Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa
File: 4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa (raw, json)
Hash identifier: xq+g2U+R8ekR9njMqDZ5FdoVXkQr0b38vOY6CpO8K7Q=
Subject key identifier: 1B:E5:DF:6E:46:1D:C4:20:D9:E7:9A:44:48:42:0C:71:14:71:10:CB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37591FD6E20BE8249BEF1923791C31ACB12FFC1E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:59:1f:d6:e2:0b:e8:24:9b:ef:19:23:79:1c:31:ac:b1:2f:fc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8f:2c:a5:d4:75:a6:4f:07:a7:60:a4:84:09:
2b:0a:97:d3:05:1c:eb:c2:ec:33:e6:26:5c:0b:cf:
8b:51:a2:27:4a:a0:d7:1b:1a:98:b7:01:50:44:ce:
ce:83:c0:5b:54:1b:32:e9:b1:ca:71:ac:c7:44:34:
07:a7:9c:58:be:e2:6c:74:e6:24:eb:58:d3:4d:a0:
48:8b:9e:6c:52:88:f4:6f:8d:59:5e:7b:47:32:eb:
23:3e:10:3a:0e:51:63:64:77:b6:09:66:3c:a6:c0:
c3:69:91:50:33:5f:40:e2:ec:42:b9:44:86:06:f6:
74:16:e7:16:a6:70:cf:39:d4:76:14:68:c2:3e:33:
2a:0f:0a:f1:56:f1:56:b9:eb:6e:5b:6a:51:41:8b:
3d:e9:2c:0e:15:85:4c:43:0d:ab:95:09:f3:fc:ad:
4b:43:7d:fd:63:c2:9a:45:ae:bf:a5:1f:c0:cb:61:
02:ef:e4:87:8d:19:f9:c9:9a:07:98:d4:aa:73:67:
c4:f7:b5:67:58:62:f9:fc:d1:f5:15:c6:6b:6d:fd:
cd:59:13:c1:58:ea:01:4b:48:a1:a0:e0:5d:e7:80:
d8:d6:ed:cb:53:32:ad:77:ec:a2:69:3b:9e:15:73:
ab:f2:e4:40:4d:94:38:f6:f6:36:9a:73:49:1d:4c:
3e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E5:DF:6E:46:1D:C4:20:D9:E7:9A:44:48:42:0C:71:14:71:10:CB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4bca83db-5d32-4ce3-8caa-b8a7b1d238d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:4f:37:94:71:c6:88:8b:ac:5d:6f:e8:5c:1b:74:16:b5:33:
4d:48:ca:54:87:63:c5:d7:3f:51:6b:f1:12:86:2d:c0:a5:74:
5d:c6:15:d6:bf:fc:e6:e0:4e:6b:27:24:10:7a:9a:5d:cf:8c:
18:e6:b2:ee:2a:0b:45:b4:83:aa:18:ab:77:43:1b:b2:bd:ee:
0a:83:6c:dc:9c:2f:8c:97:5b:ef:d5:c5:2a:04:31:48:1f:4e:
22:2e:38:bb:57:31:24:69:a9:a2:23:0a:5d:fc:8f:40:5f:29:
c0:2f:57:67:74:e0:5b:5a:bb:06:2e:27:0d:1e:18:13:22:2e:
af:8c:88:8f:62:a8:bf:f8:e0:d7:64:c9:6a:5b:4c:07:9d:4b:
04:bc:dc:81:b8:f7:a6:28:20:4a:b0:42:39:a5:09:36:be:02:
e0:be:e1:b6:d7:f2:c0:c3:c9:89:09:eb:cc:e8:76:fb:40:c7:
3a:3e:4a:4e:28:8e:eb:1a:93:93:a8:37:5c:34:5f:1d:ea:4d:
b5:94:99:be:09:7f:c2:d2:f1:83:6a:11:1c:35:81:44:e6:06:
40:42:b4:1c:a7:43:d1:c0:4e:0c:71:24:e6:a5:54:63:fa:c5:
51:80:00:13:7d:b2:ef:78:b0:9f:30:85:86:3e:cf:ea:16:17:
33:03:2b:7c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN1kf1uIL6CSb7xkjeRwxrLEv/B4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1ZDE4NzM3ODgzMTg2NDQxZWE2YzcxODJkMjZlNzk3NzFkNWU5NWU2ZmFm
ODdhYmQyYWJlZDkxN2RlNzVmMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqPLKXUdaZPB6dgpIQJKwqX0wUc68LsM+YmXAvPi1GiJ0qg1xsamLcBUETO
zoPAW1QbMumxynGsx0Q0B6ecWL7ibHTmJOtY002gSIuebFKI9G+NWV57RzLrIz4Q
Og5RY2R3tglmPKbAw2mRUDNfQOLsQrlEhgb2dBbnFqZwzznUdhRowj4zKg8K8Vbx
VrnrbltqUUGLPeksDhWFTEMNq5UJ8/ytS0N9/WPCmkWuv6UfwMthAu/kh40Z+cma
B5jUqnNnxPe1Z1hi+fzR9RXGa239zVkTwVjqAUtIoaDgXeeA2Nbty1MyrXfsomk7
nhVzq/LkQE2UOPb2NppzSR1MPpUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQb5d9u
Rh3EINnnmkRIQgxxFHEQyzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGJjYTgzZGItNWQzMi00Y2UzLThjYWEtYjhhN2IxZDIzOGQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAvU83lHHGiIusXW/oXBt0FrUzTUjKVIdjxdc/UWvx
EoYtwKV0XcYV1r/85uBOayckEHqaXc+MGOay7ioLRbSDqhird0Mbsr3uCoNs3Jwv
jJdb79XFKgQxSB9OIi44u1cxJGmpoiMKXfyPQF8pwC9XZ3TgW1q7Bi4nDR4YEyIu
r4yIj2Kov/jg12TJaltMB51LBLzcgbj3piggSrBCOaUJNr4C4L7httfywMPJiQnr
zOh2+0DHOj5KTiiO6xqTk6g3XDRfHepNtZSZvgl/wtLxg2oRHDWBROYGQEK0HKdD
0cBODHEk5qVUY/rFUYAAE32y73iwnzCFhj7P6hYXMwMrfA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:17:27 2025 by rpki-client