Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa
File: 7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa (raw, json)
Hash identifier: K4IvDkz468sb+r11i7E0YihQOZS5MFagN0NJPI3jRZw=
Subject key identifier: 54:D7:E2:C3:FC:41:A6:1F:AC:3E:D1:4E:D2:1F:D1:7D:8D:5C:E5:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57A0C4A2479C11ECE23B20D3B495701A81BA6756
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:a0:c4:a2:47:9c:11:ec:e2:3b:20:d3:b4:95:70:1a:81:ba:67:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1d:12:19:a5:95:6f:7c:76:e1:3f:a9:f1:25:
7a:bb:56:6f:5e:d0:10:77:01:94:9c:eb:6a:7a:14:
d4:7b:3b:fd:2a:80:67:4a:b0:df:c1:a4:3e:5d:9e:
01:7f:82:ec:11:c9:15:2d:41:c3:3c:cb:31:0d:a4:
7f:70:f1:39:b5:b5:ce:f4:22:10:d7:03:f8:9e:67:
7f:66:32:6f:95:0d:a3:84:48:fe:36:6c:3f:f2:9b:
54:5e:75:e4:81:a9:e6:57:cf:98:9a:e4:76:2a:42:
e2:c1:c3:8b:f9:04:e3:c3:63:38:2d:bd:4a:bd:df:
aa:54:cd:fb:24:a6:50:7a:c8:dd:1d:b1:8b:3d:09:
38:61:80:78:41:03:65:60:d3:8c:80:d8:b9:f5:aa:
1f:a9:c1:df:a9:f4:bc:f3:c4:ec:9c:fd:c8:77:c0:
ec:74:23:8f:6c:cd:5f:f4:20:5d:4b:43:1c:20:67:
07:52:aa:14:4d:68:02:2f:24:b6:e3:ff:8f:ef:c9:
e2:7b:09:f5:e6:b0:28:62:9d:ca:74:83:ed:e5:d8:
83:fb:47:c1:4a:f9:33:38:60:73:5d:24:f4:7b:77:
79:29:fc:9b:17:59:29:5e:82:51:2c:1a:ee:98:4a:
37:19:a0:01:8e:db:18:91:6b:0f:00:f4:41:40:98:
c9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D7:E2:C3:FC:41:A6:1F:AC:3E:D1:4E:D2:1F:D1:7D:8D:5C:E5:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
08:28:0d:e7:f4:e1:2b:0c:a1:e6:ad:1f:a9:07:2c:b9:e2:28:
7b:84:ce:d2:a1:3d:36:fc:aa:04:4c:4c:6f:fe:0c:bb:70:12:
50:7b:e0:88:67:94:6e:39:6f:32:f0:79:60:d8:e7:4c:67:82:
ee:fa:fb:1b:5a:26:d2:bc:51:c6:bb:9b:67:9b:5f:b5:15:1f:
1f:d2:b7:bc:81:cb:58:67:5e:2d:01:21:db:86:5c:ec:98:e5:
03:fe:01:f9:c0:9d:f7:f3:62:0e:65:71:73:d4:b9:4c:c2:c7:
9e:d5:a3:57:0b:b1:83:02:a1:3b:5f:bf:72:1c:21:10:af:78:
6a:de:7c:4d:5d:47:6a:91:13:6f:bc:b8:bf:de:48:d1:12:80:
b2:24:53:8c:ac:b2:0a:e3:3c:a8:18:17:29:4a:08:57:be:67:
96:aa:45:e4:11:35:25:c7:79:bc:d6:b3:e9:98:aa:57:ab:12:
d7:a5:7e:7b:ad:21:f7:b4:a3:8b:0c:6a:53:95:4f:b9:38:be:
a4:f2:52:fa:0b:ee:1c:15:e5:f7:d3:79:5b:4d:8a:b3:ae:67:
28:48:59:99:c0:c9:9c:7d:b0:18:4d:64:1d:3c:1d:35:c9:50:
9c:a5:1c:d5:90:d6:ac:65:61:a2:b3:4c:9a:33:f5:90:3d:97:
49:e4:c3:3c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV6DEokecEeziOyDTtJVwGoG6Z1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMGQ1MjU3YjExOWZlOGRlZDE1NjMwMzU3OWY2Y2Q0MmRlMDRlNTFmNjZl
MDM4MDBjZjE4OTcyY2MzNGNmN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsdEhmllW98duE/qfElertWb17QEHcBlJzranoU1Hs7/SqAZ0qw38GkPl2e
AX+C7BHJFS1BwzzLMQ2kf3DxObW1zvQiENcD+J5nf2Yyb5UNo4RI/jZsP/KbVF51
5IGp5lfPmJrkdipC4sHDi/kE48NjOC29Sr3fqlTN+ySmUHrI3R2xiz0JOGGAeEED
ZWDTjIDYufWqH6nB36n0vPPE7Jz9yHfA7HQjj2zNX/QgXUtDHCBnB1KqFE1oAi8k
tuP/j+/J4nsJ9eawKGKdynSD7eXYg/tHwUr5Mzhgc10k9Ht3eSn8mxdZKV6CUSwa
7phKNxmgAY7bGJFrDwD0QUCYyWECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRU1+LD
/EGmH6w+0U7SH9F9jVzldzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzQwMGJjODktOGFiMy00MmYyLWI4ZmUtNzI3ZmJiOTJkZWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEACCgN5/ThKwyh5q0fqQcsueIoe4TO0qE9NvyqBExM
b/4Mu3ASUHvgiGeUbjlvMvB5YNjnTGeC7vr7G1om0rxRxrubZ5tftRUfH9K3vIHL
WGdeLQEh24Zc7JjlA/4B+cCd9/NiDmVxc9S5TMLHntWjVwuxgwKhO1+/chwhEK94
at58TV1HapETb7y4v95I0RKAsiRTjKyyCuM8qBgXKUoIV75nlqpF5BE1Jcd5vNaz
6ZiqV6sS16V+e60h97SjiwxqU5VPuTi+pPJS+gvuHBXl99N5W02Ks65nKEhZmcDJ
nH2wGE1kHTwdNclQnKUc1ZDWrGVhorNMmjP1kD2XSeTDPA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:44 2025 by rpki-client