Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
File: 8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa (raw, json)
Hash identifier: WyjByTkkKIHmphmvu5bHERWMB3PHoxH4aulxTAOfwYg=
Subject key identifier: 65:C3:42:E1:FB:24:7B:26:60:AD:3E:9C:60:0F:B4:D8:0C:FE:B8:07
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 50F53F3EEEEDF38227891CE61777CD77338DC2BA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:f5:3f:3e:ee:ed:f3:82:27:89:1c:e6:17:77:cd:77:33:8d:c2:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1f:7b:06:b4:4a:6c:2c:27:c8:b5:65:d7:ba:
19:98:5f:75:25:b6:d5:06:47:c0:20:73:90:c4:06:
02:cc:32:83:69:33:b1:a3:ef:d1:74:61:d7:96:48:
b3:24:7f:fa:66:a2:4d:cc:91:c4:a3:06:42:e9:67:
01:e1:7d:98:6f:ec:71:b0:e6:62:51:22:fd:38:d1:
00:a9:05:0a:79:08:ef:b0:37:42:34:1c:3d:6c:b6:
22:53:1b:fc:3c:db:fb:8f:f0:4a:90:d7:f2:85:32:
83:a2:6c:66:40:e2:e9:61:9a:7c:7c:ce:47:54:75:
22:72:e7:e6:f3:c5:cb:b1:0b:01:15:c7:ca:db:98:
76:cd:c9:79:9d:99:50:1c:4c:0f:93:91:b0:1d:8e:
06:9b:d2:b1:dc:79:77:07:fc:63:20:dc:44:fd:ef:
ac:17:df:d3:85:f5:9f:9c:fa:f8:af:09:99:a6:c4:
01:b6:5c:03:6a:ef:72:b4:f2:8f:32:26:43:75:26:
30:c1:7d:3b:48:1f:66:ff:3c:09:d2:5c:62:f7:a2:
53:71:97:0c:cf:95:dc:08:de:1f:5c:72:eb:7c:a3:
af:17:4d:80:fb:0d:86:cf:c7:0b:f5:80:13:50:d5:
63:04:99:9f:3e:36:ea:64:ca:34:d7:65:42:2d:da:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C3:42:E1:FB:24:7B:26:60:AD:3E:9C:60:0F:B4:D8:0C:FE:B8:07
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c9f87ee-a903-4f2f-8bba-31a4ab5f74b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:b8:2a:a3:cc:7a:37:06:b9:08:91:1d:a7:50:0e:21:2f:05:
9c:72:b2:61:bb:70:ba:7d:12:09:95:99:cf:f5:09:e7:bc:21:
37:ac:da:d7:ae:75:a0:b4:3c:7b:d5:cb:24:4a:fa:b2:b0:ed:
75:d1:84:29:47:af:bf:17:ed:94:cc:ae:e0:0c:e4:2a:f9:6c:
58:db:c6:16:e0:ed:ab:8f:e0:c5:89:60:93:12:20:3f:b9:0d:
d5:1d:9f:f9:a9:51:d4:d4:bc:05:c5:9a:e4:89:7d:fa:f7:75:
a8:3f:b9:a0:d6:4a:fb:e7:b9:72:17:06:0e:8c:9f:71:ea:fc:
8c:b4:c1:7c:a1:e4:ac:ff:ab:2d:0e:f6:5c:93:91:1d:56:90:
1a:8c:01:4e:78:9c:84:d7:41:54:2a:38:f3:1d:16:5b:fb:71:
b8:5f:8b:e0:5c:9e:76:22:23:7c:94:e9:fa:93:9d:20:85:32:
2e:be:41:20:37:94:a3:7a:21:31:a0:40:7b:cf:b9:73:33:18:
4f:7d:9f:4d:9b:df:66:01:24:94:8a:dd:b7:f4:9d:30:1c:14:
bd:4c:ea:77:3f:d3:4c:1b:5a:9a:d1:96:3c:64:b2:5f:57:ea:
75:5b:be:37:f8:a7:32:9a:88:fd:8e:b3:da:a3:b8:ed:60:08:
88:fb:a1:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUPU/Pu7t84IniRzmF3fNdzONwrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2YTExMjI1ODg3NjUzMTBiODIyY2NlMWViYWQxOWNmZTNiNzNiYzYwYTA2
NWMyYmQ0MWE2OGQ0ZDE1MzdlMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOkfewa0SmwsJ8i1Zde6GZhfdSW21QZHwCBzkMQGAswyg2kzsaPv0XRh15ZI
syR/+maiTcyRxKMGQulnAeF9mG/scbDmYlEi/TjRAKkFCnkI77A3QjQcPWy2IlMb
/Dzb+4/wSpDX8oUyg6JsZkDi6WGafHzOR1R1InLn5vPFy7ELARXHytuYds3JeZ2Z
UBxMD5ORsB2OBpvSsdx5dwf8YyDcRP3vrBff04X1n5z6+K8JmabEAbZcA2rvcrTy
jzImQ3UmMMF9O0gfZv88CdJcYveiU3GXDM+V3AjeH1xy63yjrxdNgPsNhs/HC/WA
E1DVYwSZnz426mTKNNdlQi3aRBsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRlw0Lh
+yR7JmCtPpxgD7TYDP64BzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM5Zjg3ZWUtYTkwMy00ZjJmLThiYmEtMzFhNGFiNWY3NGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQCNuCqjzHo3BrkIkR2nUA4hLwWccrJhu3C6fRIJlZnP
9QnnvCE3rNrXrnWgtDx71cskSvqysO110YQpR6+/F+2UzK7gDOQq+WxY28YW4O2r
j+DFiWCTEiA/uQ3VHZ/5qVHU1LwFxZrkiX3693WoP7mg1kr757lyFwYOjJ9x6vyM
tMF8oeSs/6stDvZck5EdVpAajAFOeJyE10FUKjjzHRZb+3G4X4vgXJ52IiN8lOn6
k50ghTIuvkEgN5SjeiExoEB7z7lzMxhPfZ9Nm99mASSUit239J0wHBS9TOp3P9NM
G1qa0ZY8ZLJfV+p1W743+Kcymoj9jrPao7jtYAiI+6F6
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:16:22 2025 by rpki-client