Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71a3959f-fe88-470e-a579-701317fd3928.roa
File: 71a3959f-fe88-470e-a579-701317fd3928.roa (raw, json)
Hash identifier: eybGzldZ1BhCAs5tDhWDCfkJCLmEyZURUgndVtZfI3M=
Subject key identifier: C4:3B:F7:62:AB:B9:AB:89:D9:B6:09:12:26:67:14:26:F7:DA:D1:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E709DA1A983FF593BAA7D4C99A445242CDCFCC9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71a3959f-fe88-470e-a579-701317fd3928.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:70:9d:a1:a9:83:ff:59:3b:aa:7d:4c:99:a4:45:24:2c:dc:fc:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:44:14:16:d8:86:b5:35:be:2e:0d:f1:0e:93:
ae:2c:ce:0d:a7:b8:82:c6:4c:6e:db:c2:12:84:b6:
d6:33:c7:31:e9:72:fe:7a:ef:b6:fa:56:fd:04:ca:
b9:d3:65:e7:42:55:36:0e:e5:45:4b:4e:50:9d:c9:
06:9b:67:47:a1:26:8a:80:49:15:44:6c:06:93:71:
ad:19:ed:19:91:7b:90:63:f8:bc:86:56:16:19:91:
a9:1a:c2:71:48:cf:3e:db:0d:a7:a2:2b:51:f2:77:
94:5d:2f:2a:6f:d8:9d:d6:87:54:e0:7c:0a:2d:a3:
c0:3d:26:61:05:58:3a:32:44:cf:ee:00:46:12:a6:
29:e8:0b:9c:8d:dd:cf:7c:77:f5:bd:d5:a3:09:e0:
a5:ca:e1:82:47:a1:ab:90:a0:4a:f6:63:20:55:7e:
bd:7e:23:4f:fb:cc:d6:56:2f:10:db:0e:a5:26:fd:
44:58:f5:f4:e1:5d:f4:9c:a5:12:35:0f:26:4a:96:
93:54:59:42:8c:5a:f9:04:1a:48:b4:63:32:e5:9b:
79:2b:45:b0:67:c4:b9:83:9a:9a:93:4f:c9:36:0b:
4b:4b:9e:3e:c0:0a:39:31:fe:30:79:e6:48:71:52:
44:f3:ea:ce:da:c0:2d:a2:5e:ef:0b:43:91:0f:f4:
69:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3B:F7:62:AB:B9:AB:89:D9:B6:09:12:26:67:14:26:F7:DA:D1:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71a3959f-fe88-470e-a579-701317fd3928.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:1c:9f:67:b5:af:0e:86:ea:3d:fd:5d:ee:28:8d:b3:94:a3:
14:a6:75:76:c8:aa:88:09:53:4f:7e:10:ee:34:c5:14:d8:9e:
ae:0e:45:1f:b6:7b:f6:db:da:30:e7:2b:3e:85:48:1f:93:49:
5a:79:bf:7d:1c:9c:fb:10:8f:a7:37:68:31:1d:13:51:7a:6e:
36:05:33:e2:69:b6:d0:57:a0:36:8d:e1:1c:a8:b3:26:36:c8:
eb:a4:f1:e2:70:16:9b:b8:31:aa:a6:3f:93:cc:2d:ea:e9:b9:
45:43:ad:e9:1e:26:0c:2f:a2:f4:d8:35:a9:fe:3d:cb:4a:3f:
64:e5:45:5c:28:3a:ed:ee:0f:e9:de:4b:87:5b:9a:17:1a:0d:
75:59:7f:ce:39:58:88:c4:aa:6b:ce:03:e4:e6:85:67:8e:8b:
65:e2:4f:37:57:b1:ed:00:af:27:52:d0:ef:97:82:89:5d:ba:
d1:9d:18:fb:07:13:89:6b:55:50:20:38:28:67:34:8e:55:cb:
71:40:9d:e7:e9:76:19:d8:1d:69:51:73:7e:27:d4:ed:fe:0c:
2d:78:0f:fa:44:db:ac:90:84:aa:4b:91:1a:5b:d9:9b:5c:40:
65:50:af:d3:bd:a1:ec:d7:25:44:9a:4d:ee:84:da:5e:54:3b:
7a:7f:0d:96
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHnCdoamD/1k7qn1MmaRFJCzc/MkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmOWZlYzRjM2ExNGQ4ZWZhNDkxNzQxZjBlMTk1OTYwZjE4MmMwOGQxZjJl
ZWY5YTlhNzJkNTczMjlmMjE3OTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNEFBbYhrU1vi4N8Q6TrizODae4gsZMbtvCEoS21jPHMely/nrvtvpW/QTK
udNl50JVNg7lRUtOUJ3JBptnR6EmioBJFURsBpNxrRntGZF7kGP4vIZWFhmRqRrC
cUjPPtsNp6IrUfJ3lF0vKm/YndaHVOB8Ci2jwD0mYQVYOjJEz+4ARhKmKegLnI3d
z3x39b3Vowngpcrhgkehq5CgSvZjIFV+vX4jT/vM1lYvENsOpSb9RFj19OFd9Jyl
EjUPJkqWk1RZQoxa+QQaSLRjMuWbeStFsGfEuYOampNPyTYLS0uePsAKOTH+MHnm
SHFSRPPqztrALaJe7wtDkQ/0aV8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTEO/di
q7mridm2CRImZxQm99rR3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzFhMzk1OWYtZmU4OC00NzBlLWE1NzktNzAxMzE3ZmQzOTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQBqHJ9nta8Ohuo9/V3uKI2zlKMUpnV2yKqICVNPfhDu
NMUU2J6uDkUftnv229ow5ys+hUgfk0laeb99HJz7EI+nN2gxHRNRem42BTPiabbQ
V6A2jeEcqLMmNsjrpPHicBabuDGqpj+TzC3q6blFQ63pHiYML6L02DWp/j3LSj9k
5UVcKDrt7g/p3kuHW5oXGg11WX/OOViIxKprzgPk5oVnjotl4k83V7HtAK8nUtDv
l4KJXbrRnRj7BxOJa1VQIDgoZzSOVctxQJ3n6XYZ2B1pUXN+J9Tt/gwteA/6RNus
kISqS5EaW9mbXEBlUK/TvaHs1yVEmk3uhNpeVDt6fw2W
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:19 2025 by rpki-client