Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
File: 8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa (raw, json)
Hash identifier: TjtRSsCIoUavjmHm2tCYzUYIrdgYDuGxHF1vR+bx7WU=
Subject key identifier: 03:F2:8D:4F:92:BD:BC:65:11:14:51:E4:53:CA:A1:C8:85:13:B5:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6D821E23064BFF7D95BAFB0D7795D26382E0CA5B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
Signing time: Fri 20 Dec 2024 00:00:00 +0000
ROA not before: Fri 20 Dec 2024 00:00:00 +0000
ROA not after: Fri 24 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:82:1e:23:06:4b:ff:7d:95:ba:fb:0d:77:95:d2:63:82:e0:ca:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 20 00:00:00 2024 GMT
Not After : Jan 24 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:dd:e0:79:c6:3e:5c:a5:c8:5e:07:d2:ce:
b0:db:0b:b9:cf:c4:8e:c1:3c:c8:8d:77:4a:b3:89:
c8:ce:7d:90:ec:17:3f:14:5b:79:c2:2b:12:8e:74:
15:71:91:7c:88:cf:6f:32:b9:ee:90:92:18:e1:1c:
d5:ff:24:78:72:58:2b:39:69:60:07:16:23:c3:df:
da:07:b2:95:bd:12:3a:37:d8:f4:70:86:e3:97:07:
7f:1c:e1:25:86:55:e4:e5:ec:c6:7b:ca:b4:5f:a9:
4c:23:62:c1:45:65:59:98:4a:a1:21:df:60:cc:66:
d2:1c:c8:ff:32:df:9e:31:56:e9:88:7e:14:47:52:
b2:8f:b8:bf:1c:a5:ff:e6:88:d7:9b:66:5a:7f:10:
ef:78:68:2c:60:7e:11:4d:c8:1d:05:7b:7b:7c:8a:
2e:ec:32:9e:5a:84:8d:96:da:e0:13:e2:ef:ab:cd:
f7:ae:59:fe:4b:cd:db:3c:38:ce:47:56:d2:ce:4f:
db:7c:ca:24:53:e6:60:46:2d:1b:86:3d:e3:fb:cc:
d3:02:8a:3c:ac:40:35:a7:73:38:7a:17:27:c6:5b:
7d:c8:a3:a6:d0:c0:ac:d6:91:8e:fb:b5:62:29:45:
0a:c3:f8:9a:33:d7:66:20:95:74:25:b3:ee:d9:8e:
9c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F2:8D:4F:92:BD:BC:65:11:14:51:E4:53:CA:A1:C8:85:13:B5:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
21:de:a3:7b:1e:fe:5b:c5:cb:17:55:86:80:48:ff:ac:de:b7:
35:d8:e2:81:fc:69:7a:9e:fe:b7:34:ac:a3:20:61:47:f8:4c:
66:24:c7:7e:0f:db:0b:29:48:45:fe:76:11:72:08:20:25:79:
8e:f4:42:50:37:42:dc:96:0d:75:76:9e:95:db:4a:f1:c8:0a:
b5:2b:ff:2c:09:39:c0:c1:0a:65:63:09:8b:bf:cf:75:6d:e7:
ad:c0:32:16:e7:6c:4d:17:87:a0:38:cc:8c:ed:a0:02:08:c4:
71:f5:83:fe:cd:51:44:05:f9:03:a1:6a:76:22:b4:2a:05:3c:
13:0c:af:f7:92:c9:4d:8b:d5:e7:a3:83:fa:83:09:9b:f8:1a:
c8:4e:95:c6:26:59:1b:74:51:6c:d5:ba:21:55:a3:88:35:e5:
a6:05:5a:2d:99:7a:28:32:04:1c:25:61:fb:bf:34:5c:2f:06:
b6:e5:90:ea:e9:c1:ff:52:9e:87:89:2f:46:c0:59:6e:e8:33:
d9:e1:03:73:2c:f9:39:f0:96:7c:5d:a5:65:7f:89:94:19:ec:
33:3d:93:35:af:bc:a4:b4:bd:7c:0b:50:6e:47:70:7d:f6:6d:
ca:02:74:68:3c:77:23:c8:ae:01:ec:04:e4:7f:ec:17:cd:8f:
e5:8c:c0:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbYIeIwZL/32VuvsNd5XSY4LgylswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMjAwMDAwMDBaFw0yNTAxMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYTA4MDY2OTg3NzI4MGY2YzNlYmU0ZmFjOTRlODk0OTk5ODNjYTI1OTI5
ZmMxYjNlODIwNWM1YTAxMmMzZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALum3eB5xj5cpcheB9LOsNsLuc/EjsE8yI13SrOJyM59kOwXPxRbecIrEo50
FXGRfIjPbzK57pCSGOEc1f8keHJYKzlpYAcWI8Pf2geylb0SOjfY9HCG45cHfxzh
JYZV5OXsxnvKtF+pTCNiwUVlWZhKoSHfYMxm0hzI/zLfnjFW6Yh+FEdSso+4vxyl
/+aI15tmWn8Q73hoLGB+EU3IHQV7e3yKLuwynlqEjZba4BPi76vN965Z/kvN2zw4
zkdW0s5P23zKJFPmYEYtG4Y94/vM0wKKPKxANadzOHoXJ8ZbfcijptDArNaRjvu1
YilFCsP4mjPXZiCVdCWz7tmOnM8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQD8o1P
kr28ZREUUeRTyqHIhRO11DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZjM1NGMtNTBlOC00NjIzLWE1OWUtYmRkZjU4MjFjMmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAId6jex7+W8XLF1WGgEj/rN63Ndjigfxpep7+tzSs
oyBhR/hMZiTHfg/bCylIRf52EXIIICV5jvRCUDdC3JYNdXaeldtK8cgKtSv/LAk5
wMEKZWMJi7/PdW3nrcAyFudsTReHoDjMjO2gAgjEcfWD/s1RRAX5A6FqdiK0KgU8
Ewyv95LJTYvV56OD+oMJm/gayE6VxiZZG3RRbNW6IVWjiDXlpgVaLZl6KDIEHCVh
+780XC8GtuWQ6unB/1Keh4kvRsBZbugz2eEDcyz5OfCWfF2lZX+JlBnsMz2TNa+8
pLS9fAtQbkdwffZtygJ0aDx3I8iuAewE5H/sF82P5YzApg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:54:32 2025 by rpki-client