Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa
File: 88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa (raw, json)
Hash identifier: fDvs6T4SbrnFuhfRnJhaBIViWNMqRAluSAWsl5+DNK4=
Subject key identifier: A1:7D:A1:8A:D2:8E:06:0E:2B:0C:3B:F6:A5:63:F7:A8:9B:40:55:15
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34B2F655E18C4F6CCDCC44D827513D371B0E3DE5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:b2:f6:55:e1:8c:4f:6c:cd:cc:44:d8:27:51:3d:37:1b:0e:3d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:28:c3:97:51:d8:b8:02:83:eb:df:81:87:5c:
13:16:aa:51:33:41:a6:78:f3:f2:3f:5a:e5:cf:b4:
d1:df:3d:f4:26:12:3f:4b:54:cd:19:ee:fc:d9:74:
46:ab:08:e2:0a:f9:7c:0e:ee:de:9b:62:d2:bf:c4:
1c:8f:4f:aa:2f:57:d4:9e:b6:1d:ea:d9:34:d3:95:
fe:2c:fc:54:7f:3d:0c:d4:ff:9d:ad:31:fe:bf:0e:
97:0e:32:99:45:ab:f1:e6:48:6e:e1:93:af:b7:2d:
56:f1:9a:ae:d7:b2:1d:5c:48:7a:70:31:8b:71:ba:
04:54:cf:21:0a:83:e1:b8:04:88:89:de:d4:c1:3b:
b6:fc:bd:ab:5c:0d:5b:b1:d1:4b:4e:ad:97:00:6d:
cf:63:4b:62:d4:de:48:10:0d:24:07:e1:b1:c9:1f:
db:ad:0c:cf:ed:23:27:16:19:9f:dc:f7:c2:d0:6e:
bf:82:69:bb:c2:94:c9:68:b5:bf:69:ba:7e:c7:c0:
34:d3:64:bd:3e:50:80:cf:3d:9d:1a:f1:1e:d5:95:
2f:90:db:b7:07:9f:5e:7e:e9:61:6d:e8:eb:3f:54:
f0:d9:42:db:1d:a5:f7:4e:95:19:ed:10:74:a9:90:
87:cb:f3:cc:f2:e1:88:0f:a5:6d:d7:c9:3a:93:d1:
99:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7D:A1:8A:D2:8E:06:0E:2B:0C:3B:F6:A5:63:F7:A8:9B:40:55:15
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:0c:b4:b8:97:82:f6:ef:5d:57:37:46:bc:c5:65:8e:41:20:
45:55:41:87:09:db:de:79:2b:e5:30:5a:ec:f2:b4:6f:36:0e:
92:4b:75:5e:b5:b9:27:1f:7b:06:a4:4d:be:b6:9b:68:f8:69:
19:d4:38:74:da:58:04:f0:2e:67:65:90:8e:23:60:35:b1:6a:
29:46:38:7f:79:cc:44:ed:4f:64:39:95:f4:e6:0d:c3:df:b6:
49:4f:b1:5e:12:10:56:8c:24:76:55:f3:a6:0d:43:fb:89:81:
83:33:59:9a:a1:02:57:09:d6:0a:d1:8f:bd:5b:48:14:d5:53:
e6:93:ca:99:a7:49:48:e6:52:ac:6e:51:a1:49:cb:c8:b1:63:
c4:d3:ea:0c:7e:e0:33:1f:8c:4a:01:d4:e3:e4:59:d4:33:1e:
3a:ea:c5:de:53:63:25:9f:a7:c5:ac:7d:aa:1f:a8:a2:ab:42:
0e:60:84:bd:40:f9:bc:31:df:5e:b8:85:58:b6:40:b8:50:e6:
89:b3:d3:99:7e:b1:85:b2:9f:1e:77:d3:cd:97:08:e0:2c:9e:
1b:49:d4:9a:07:33:8a:79:f4:d5:67:56:c7:cb:f9:5c:77:e3:
4c:62:6b:48:d3:a5:2f:1f:82:c3:b6:68:b4:49:fb:d5:c6:36:
a9:b3:24:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNLL2VeGMT2zNzETYJ1E9NxsOPeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1ZmIxNGRlNDYwNDVjNTAzNjE3ZWNjNmQ1ODhiMTEwZGM1NjhjM2FjNjNl
NjdiZDc0YWQyN2QzM2VlNWMwOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMow5dR2LgCg+vfgYdcExaqUTNBpnjz8j9a5c+00d899CYSP0tUzRnu/Nl0
RqsI4gr5fA7u3pti0r/EHI9Pqi9X1J62HerZNNOV/iz8VH89DNT/na0x/r8Olw4y
mUWr8eZIbuGTr7ctVvGarteyHVxIenAxi3G6BFTPIQqD4bgEiIne1ME7tvy9q1wN
W7HRS06tlwBtz2NLYtTeSBANJAfhsckf260Mz+0jJxYZn9z3wtBuv4Jpu8KUyWi1
v2m6fsfANNNkvT5QgM89nRrxHtWVL5DbtwefXn7pYW3o6z9U8NlC2x2l906VGe0Q
dKmQh8vzzPLhiA+lbdfJOpPRmccCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBShfaGK
0o4GDisMO/alY/eom0BVFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhiYTNkMzAtMTU3ZC00OTY0LThmMWQtZmI4Zjk3MjZjNDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQA0DLS4l4L2711XN0a8xWWOQSBFVUGHCdveeSvlMFrs
8rRvNg6SS3VetbknH3sGpE2+tpto+GkZ1Dh02lgE8C5nZZCOI2A1sWopRjh/ecxE
7U9kOZX05g3D37ZJT7FeEhBWjCR2VfOmDUP7iYGDM1maoQJXCdYK0Y+9W0gU1VPm
k8qZp0lI5lKsblGhScvIsWPE0+oMfuAzH4xKAdTj5FnUMx466sXeU2Mln6fFrH2q
H6iiq0IOYIS9QPm8Md9euIVYtkC4UOaJs9OZfrGFsp8ed9PNlwjgLJ4bSdSaBzOK
efTVZ1bHy/lcd+NMYmtI06UvH4LDtmi0SfvVxjapsyR3
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:02 2025 by rpki-client