Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
File: a10761b8-e85e-4339-a45c-82ab3615108d.roa (raw, json)
Hash identifier: 3ptlb0I7n8BITrJOG/4ksa+9ave9q3DWZ2r9EXL2FlU=
Subject key identifier: DC:30:EF:AC:59:15:20:13:E1:DA:49:D3:92:83:F1:98:7A:23:96:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D83FE18462DC4A42F90E9E419059295220C9227
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:83:fe:18:46:2d:c4:a4:2f:90:e9:e4:19:05:92:95:22:0c:92:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a2:97:a1:05:82:c8:1c:a2:df:48:87:d4:30:
95:65:78:2e:98:d0:23:3e:7a:05:59:c0:74:bf:5c:
ab:b5:b6:bc:bf:d2:e8:66:23:23:e7:ed:72:d8:e0:
a3:be:a6:82:81:49:ea:14:65:86:0a:83:e1:cc:1b:
29:a0:05:14:c0:c6:2d:6c:8d:84:16:31:88:a5:38:
45:54:64:68:84:8d:70:bc:b9:7f:2d:92:64:ff:71:
20:11:f7:9b:1b:c4:5c:e3:c8:96:f3:7c:02:a0:9e:
de:e2:4a:57:69:a6:c5:90:7e:14:da:2b:87:90:e9:
2f:2c:cc:01:d5:3f:d5:60:4c:87:f8:c0:63:98:ec:
20:8e:ea:c3:31:17:6f:63:21:2f:8a:77:c5:87:91:
de:6d:c8:0f:66:4e:f8:31:88:b7:7d:5c:16:12:53:
4b:4e:0b:71:2b:9e:c1:48:81:24:dc:c2:8f:88:e4:
b5:e6:93:c3:6d:33:b4:24:3a:b3:a0:90:12:82:13:
92:80:c6:b2:cc:c0:5f:2d:67:b8:82:6b:c7:77:ec:
3d:a9:0a:ca:6c:31:66:51:84:10:0a:5a:31:ee:a4:
8d:fc:9f:40:ad:d8:1f:59:ad:fe:d7:d7:d1:05:80:
fc:9a:1d:a4:51:3e:07:37:34:07:11:73:24:2a:8c:
de:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:30:EF:AC:59:15:20:13:E1:DA:49:D3:92:83:F1:98:7A:23:96:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:62:42:2c:a1:41:d6:a5:39:f5:bb:db:29:70:d2:73:88:9a:
37:10:31:23:e1:a9:38:d8:bb:cf:82:3d:69:ff:80:4e:01:6c:
c9:ba:13:ef:c3:f5:ac:1a:86:8b:d4:31:26:96:82:e7:01:86:
58:aa:70:71:99:43:e9:bc:85:c1:ef:78:8b:04:c4:e0:42:32:
95:a0:a6:54:18:59:00:cf:d3:f9:44:89:e0:d2:fe:2f:c5:b0:
f3:b0:d5:a8:0b:75:e5:c1:a5:4a:59:f3:31:8f:4f:1a:2a:b9:
d1:56:5e:43:74:b6:79:7d:39:39:e5:4f:d9:11:af:cd:4b:e9:
fe:73:34:f2:7f:31:f6:ea:02:0b:4c:5c:4d:a5:3f:fd:97:7f:
b8:68:8a:5f:d7:76:ea:d3:f2:f5:10:78:55:60:68:82:6f:29:
43:50:1b:40:26:0d:25:7e:75:4a:8c:35:aa:72:2d:37:b5:85:
7c:86:12:05:c6:af:ab:b1:aa:4c:1e:23:e5:f1:c3:f8:a0:fd:
71:1d:06:91:53:e6:ba:33:37:a7:f5:5e:ee:e4:64:d4:d2:ce:
45:05:e4:d2:9b:dd:c4:b1:48:e1:51:e3:05:93:de:63:01:dc:
df:c8:79:f7:0e:78:f0:3b:5e:1b:86:23:de:ea:ba:77:68:d0:
d0:65:9a:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHYP+GEYtxKQvkOnkGQWSlSIMkicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2N2U3ZjQ5NTllOGM5NGQwZmQ4MWJhZjA2ZTY2NjI0Mzc4YTdlY2VmNTY5
OTUyMGQ2MTczMDE1MDBiODJhNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCil6EFgsgcot9Ih9QwlWV4LpjQIz56BVnAdL9cq7W2vL/S6GYjI+ftctjg
o76mgoFJ6hRlhgqD4cwbKaAFFMDGLWyNhBYxiKU4RVRkaISNcLy5fy2SZP9xIBH3
mxvEXOPIlvN8AqCe3uJKV2mmxZB+FNorh5DpLyzMAdU/1WBMh/jAY5jsII7qwzEX
b2MhL4p3xYeR3m3ID2ZO+DGIt31cFhJTS04LcSuewUiBJNzCj4jkteaTw20ztCQ6
s6CQEoITkoDGsszAXy1nuIJrx3fsPakKymwxZlGEEApaMe6kjfyfQK3YH1mt/tfX
0QWA/JodpFE+Bzc0BxFzJCqM3m0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTcMO+s
WRUgE+HaSdOSg/GYeiOWGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTEwNzYxYjgtZTg1ZS00MzM5LWE0NWMtODJhYjM2MTUxMDhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQAsYkIsoUHWpTn1u9spcNJziJo3EDEj4ak42LvPgj1p
/4BOAWzJuhPvw/WsGoaL1DEmloLnAYZYqnBxmUPpvIXB73iLBMTgQjKVoKZUGFkA
z9P5RIng0v4vxbDzsNWoC3XlwaVKWfMxj08aKrnRVl5DdLZ5fTk55U/ZEa/NS+n+
czTyfzH26gILTFxNpT/9l3+4aIpf13bq0/L1EHhVYGiCbylDUBtAJg0lfnVKjDWq
ci03tYV8hhIFxq+rsapMHiPl8cP4oP1xHQaRU+a6Mzen9V7u5GTU0s5FBeTSm93E
sUjhUeMFk95jAdzfyHn3DnjwO14bhiPe6rp3aNDQZZoI
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:22:12 2025 by rpki-client