Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
File: 5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa (raw, json)
Hash identifier: cB/yRQ9IhPq9kNoMviYlEQ0YuJPHueskQc46f/y+Rrw=
Subject key identifier: 08:15:0A:1F:77:27:0F:BE:A0:BE:11:9D:44:CD:9C:F1:DE:25:52:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 237EB9EEF8AFABB078B5132852959617746BC7DF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:7e:b9:ee:f8:af:ab:b0:78:b5:13:28:52:95:96:17:74:6b:c7:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:95:8c:4d:8a:82:de:83:cf:12:26:8b:01:dc:
53:88:c2:45:8d:d1:41:fd:49:51:06:bb:ef:41:51:
9d:32:38:ed:88:b2:f1:ed:e2:c7:04:48:df:53:76:
2f:f5:d2:89:ce:68:50:8c:47:9f:12:e3:9c:21:6e:
9f:23:4a:9d:ea:9d:d3:64:57:1d:4b:d7:07:52:72:
21:0f:04:5c:cb:28:68:6a:f2:0f:fa:c1:42:da:f2:
bb:6e:43:b7:71:a9:01:32:4f:a3:89:19:07:08:9e:
e0:e3:61:9a:03:bf:aa:13:ff:38:49:47:4f:cf:9e:
ce:28:05:35:7b:d4:e2:05:07:6b:73:74:73:df:ba:
ff:f0:75:4b:e8:ef:98:73:22:0d:0a:7a:c2:26:d8:
80:d8:69:d0:17:15:ef:7e:b5:38:3c:88:e3:41:5b:
55:34:7f:08:6e:6d:6e:90:5a:25:59:82:85:ae:a5:
4d:13:64:6c:25:71:63:75:8b:f3:9d:68:ec:72:72:
e8:69:f1:bf:ac:10:66:c6:e0:e7:3f:47:e9:8e:27:
72:97:f7:17:87:63:40:76:71:1e:1a:be:6f:38:d6:
97:ac:89:40:c7:99:3d:88:1f:9b:1c:ad:7e:99:75:
07:51:42:67:f4:d4:05:7b:8c:cb:c4:e4:dc:b4:2b:
2c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:15:0A:1F:77:27:0F:BE:A0:BE:11:9D:44:CD:9C:F1:DE:25:52:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:14:3d:a4:7b:2b:26:01:03:77:ca:d7:3f:27:bb:6d:7b:12:
14:a7:9b:56:d5:6e:04:6a:41:5b:c2:98:88:c9:b7:9b:b7:35:
e0:7f:60:01:d1:9f:a1:75:b8:cf:5a:a4:f1:e3:9c:3e:ad:b7:
65:cc:76:c5:f0:0f:84:0a:f0:0f:a3:46:a2:93:e8:63:1e:5d:
06:47:ff:8a:de:42:1d:db:db:f6:b2:be:d5:cc:14:4e:81:96:
38:88:17:b4:dc:50:b0:09:db:50:6d:dc:18:06:36:09:c3:f6:
71:80:58:65:df:e7:8c:78:94:25:f2:20:bb:31:42:0b:3d:6a:
fe:ee:fb:67:68:d6:db:9e:dd:44:b7:f4:86:89:2a:64:f0:b0:
1f:49:16:d7:6c:53:ac:b7:22:72:7f:c2:97:ee:7b:d1:b2:48:
34:83:12:fb:a9:d7:a6:a8:b2:ea:c9:88:f4:a6:4d:bc:3a:15:
f0:60:26:bd:4f:54:7e:4e:be:f6:c2:e1:ae:b2:d6:ce:2f:12:
0f:d1:5b:55:f1:12:8c:c4:87:ac:53:21:a1:7e:98:b5:f3:b3:
79:83:bb:90:d8:5e:9d:f1:49:03:c0:c5:3d:0e:e7:19:5a:33:
2d:ad:16:d3:cc:c5:d0:32:a9:92:17:48:10:75:be:ec:44:59:
d9:ff:50:e7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI3657vivq7B4tRMoUpWWF3Rrx98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkMWNlNWNjM2YzMDhhZTNlYTczOWY0N2JiMzU4YmJkMDVkNDNlMjM5MWZk
N2MwMDBjMzEwZjM4MWE5YTFmNTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaVjE2Kgt6DzxImiwHcU4jCRY3RQf1JUQa770FRnTI47Yiy8e3ixwRI31N2
L/XSic5oUIxHnxLjnCFunyNKneqd02RXHUvXB1JyIQ8EXMsoaGryD/rBQtryu25D
t3GpATJPo4kZBwie4ONhmgO/qhP/OElHT8+ezigFNXvU4gUHa3N0c9+6//B1S+jv
mHMiDQp6wibYgNhp0BcV7361ODyI40FbVTR/CG5tbpBaJVmCha6lTRNkbCVxY3WL
851o7HJy6Gnxv6wQZsbg5z9H6Y4ncpf3F4djQHZxHhq+bzjWl6yJQMeZPYgfmxyt
fpl1B1FCZ/TUBXuMy8Tk3LQrLFMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQIFQof
dycPvqC+EZ1EzZzx3iVSMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWRlZjVjZWQtNjM5MC00YTc0LThiZjktY2I2NzdmMGIwNWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQAjFD2keysmAQN3ytc/J7ttexIUp5tW1W4EakFbwpiI
ybebtzXgf2AB0Z+hdbjPWqTx45w+rbdlzHbF8A+ECvAPo0aik+hjHl0GR/+K3kId
29v2sr7VzBROgZY4iBe03FCwCdtQbdwYBjYJw/ZxgFhl3+eMeJQl8iC7MUILPWr+
7vtnaNbbnt1Et/SGiSpk8LAfSRbXbFOstyJyf8KX7nvRskg0gxL7qdemqLLqyYj0
pk28OhXwYCa9T1R+Tr72wuGustbOLxIP0VtV8RKMxIesUyGhfpi187N5g7uQ2F6d
8UkDwMU9DucZWjMtrRbTzMXQMqmSF0gQdb7sRFnZ/1Dn
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:14 2025 by rpki-client