3:5c:f5:59:e1:c3:d4:9b:25:15:b7:ef:
76:e4:ed:ff:32:35:ee:04:75:df:89:69:f8:5c:59:
3f:2b:55:ef:84:85:5c:14:d2:ce:98:27:e2:f0:cc:
87:9d:4a:d2:56:a6:a5:26:33:52:a2:fe:de:00:ad:
40:b5:3c:fe:c5:d3:f7:aa:2d:07:f0:96:ac:80:01:
8e:3f:b7:9d:4b:7c:b2:ca:2b:a6:70:26:84:49:4e:
c2:db:27:c5:dd:00:a6:07:73:ab:18:64:c4:5b:c0:
aa:23:f0:79:3a:f5:86:91:b3:1e:c6:20:10:55:f5:
58:31:76:2b:85:e2:7e:2f:85:ca:c6:9d:64:c9:59:
00:3a:76:ea:6c:d3:aa:be:2c:61:20:d6:51:ae:cb:
91:3c:6e:b7:2d:6e:ae:5f:c0:6f:f4:c5:72:a7:33:
1c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F6:23:73:09:81:48:9D:0B:37:58:C5:87:FF:CA:00:9E:BA:50:28
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d6:94:6d:03:14:7e:77:92:c8:4a:5b:7d:a6:21:b2:26:9b:b1:
e3:db:83:9c:d9:e3:1f:90:9b:13:a8:f6:81:b7:06:72:0b:29:
c9:90:70:1e:1b:82:5f:74:a9:ed:b7:90:b3:b7:da:3a:58:2a:
46:1a:32:57:19:79:ee:1a:a5:b6:76:87:f0:9f:c7:ac:f1:4f:
2f:bd:ac:4f:b4:43:9c:81:16:04:21:41:2c:a8:39:e7:d1:54:
f3:73:0f:2b:fb:33:4d:20:33:6b:19:f9:8c:d6:a7:75:4e:2b:
78:61:68:47:d9:be:7d:90:2d:22:ab:08:93:55:c9:58:78:fb:
d7:70:77:ac:c7:c8:fb:eb:2a:40:be:d8:cc:a3:71:22:f1:b2:
37:5c:63:17:60:14:98:3c:16:f8:2d:8f:80:00:d1:7a:ae:dc:
3d:d8:31:78:46:e5:48:40:c8:05:51:a6:82:cd:6b:0f:a6:6b:
08:f2:aa:7b:23:20:3d:91:59:55:fe:f3:da:ea:37:8f:25:6a:
e2:2b:83:8f:dd:51:93:ce:ba:32:df:70:f6:6a:55:6c:d1:c5:
47:97:b8:76:8e:9e:6f:13:ef:c9:ca:f0:6a:f8:4c:d2:3d:44:
e2:bf:9c:e8:51:bd:f8:af:ae:c3:0b:ca:dd:29:db:42:22:79:
54:45:16:2a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXt/QmhnQGwJnpa0ag63F0z0SG88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmNDUyOWQ1MjVmOTQ4ODgwNmVhYTYxZDU0OWMyNTk3ZWNmZmYxZjc2ODgx
YzU5NjE5Y2ZhNzY0ZjdjNjMzMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJD3A7KWtvSI1fTB/hpKlZZetlvb+GxCXWrwPYDZa5GFixq+QsgF1dvtJpmw
+Drg/OsBppUImcLqTWV2aDbgJnU1414tvjCzlFtouastfoPT9EFmiwL/8Re2ckd7
01z1WeHD1JslFbfvduTt/zI17gR134lp+FxZPytV74SFXBTSzpgn4vDMh51K0lam
pSYzUqL+3gCtQLU8/sXT96otB/CWrIABjj+3nUt8ssorpnAmhElOwtsnxd0Apgdz
qxhkxFvAqiPweTr1hpGzHsYgEFX1WDF2K4Xifi+FysadZMlZADp26mzTqr4sYSDW
Ua7LkTxuty1url/Ab/TFcqczHJkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTx9iNz
CYFInQs3WMWH/8oAnrpQKDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTUyNDI1NTMtMmNlMC00NGI5LWE0NGItODMyYTgwOGJjNmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQDWlG0DFH53kshKW32mIbImm7Hj24Oc2eMfkJsTqPaB
twZyCynJkHAeG4JfdKntt5Czt9o6WCpGGjJXGXnuGqW2dofwn8es8U8vvaxPtEOc
gRYEIUEsqDnn0VTzcw8r+zNNIDNrGfmM1qd1Tit4YWhH2b59kC0iqwiTVclYePvX
cHesx8j76ypAvtjMo3Ei8bI3XGMXYBSYPBb4LY+AANF6rtw92DF4RuVIQMgFUaaC
zWsPpmsI8qp7IyA9kVlV/vPa6jePJWriK4OP3VGTzroy33D2alVs0cVHl7h2jp5v
E+/JyvBq+EzSPUTiv5zoUb34r67DC8rdKdtCInlURRYq
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:12:47 2025 by rpki-client