Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
File: e70f0462-459f-447a-88cd-62a494e81770.roa (raw, json)
Hash identifier: P4zMkMItSOPgvf44WRZgjPxW6PEoU/ks5XZ1LtFx3BU=
Subject key identifier: 99:B1:B8:9B:4D:A5:09:F4:A1:F5:98:96:57:4E:CE:C3:E1:E8:61:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1095B667A297B6C78DED8DDCF2278591D9BCED79
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.216.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:95:b6:67:a2:97:b6:c7:8d:ed:8d:dc:f2:27:85:91:d9:bc:ed:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=fca265a07d65f8c86f03e3200e7ce752c61e6a67422173826277cde9350fcd47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5b:20:d6:6f:25:25:c5:b3:2c:9e:f7:ff:2b:
42:f6:a4:be:70:a8:70:24:3d:ed:47:3d:d8:a3:89:
40:21:18:66:55:8e:36:ac:53:76:dc:b7:03:64:12:
6c:bb:0f:4a:46:b9:45:e9:dc:83:24:14:a1:e7:9b:
b9:9e:93:d5:0e:e7:62:19:80:e3:ee:48:d5:02:0e:
48:c6:18:23:93:3f:a2:dd:12:43:50:07:b4:17:d5:
59:f9:e4:23:c0:e2:6d:f7:61:60:d1:ea:64:9e:9a:
ca:fe:40:79:f5:47:19:3a:53:fc:3d:48:ed:00:b3:
df:17:36:3a:61:8a:f9:72:25:d0:32:18:40:dc:9d:
7a:5e:19:b2:9a:fa:63:09:5b:d1:d7:3a:9e:58:67:
fa:e2:03:7a:80:97:17:e8:0a:6e:29:b8:86:49:3b:
36:da:8e:ba:46:15:05:02:bc:8b:89:fd:8c:2a:38:
78:1e:e0:72:3b:c2:a8:65:2a:dd:cf:fd:9b:cc:43:
6e:a1:3f:e2:86:b7:53:22:90:63:72:3a:91:63:f3:
35:d3:cf:9d:6c:17:d3:59:b7:1c:a3:e8:4b:43:52:
d1:18:fd:7d:d4:03:2b:0d:6a:1a:ea:3a:4f:17:62:
d2:81:b4:a4:7f:87:c0:32:1a:08:32:1e:bc:7c:b9:
9f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B1:B8:9B:4D:A5:09:F4:A1:F5:98:96:57:4E:CE:C3:E1:E8:61:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e70f0462-459f-447a-88cd-62a494e81770.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:49:b6:bd:2c:bf:4c:a7:23:a3:67:b3:46:02:97:6a:7b:26:
c5:34:51:af:80:fd:7b:d2:1c:8d:01:1f:34:8b:c8:45:01:ca:
92:8b:04:c4:cb:4c:d0:d0:18:d7:91:d5:1a:47:8e:3e:c9:bf:
3c:1e:59:f1:70:d9:da:f1:4c:e5:48:cd:c6:5c:ea:fb:16:3c:
c0:9e:50:e1:1f:47:8c:b2:aa:65:6b:85:72:63:3b:3d:d3:59:
5e:a2:37:6d:6d:e4:68:f2:6b:08:7c:c4:d7:d2:82:af:25:0a:
bd:c3:1c:53:f4:5d:20:d9:94:26:9b:2b:92:97:cd:bc:03:e8:
5e:57:ff:8a:0e:60:3e:79:c3:41:04:26:04:de:d3:fa:24:ee:
3d:10:78:13:71:99:06:c0:44:2b:e4:41:f5:b8:e2:89:85:4f:
24:68:dd:32:5e:32:cc:7c:3f:9b:07:47:8f:bb:c3:a4:a4:36:
74:17:31:46:6a:60:21:b2:02:e6:a8:a1:a7:fe:58:76:ae:6b:
91:52:86:ce:95:7b:6e:1b:2a:25:15:40:30:a4:cc:5e:7e:16:
5a:2b:ee:43:5d:92:65:63:04:9f:a2:05:30:63:6e:23:62:64:
25:9f:09:03:c1:5e:9e:84:31:b5:0c:31:56:54:43:f0:3e:71:
09:3f:36:25
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEJW2Z6KXtseN7Y3c8ieFkdm87XkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjYTI2NWEwN2Q2NWY4Yzg2ZjAzZTMyMDBlN2NlNzUyYzYxZTZhNjc0MjIx
NzM4MjYyNzdjZGU5MzUwZmNkNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpbINZvJSXFsyye9/8rQvakvnCocCQ97Uc92KOJQCEYZlWONqxTdty3A2QS
bLsPSka5RencgyQUoeebuZ6T1Q7nYhmA4+5I1QIOSMYYI5M/ot0SQ1AHtBfVWfnk
I8DibfdhYNHqZJ6ayv5AefVHGTpT/D1I7QCz3xc2OmGK+XIl0DIYQNydel4Zspr6
Ywlb0dc6nlhn+uIDeoCXF+gKbim4hkk7NtqOukYVBQK8i4n9jCo4eB7gcjvCqGUq
3c/9m8xDbqE/4oa3UyKQY3I6kWPzNdPPnWwX01m3HKPoS0NS0Rj9fdQDKw1qGuo6
Txdi0oG0pH+HwDIaCDIevHy5n70CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSZsbib
TaUJ9KH1mJZXTs7D4ehhEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTcwZjA0NjItNDU5Zi00NDdhLTg4Y2QtNjJhNDk0ZTgxNzcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy4z2DAN
BgkqhkiG9w0BAQsFAAOCAQEAXkm2vSy/TKcjo2ezRgKXansmxTRRr4D9e9IcjQEf
NIvIRQHKkosExMtM0NAY15HVGkeOPsm/PB5Z8XDZ2vFM5UjNxlzq+xY8wJ5Q4R9H
jLKqZWuFcmM7PdNZXqI3bW3kaPJrCHzE19KCryUKvcMcU/RdINmUJpsrkpfNvAPo
Xlf/ig5gPnnDQQQmBN7T+iTuPRB4E3GZBsBEK+RB9bjiiYVPJGjdMl4yzHw/mwdH
j7vDpKQ2dBcxRmpgIbIC5qihp/5Ydq5rkVKGzpV7bhsqJRVAMKTMXn4WWivuQ12S
ZWMEn6IFMGNuI2JkJZ8JA8FenoQxtQwxVlRD8D5xCT82JQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:56 2025 by rpki-client