Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/373cce23-881c-4767-b758-59583f7c5cd3.roa
File: 373cce23-881c-4767-b758-59583f7c5cd3.roa (raw, json)
Hash identifier: VTe3v9hucb2t4LzsIx82vuH/Y1xGzUTbzlRuRImfLgI=
Subject key identifier: 54:26:E1:AB:BE:2C:66:A7:38:49:5D:3F:CE:19:93:B9:50:43:DE:E5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0DEA69D7F3A39DF211C32DAB8FB07E7CCD59B40B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/373cce23-881c-4767-b758-59583f7c5cd3.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 178.236.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:ea:69:d7:f3:a3:9d:f2:11:c3:2d:ab:8f:b0:7e:7c:cd:59:b4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=5f65abaf4d6ab764b44f6727800e4b99ab8dde6a2ceca2d2de1f6eb839ad72a5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8f:97:40:1b:2d:bc:ec:bb:a5:dd:76:29:7b:
f2:73:22:41:40:46:f3:63:9f:dc:e3:b1:4f:3f:c7:
e1:09:40:81:5f:65:52:d2:72:c4:01:5a:11:c6:06:
b3:bd:19:2b:dc:1f:56:41:19:31:26:b7:c2:c4:44:
5c:5c:7c:11:c4:0a:69:9d:ad:3c:77:09:aa:d9:3d:
08:d5:7a:be:76:53:4b:38:59:e6:17:f1:04:13:83:
8c:a6:c3:82:39:74:a2:7c:49:d0:90:b8:0b:b8:b4:
bc:17:b7:66:c3:4a:46:21:d6:75:ed:6a:49:42:27:
2a:c2:2f:95:39:a9:ff:27:76:38:27:2a:64:64:7a:
15:5a:bf:8f:b1:4b:6b:79:96:6d:31:ed:a9:fb:22:
c6:09:13:b4:8a:2e:76:51:f8:a5:54:16:ed:68:bc:
a3:9a:57:4a:1f:cf:9b:c7:11:7a:2d:58:35:ab:2d:
ac:52:07:09:4c:08:3e:61:41:89:fd:5a:09:bb:f1:
19:44:53:07:a6:ca:71:a2:f0:56:ed:29:c8:ca:52:
2e:64:19:c5:7c:10:69:86:3a:c4:35:7e:e2:5e:70:
d8:60:07:93:d5:8b:aa:5e:d8:a3:46:61:1e:72:17:
0a:54:a1:08:da:3c:4c:3a:af:db:87:29:e3:44:70:
30:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:26:E1:AB:BE:2C:66:A7:38:49:5D:3F:CE:19:93:B9:50:43:DE:E5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/373cce23-881c-4767-b758-59583f7c5cd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.0.0/20
Signature Algorithm: sha256WithRSAEncryption
a3:00:74:12:51:b6:a6:e5:cb:9c:f7:fb:ed:bb:9a:0c:68:e4:
3f:05:2a:92:23:4f:ee:99:db:ed:6d:7c:00:69:d3:39:f6:04:
f0:b0:97:47:f7:10:71:12:4b:d5:b4:d8:ec:e5:25:56:02:74:
a6:75:e9:00:43:6f:45:9c:07:00:92:51:c0:aa:e9:16:8e:8b:
c7:bd:49:fe:9f:d9:f0:7c:d7:ad:8f:8f:a0:a0:7c:d9:ca:11:
67:fa:04:5c:f2:58:93:45:c5:e2:cd:38:99:b8:1a:cf:83:db:
51:4e:f6:7f:ad:71:7a:a7:ef:7e:2e:44:2a:5c:79:30:9e:32:
ce:a0:bc:fe:ee:a9:c9:c7:c3:18:24:94:a8:27:3e:8b:99:a1:
d8:b0:63:4b:43:62:1f:29:53:a3:4f:74:d8:28:a6:45:9c:06:
43:93:0d:75:97:c9:e3:96:16:8f:f8:46:78:97:b0:ed:5a:9d:
30:a6:cc:65:7c:63:a7:63:ce:62:df:c7:31:c6:90:31:0e:f0:
4e:c6:11:76:e2:56:85:ee:ba:a9:b4:24:84:b8:33:f5:3b:2b:
fd:ab:6a:ba:b8:0e:11:af:83:77:6b:32:d8:d8:36:ca:a8:67:
fa:18:ea:69:54:35:f5:f4:7e:75:f7:bb:bc:9f:dd:75:38:d4:
3e:d0:13:30
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDepp1/OjnfIRwy2rj7B+fM1ZtAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmNjVhYmFmNGQ2YWI3NjRiNDRmNjcyNzgwMGU0Yjk5YWI4ZGRlNmEyY2Vj
YTJkMmRlMWY2ZWI4MzlhZDcyYTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIuPl0AbLbzsu6Xddil78nMiQUBG82Of3OOxTz/H4QlAgV9lUtJyxAFaEcYG
s70ZK9wfVkEZMSa3wsREXFx8EcQKaZ2tPHcJqtk9CNV6vnZTSzhZ5hfxBBODjKbD
gjl0onxJ0JC4C7i0vBe3ZsNKRiHWde1qSUInKsIvlTmp/yd2OCcqZGR6FVq/j7FL
a3mWbTHtqfsixgkTtIoudlH4pVQW7Wi8o5pXSh/Pm8cRei1YNastrFIHCUwIPmFB
if1aCbvxGURTB6bKcaLwVu0pyMpSLmQZxXwQaYY6xDV+4l5w2GAHk9WLql7Yo0Zh
HnIXClShCNo8TDqv24cp40RwMO8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRUJuGr
vixmpzhJXT/OGZO5UEPe5TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzczY2NlMjMtODgxYy00NzY3LWI3NTgtNTk1ODNmN2M1Y2QzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLLsADAN
BgkqhkiG9w0BAQsFAAOCAQEAowB0ElG2puXLnPf77buaDGjkPwUqkiNP7pnb7W18
AGnTOfYE8LCXR/cQcRJL1bTY7OUlVgJ0pnXpAENvRZwHAJJRwKrpFo6Lx71J/p/Z
8HzXrY+PoKB82coRZ/oEXPJYk0XF4s04mbgaz4PbUU72f61xeqfvfi5EKlx5MJ4y
zqC8/u6pycfDGCSUqCc+i5mh2LBjS0NiHylTo0902CimRZwGQ5MNdZfJ45YWj/hG
eJew7VqdMKbMZXxjp2POYt/HMcaQMQ7wTsYRduJWhe66qbQkhLgz9Tsr/atqurgO
Ea+Dd2sy2Ng2yqhn+hjqaVQ19fR+dfe7vJ/ddTjUPtATMA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:08:10 2025 by rpki-client