Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc6c9ef3-9bc2-4d6b-adf2-71f95d7a7acb.roa
File: cc6c9ef3-9bc2-4d6b-adf2-71f95d7a7acb.roa (raw, json)
Hash identifier: pzzhgOYPXV10tEqhK8ZXCx9oga3Ivt6HqeB7AQt2wTE=
Subject key identifier: 65:C3:91:23:4A:35:54:86:EB:8A:C1:B2:C2:B2:C6:6F:F8:16:31:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A4B12F763766C37DA3C73CA1D48B93B4B9AFD3A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc6c9ef3-9bc2-4d6b-adf2-71f95d7a7acb.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.137.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:4b:12:f7:63:76:6c:37:da:3c:73:ca:1d:48:b9:3b:4b:9a:fd:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=006d69849a9598ad51a32510645f73907d01b4031962e66f2148d0f2516f0a17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:55:11:bf:21:68:cb:71:f1:52:a8:86:89:1b:
11:ab:56:9b:ac:c4:4c:e9:58:01:83:76:d4:a1:c6:
98:aa:fc:42:41:82:5f:06:93:a8:99:2a:1e:3c:ab:
e5:eb:24:ba:43:de:58:53:b9:26:b1:65:dc:a0:05:
71:7e:c5:03:dc:38:bc:1a:2a:0a:f2:7e:5e:23:a3:
a5:cc:e8:c7:d5:a9:b0:db:b8:9e:a1:04:0d:3a:5e:
94:dd:74:9c:bb:74:34:95:e8:a8:c1:2a:a5:6d:4d:
0e:21:2e:a5:08:05:0a:ea:24:05:0a:4f:3a:8a:b1:
8b:53:75:0f:08:fa:85:93:a9:56:c2:c6:85:ca:dd:
dd:4c:01:9b:e8:96:0c:9b:2b:79:98:da:52:da:4c:
68:57:53:6d:81:10:e5:a7:93:ec:54:74:57:a5:05:
88:b9:d3:cd:3e:cc:46:bd:d3:b4:8f:dd:83:39:83:
6f:4c:a7:10:cb:10:22:2a:8e:e6:e1:ed:2e:e3:b8:
bc:c5:9a:9e:c3:31:72:36:e9:57:d9:22:18:16:05:
81:42:73:6a:1b:37:5e:f7:47:34:bf:c5:f1:ec:9a:
0f:d2:86:39:49:8e:ce:d8:42:59:d8:9e:70:41:e3:
0e:10:78:25:4a:17:72:d4:20:0a:0e:e6:7c:d6:f9:
5f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C3:91:23:4A:35:54:86:EB:8A:C1:B2:C2:B2:C6:6F:F8:16:31:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc6c9ef3-9bc2-4d6b-adf2-71f95d7a7acb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.137.128.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:13:ed:0e:b6:d7:f0:c6:9b:06:7b:a5:2c:f1:a1:ee:61:87:
6c:bc:2d:e4:4e:0c:d9:c3:ba:e7:81:53:31:78:d1:de:40:84:
24:36:2a:bb:c2:6a:ce:7f:7e:0f:42:d7:5a:2c:bd:33:93:4b:
87:a1:5f:d9:8f:c8:fc:47:1f:be:ed:ab:7a:4a:e9:c6:13:1a:
3d:db:23:6d:12:50:82:e2:e6:5e:9b:90:ec:ed:c4:b9:c6:95:
a6:89:5c:2a:5f:94:65:b1:7c:80:5a:6a:95:c6:e3:89:2e:9a:
bb:26:32:19:32:49:ff:73:0c:07:10:1f:35:31:05:d4:da:a4:
41:a7:8c:bb:05:89:74:40:37:98:d3:2d:33:54:26:99:ea:3a:
ce:0f:a9:de:f4:53:2a:9a:74:a8:ab:99:21:e0:34:de:6b:04:
61:fb:9b:41:6b:3d:89:47:5c:df:10:22:45:4b:d5:1b:e5:f7:
cc:95:74:17:13:e1:cb:89:1d:52:83:82:eb:38:f7:be:77:5e:
15:d5:ac:9c:9e:b6:79:4c:b6:0a:b1:53:00:17:5f:75:95:20:
eb:45:69:9a:68:3e:b7:3a:a2:a3:f3:85:4b:3f:0a:3d:7e:c0:
f9:ac:23:a8:ef:16:9c:3f:c8:43:63:4f:f4:11:4c:c8:61:1b:
97:5e:34:e3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOksS92N2bDfaPHPKHUi5O0ua/TowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNmQ2OTg0OWE5NTk4YWQ1MWEzMjUxMDY0NWY3MzkwN2QwMWI0MDMxOTYy
ZTY2ZjIxNDhkMGYyNTE2ZjBhMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhVEb8haMtx8VKohokbEatWm6zETOlYAYN21KHGmKr8QkGCXwaTqJkqHjyr
5eskukPeWFO5JrFl3KAFcX7FA9w4vBoqCvJ+XiOjpczox9WpsNu4nqEEDTpelN10
nLt0NJXoqMEqpW1NDiEupQgFCuokBQpPOoqxi1N1Dwj6hZOpVsLGhcrd3UwBm+iW
DJsreZjaUtpMaFdTbYEQ5aeT7FR0V6UFiLnTzT7MRr3TtI/dgzmDb0ynEMsQIiqO
5uHtLuO4vMWansMxcjbpV9kiGBYFgUJzahs3XvdHNL/F8eyaD9KGOUmOzthCWdie
cEHjDhB4JUoXctQgCg7mfNb5XzcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRlw5Ej
SjVUhuuKwbLCssZv+BYxlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2M2YzllZjMtOWJjMi00ZDZiLWFkZjItNzFmOTVkN2E3YWNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi6JgDAN
BgkqhkiG9w0BAQsFAAOCAQEAihPtDrbX8MabBnulLPGh7mGHbLwt5E4M2cO654FT
MXjR3kCEJDYqu8Jqzn9+D0LXWiy9M5NLh6Ff2Y/I/Ecfvu2rekrpxhMaPdsjbRJQ
guLmXpuQ7O3EucaVpolcKl+UZbF8gFpqlcbjiS6auyYyGTJJ/3MMBxAfNTEF1Nqk
QaeMuwWJdEA3mNMtM1Qmmeo6zg+p3vRTKpp0qKuZIeA03msEYfubQWs9iUdc3xAi
RUvVG+X3zJV0FxPhy4kdUoOC6zj3vndeFdWsnJ62eUy2CrFTABdfdZUg60Vpmmg+
tzqio/OFSz8KPX7A+awjqO8WnD/IQ2NP9BFMyGEbl1404w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:21 2025 by rpki-client