Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0fed6a9b-dfef-4f11-831b-8067302411ff.roa
File: 0fed6a9b-dfef-4f11-831b-8067302411ff.roa (raw, json)
Hash identifier: Uz69gCxlmgwR4F1Qnh0eF3HTwvrrepXuq9070M3/Xmc=
Subject key identifier: 90:0B:17:36:BB:D7:58:34:D2:8D:50:5B:8D:E2:80:C9:53:05:AE:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5ABF4AFC8939DA97DE4C41A5A480513E5464D107
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0fed6a9b-dfef-4f11-831b-8067302411ff.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:bf:4a:fc:89:39:da:97:de:4c:41:a5:a4:80:51:3e:54:64:d1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:5c:0e:d1:b5:60:15:3f:69:66:e8:03:f2:23:
11:d7:6b:00:97:f1:ff:18:3d:85:93:88:96:b0:69:
fc:bf:e4:9d:57:8b:29:67:6b:0a:b3:84:69:65:20:
cc:3f:f2:3b:62:11:52:26:5d:e0:54:cd:1d:80:9b:
7a:17:8a:3b:b6:1b:64:c0:95:1c:8c:45:cb:6b:45:
32:bd:1e:e8:4b:10:18:c2:32:45:c1:68:29:e1:30:
78:c4:17:aa:09:df:b3:3e:35:5a:27:24:75:ce:62:
23:d0:87:23:be:f4:ef:6e:d5:c1:b1:6c:c4:09:43:
41:47:6d:6c:16:c2:97:c6:9d:22:62:1e:3b:1b:68:
c6:03:1b:86:7a:77:6a:e2:30:88:80:b9:71:d4:41:
5e:02:17:bb:cd:34:43:90:3e:9a:48:8a:88:08:2a:
d3:ea:ae:b6:24:2e:4c:79:e8:5c:eb:89:6b:91:bd:
e1:f6:33:2c:b4:26:94:ea:87:1b:26:35:f5:91:99:
11:35:51:5c:d8:aa:6a:e9:95:9f:34:ed:70:25:74:
33:4f:27:c5:0e:c2:0a:d7:74:18:08:96:77:87:8e:
12:48:26:42:d8:57:d3:53:ae:47:37:ec:ac:1f:f2:
30:f8:d1:01:a9:35:79:7f:2a:33:4b:a0:21:e4:c0:
35:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0B:17:36:BB:D7:58:34:D2:8D:50:5B:8D:E2:80:C9:53:05:AE:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0fed6a9b-dfef-4f11-831b-8067302411ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:c0:3a:40:8c:bf:be:92:8f:ef:40:57:80:68:5d:81:e4:b3:
75:99:c3:3b:fb:50:e0:83:4a:00:a4:6d:11:21:ca:37:da:72:
9c:54:63:c1:9f:af:f6:3b:66:45:04:9f:c4:4d:cb:0a:fd:92:
66:c4:3d:81:b5:d8:b7:ad:48:68:5e:35:51:8d:0a:a8:3d:b2:
14:2b:a3:ce:fe:66:e1:d2:55:ef:5d:cc:05:f1:58:e9:2a:1f:
57:cf:9c:8b:ea:8a:65:bb:a5:18:12:92:d0:45:07:94:1d:bf:
ea:53:dd:11:8a:47:85:23:bf:41:ba:dc:f1:58:64:11:8d:28:
61:31:1d:2f:9b:bd:73:2b:f1:22:eb:b5:9b:04:0d:d3:0c:eb:
5d:8b:6a:dc:8d:bd:61:8e:39:bf:86:f8:2b:77:de:dc:d3:21:
07:0d:aa:c8:94:60:14:f4:3f:04:2a:3d:ef:12:7d:a5:3a:02:
bb:ea:52:5d:6b:14:30:f2:77:6a:80:cc:46:08:23:86:bb:d9:
2b:fb:c7:b3:cd:f2:85:2a:b3:b0:9c:83:43:0c:15:69:39:62:
e6:03:ad:90:0b:c9:f3:8c:de:ce:fe:dd:da:37:70:82:e0:29:
4e:8d:f1:98:6d:18:cb:59:9d:7e:09:a4:d4:04:01:6e:0f:82:
39:fa:a5:f0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWr9K/Ik52pfeTEGlpIBRPlRk0QcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YzY3M2QyY2U4MmUwMjhmM2Q5ZDM5MWUyMGM3ZmMyYmU1ZTUxZWY1NzVl
YzdjOGUyNDllMThmZmJiN2Q0ZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxcDtG1YBU/aWboA/IjEddrAJfx/xg9hZOIlrBp/L/knVeLKWdrCrOEaWUg
zD/yO2IRUiZd4FTNHYCbeheKO7YbZMCVHIxFy2tFMr0e6EsQGMIyRcFoKeEweMQX
qgnfsz41Wickdc5iI9CHI770727VwbFsxAlDQUdtbBbCl8adImIeOxtoxgMbhnp3
auIwiIC5cdRBXgIXu800Q5A+mkiKiAgq0+qutiQuTHnoXOuJa5G94fYzLLQmlOqH
GyY19ZGZETVRXNiqaumVnzTtcCV0M08nxQ7CCtd0GAiWd4eOEkgmQthX01OuRzfs
rB/yMPjRAak1eX8qM0ugIeTANX0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSQCxc2
u9dYNNKNUFuN4oDJUwWuPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGZlZDZhOWItZGZlZi00ZjExLTgzMWItODA2NzMwMjQxMWZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAzcA6QIy/vpKP70BXgGhdgeSzdZnDO/tQ4INKAKRt
ESHKN9pynFRjwZ+v9jtmRQSfxE3LCv2SZsQ9gbXYt61IaF41UY0KqD2yFCujzv5m
4dJV713MBfFY6SofV8+ci+qKZbulGBKS0EUHlB2/6lPdEYpHhSO/Qbrc8VhkEY0o
YTEdL5u9cyvxIuu1mwQN0wzrXYtq3I29YY45v4b4K3fe3NMhBw2qyJRgFPQ/BCo9
7xJ9pToCu+pSXWsUMPJ3aoDMRggjhrvZK/vHs83yhSqzsJyDQwwVaTli5gOtkAvJ
84zezv7d2jdwguApTo3xmG0Yy1mdfgmk1AQBbg+COfql8A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:17:37 2025 by rpki-client