Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
File: 11438c8f-0517-4bd0-b3e1-4c738a71c912.roa (raw, json)
Hash identifier: mji0OU9eOB4FVfjosEzwjOQ2+wavpTaHsuGoPNxdXIo=
Subject key identifier: 84:48:1F:41:AA:22:41:70:20:EC:10:ED:78:8F:A5:2D:C2:26:89:64
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 42D0ED6A16FA17FCF2781C3DA12109DE938D5C3B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:d0:ed:6a:16:fa:17:fc:f2:78:1c:3d:a1:21:09:de:93:8d:5c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=58f527eb0a96052993e10add150044178e277bf9cdea2c8e390454b90237e95f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:2e:fe:12:2d:95:5f:b9:68:a7:95:3a:d8:
61:da:00:cc:e7:69:b9:f2:ab:59:51:91:b3:99:7b:
49:8f:7e:46:e1:f2:fa:f9:15:26:14:c9:d3:e8:bf:
ed:79:d3:a0:52:cf:c3:a8:10:03:d6:c2:f6:dc:00:
d6:7e:cd:34:fe:f2:74:fa:58:74:6e:67:a4:af:e1:
8c:26:bf:2a:7a:20:f2:5b:2a:c2:cc:ac:70:a7:9d:
75:34:36:0f:c4:34:65:b6:5c:0d:e0:00:20:60:b7:
6d:db:a8:0b:11:ae:8d:bb:62:d6:f8:f5:99:a0:f8:
74:a2:fa:1b:08:36:b3:8a:1b:5d:36:9b:b4:e2:a2:
01:17:8e:a7:5b:a6:a2:c1:11:7a:75:73:27:bb:6c:
f8:5a:05:66:75:5b:27:f7:f4:7b:ac:0a:d1:6a:37:
c2:82:95:f5:35:a0:26:11:9f:50:de:e6:41:a9:c1:
66:c3:95:7a:cc:49:20:9e:2c:bd:1f:6f:f5:6a:83:
53:1f:85:75:b8:cf:39:48:87:c6:bd:d6:70:e5:ee:
ae:4d:95:e9:38:75:d3:32:7f:3c:f6:28:38:be:0d:
9e:68:68:8b:71:46:6e:4f:04:80:98:ac:ca:f6:34:
db:ad:a0:b9:7e:b8:49:17:5e:87:db:d2:b7:38:ee:
1a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:48:1F:41:AA:22:41:70:20:EC:10:ED:78:8F:A5:2D:C2:26:89:64
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11438c8f-0517-4bd0-b3e1-4c738a71c912.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.32.0/19
Signature Algorithm: sha256WithRSAEncryption
28:b0:dd:87:dc:c0:73:d5:95:13:6d:2d:8c:57:89:dc:2a:f3:
d3:a6:a0:7a:84:9f:fc:9a:1c:d7:52:65:ab:8f:da:7b:85:80:
71:4f:e0:1c:b8:43:bc:a7:b5:2a:db:ad:b1:90:f6:02:a4:29:
e5:0a:68:00:ff:2b:c9:28:cb:29:ab:71:1c:22:2d:99:db:11:
60:59:be:38:3c:47:25:c3:8c:5e:94:86:35:de:5d:d8:3b:24:
19:52:c6:88:bf:a6:de:ed:d0:3a:07:99:18:31:49:50:c2:e8:
8b:c6:82:55:94:20:96:47:74:98:0c:9e:cd:ff:cc:66:9d:fc:
e3:bf:e3:d5:1f:6b:e4:ba:d9:68:b5:64:92:29:00:44:29:6f:
79:b2:bd:e0:e4:64:3b:fb:c2:e7:a2:c6:c2:44:9d:7e:18:4a:
f9:92:14:4a:71:9d:d5:6d:10:20:a9:98:a9:da:5b:9e:28:79:
f7:dd:fc:8d:b5:5d:0b:dc:29:e5:ee:4a:95:92:a4:db:fe:ad:
e2:ad:5f:b3:b3:7d:4f:01:0b:2b:75:af:55:26:f0:70:9f:12:
8c:13:c6:91:f9:b7:39:91:c2:e9:c7:76:35:62:25:11:e2:5d:
09:66:0d:b0:7d:ba:c7:71:71:17:c4:07:24:ca:6d:2c:64:85:
d0:8a:22:88
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQtDtahb6F/zyeBw9oSEJ3pONXDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4ZjUyN2ViMGE5NjA1Mjk5M2UxMGFkZDE1MDA0NDE3OGUyNzdiZjljZGVh
MmM4ZTM5MDQ1NGI5MDIzN2U5NWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5uLv4SLZVfuWinlTrYYdoAzOdpufKrWVGRs5l7SY9+RuHy+vkVJhTJ0+i/
7XnToFLPw6gQA9bC9twA1n7NNP7ydPpYdG5npK/hjCa/Knog8lsqwsyscKeddTQ2
D8Q0ZbZcDeAAIGC3bduoCxGujbti1vj1maD4dKL6Gwg2s4obXTabtOKiAReOp1um
osERenVzJ7ts+FoFZnVbJ/f0e6wK0Wo3woKV9TWgJhGfUN7mQanBZsOVesxJIJ4s
vR9v9WqDUx+FdbjPOUiHxr3WcOXurk2V6Th10zJ/PPYoOL4Nnmhoi3FGbk8EgJis
yvY0262guX64SRdeh9vStzjuGqMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSESB9B
qiJBcCDsEO14j6UtwiaJZDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE0MzhjOGYtMDUxNy00YmQwLWIzZTEtNGM3MzhhNzFjOTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiIDAN
BgkqhkiG9w0BAQsFAAOCAQEAKLDdh9zAc9WVE20tjFeJ3Crz06ageoSf/Joc11Jl
q4/ae4WAcU/gHLhDvKe1KtutsZD2AqQp5QpoAP8rySjLKatxHCItmdsRYFm+ODxH
JcOMXpSGNd5d2DskGVLGiL+m3u3QOgeZGDFJUMLoi8aCVZQglkd0mAyezf/MZp38
47/j1R9r5LrZaLVkkikARClvebK94ORkO/vC56LGwkSdfhhK+ZIUSnGd1W0QIKmY
qdpbnih59938jbVdC9wp5e5KlZKk2/6t4q1fs7N9TwELK3WvVSbwcJ8SjBPGkfm3
OZHC6cd2NWIlEeJdCWYNsH26x3FxF8QHJMptLGSF0IoiiA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:08:11 2025 by rpki-client