Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
File: 4291e769-5d4c-4010-818f-64c1716d6e54.roa (raw, json)
Hash identifier: bdFWtRMmCU+tFoehowghLRPb1ACGvIhaTd1MpCRu5Bs=
Subject key identifier: 1A:3B:05:A7:F1:D5:DB:34:D0:A5:22:BC:3C:8E:82:DB:06:5A:01:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 235683072EDCF2469A30F9E0119C677473410957
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:56:83:07:2e:dc:f2:46:9a:30:f9:e0:11:9c:67:74:73:41:09:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:69:d7:59:11:af:c0:d1:e5:ac:71:e5:02:d7:
23:21:54:90:e5:01:d8:86:5c:cb:54:6e:2f:78:ce:
c9:df:3b:1f:da:a3:54:6e:ee:ee:4f:84:1b:6d:5c:
a9:a0:ae:bf:ef:78:d6:99:5c:c5:3a:7c:fd:4b:03:
1a:e2:82:b6:3d:54:f7:17:c9:d6:e0:fa:7a:c5:3a:
4c:42:30:64:a6:1b:90:a5:e6:46:85:3e:9f:cb:ad:
6e:66:61:34:ea:28:c3:32:81:21:b3:07:7f:85:44:
57:c1:21:a8:ed:03:03:85:88:af:cf:24:7a:08:a1:
3a:68:e5:5c:59:96:97:1b:1a:9e:8a:4b:06:e6:03:
52:a3:cf:dd:d5:bf:3a:eb:a1:ba:79:eb:58:8a:ef:
33:9e:38:80:9f:7e:d3:bb:d0:f5:3c:b6:24:ba:18:
78:97:49:7c:13:5c:4d:9c:03:2c:19:8e:76:b2:b6:
13:d3:8b:13:00:92:88:2e:4e:eb:c7:f8:af:98:f9:
44:1d:bd:c6:a2:aa:81:fc:95:0d:76:c3:09:0b:a4:
31:dd:c2:3e:0f:b2:4b:ac:b9:34:50:87:2c:96:26:
3a:b7:e0:b6:8f:38:6f:1d:f6:d9:56:17:0f:af:d8:
f8:1a:e1:d8:ef:00:c1:e4:ae:d0:0c:ec:b9:d5:d5:
3b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3B:05:A7:F1:D5:DB:34:D0:A5:22:BC:3C:8E:82:DB:06:5A:01:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
96:53:96:2d:08:a5:c9:68:a4:16:ea:e4:53:39:65:da:13:f3:
9b:9b:b1:a6:71:c5:2f:41:10:0a:2d:67:aa:6b:df:86:8d:e9:
38:a2:37:0f:87:29:6c:1e:d3:81:95:24:96:df:ab:e2:a1:d9:
ab:81:52:ab:ae:c1:c0:22:da:b8:49:3a:60:33:cd:06:d7:20:
84:c2:25:16:71:a0:b1:94:71:4e:b9:e5:ea:c6:10:f6:88:84:
d5:7b:c4:a9:69:5f:77:4c:a3:bf:ed:a6:03:fd:a9:f6:aa:31:
dc:76:bc:d6:4a:ce:d2:19:38:53:b6:39:a7:13:ea:86:30:c3:
f5:54:2b:ed:01:f4:4f:b1:8d:2a:f7:25:2b:33:66:2f:d2:09:
00:c3:d5:bb:78:10:d5:96:0b:a3:aa:1e:f7:0f:36:ca:02:c1:
15:6e:60:4a:4a:29:61:35:e8:b9:ff:e5:8c:70:f8:94:0c:b3:
22:8e:01:38:1a:04:18:32:52:22:77:cd:bb:b3:03:ea:92:ad:
42:46:b6:85:f2:81:81:5f:d1:b7:cd:3c:4a:94:e3:0a:38:f9:
f1:f1:72:f8:be:77:5f:7d:3b:4f:f3:eb:21:b4:f7:6a:4d:32:
bd:ed:52:c4:8c:67:35:dc:73:c1:29:72:a8:5e:bc:02:36:fb:
21:c1:f2:bd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI1aDBy7c8kaaMPngEZxndHNBCVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YTgyZjY3ZTI4YTcxYmY0MmQzZmMyYmQ4ZjE3MDI0NTQzYTg4ZGEwNTA0
ZjIzNjUyZTU4ZWFhNDg2M2JhZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP1p11kRr8DR5axx5QLXIyFUkOUB2IZcy1RuL3jOyd87H9qjVG7u7k+EG21c
qaCuv+941plcxTp8/UsDGuKCtj1U9xfJ1uD6esU6TEIwZKYbkKXmRoU+n8utbmZh
NOoowzKBIbMHf4VEV8EhqO0DA4WIr88kegihOmjlXFmWlxsanopLBuYDUqPP3dW/
OuuhunnrWIrvM544gJ9+07vQ9Ty2JLoYeJdJfBNcTZwDLBmOdrK2E9OLEwCSiC5O
68f4r5j5RB29xqKqgfyVDXbDCQukMd3CPg+yS6y5NFCHLJYmOrfgto84bx322VYX
D6/Y+Brh2O8AweSu0AzsudXVO1MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQaOwWn
8dXbNNClIrw8joLbBloBdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDI5MWU3NjktNWQ0Yy00MDEwLTgxOGYtNjRjMTcxNmQ2ZTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAllOWLQilyWikFurkUzll2hPzm5uxpnHFL0EQCi1n
qmvfho3pOKI3D4cpbB7TgZUklt+r4qHZq4FSq67BwCLauEk6YDPNBtcghMIlFnGg
sZRxTrnl6sYQ9oiE1XvEqWlfd0yjv+2mA/2p9qox3Ha81krO0hk4U7Y5pxPqhjDD
9VQr7QH0T7GNKvclKzNmL9IJAMPVu3gQ1ZYLo6oe9w82ygLBFW5gSkopYTXouf/l
jHD4lAyzIo4BOBoEGDJSInfNu7MD6pKtQka2hfKBgV/Rt808SpTjCjj58fFy+L53
X307T/PrIbT3ak0yve1SxIxnNdxzwSlyqF68Ajb7IcHyvQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:25:45 2025 by rpki-client