Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
File: ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa (raw, json)
Hash identifier: uXTSsI+5KlOZgqXhrNb3ihc49hTZzrNFr7yEAIOfjog=
Subject key identifier: D0:CD:D4:B9:A2:A8:61:DE:4B:FF:F7:3E:9E:C9:8F:C4:9E:BC:5B:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DA3DF01309A09A6C0B5C90B7610B5930CF6A8E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:a3:df:01:30:9a:09:a6:c0:b5:c9:0b:76:10:b5:93:0c:f6:a8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:73:f5:55:ad:93:98:9b:68:40:18:23:ea:be:
2d:6a:23:76:60:73:e0:f1:74:8c:be:2e:8b:27:64:
dc:eb:ba:e0:2a:87:9c:e5:a5:2d:4d:95:fe:55:95:
65:1c:b2:fa:e8:fa:87:b4:45:16:97:e3:a9:a7:9a:
53:56:18:7c:40:e0:04:8a:a5:2f:73:b2:44:e6:86:
3b:43:16:f0:2b:fc:2d:d7:63:a5:3a:33:1f:cb:1e:
83:43:31:20:ef:69:64:6d:19:1c:03:0d:a1:f6:da:
53:b7:d8:1a:0a:55:ae:06:88:f3:b0:8d:5e:d1:ef:
34:61:00:09:ea:9b:fe:f2:96:ce:e1:5b:ff:5b:78:
cd:90:b3:8d:7b:fa:9a:85:c7:ca:dc:ec:1d:ee:24:
a4:18:af:3c:df:d7:f2:3e:2d:2d:c8:e1:47:90:a2:
6e:f7:bd:d6:0d:77:09:46:99:50:e5:9d:be:85:a9:
40:fe:24:fa:0d:1d:e8:68:97:16:f6:03:16:ef:b5:
1d:d6:68:f2:d5:25:56:0c:b8:61:5e:e4:68:8a:72:
9c:6d:e4:2e:d2:ec:a8:80:81:02:1e:af:6d:e9:12:
88:a4:fb:ce:82:f1:7b:be:18:48:55:d3:a0:02:ef:
f0:19:fd:16:2b:93:5c:22:b6:20:08:6e:4f:91:5d:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CD:D4:B9:A2:A8:61:DE:4B:FF:F7:3E:9E:C9:8F:C4:9E:BC:5B:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
90:58:35:bf:b3:de:c6:07:2e:2c:4f:e3:da:48:81:68:ca:44:
4a:e7:2f:5b:0d:3e:70:a7:3f:7d:8e:a2:5c:db:ce:05:8d:fa:
48:e3:36:30:df:ef:6a:f3:a7:b7:ca:1b:06:6d:fc:f4:be:9c:
96:af:26:b4:45:e1:12:dc:5a:6b:6f:df:71:74:3a:b5:2a:32:
8b:cf:01:d1:2e:dc:99:b7:cb:63:ae:89:2e:c3:96:e0:cc:ff:
c1:ff:c1:c8:57:84:ec:b8:47:04:d8:66:73:9f:09:9a:42:b0:
3b:ca:90:f5:06:38:1b:96:bb:5f:00:8e:fd:90:78:bb:1e:e0:
5b:2e:c1:e5:1c:08:6b:a7:34:c8:1c:00:85:3a:80:ec:b0:85:
fb:fc:49:4d:bc:ac:35:07:da:ef:12:a6:aa:63:5f:fd:4b:5b:
71:0c:d5:8e:cc:ad:7d:28:15:d8:bd:87:3b:23:5a:e2:21:1f:
59:b8:de:09:b5:39:c6:29:81:70:e6:8b:d8:9b:0f:b5:a6:96:
90:20:d8:16:06:09:98:96:7c:df:23:02:ec:cf:01:7c:8a:4e:
61:8f:9a:a7:ad:60:74:81:cc:cd:79:0c:7a:2c:c5:3c:76:49:
a7:46:d9:02:93:57:76:b9:49:b8:2b:de:12:22:73:6f:a4:eb:
46:dc:92:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfaPfATCaCabAtckLdhC1kwz2qOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYjVhNWQyODJhZGVmNTQ0ZDNjMmJmMzcxZjE5MTViNGFkYjg3MDBiNzQ3
NDNhMTgxYmYxNjY2M2M4NmMxODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9z9VWtk5ibaEAYI+q+LWojdmBz4PF0jL4uiydk3Ou64CqHnOWlLU2V/lWV
ZRyy+uj6h7RFFpfjqaeaU1YYfEDgBIqlL3OyROaGO0MW8Cv8LddjpTozH8seg0Mx
IO9pZG0ZHAMNofbaU7fYGgpVrgaI87CNXtHvNGEACeqb/vKWzuFb/1t4zZCzjXv6
moXHytzsHe4kpBivPN/X8j4tLcjhR5Cibve91g13CUaZUOWdvoWpQP4k+g0d6GiX
FvYDFu+1HdZo8tUlVgy4YV7kaIpynG3kLtLsqICBAh6vbekSiKT7zoLxe74YSFXT
oALv8Bn9FiuTXCK2IAhuT5Fd2BUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQzdS5
oqhh3kv/9z6eyY/EnrxbaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM4YTU0ZTYtOWM2NS00YWQ1LWFiZDQtZDgyYmEzYTU0ZWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQCQWDW/s97GBy4sT+PaSIFoykRK5y9bDT5wpz99jqJc
284FjfpI4zYw3+9q86e3yhsGbfz0vpyWrya0ReES3Fprb99xdDq1KjKLzwHRLtyZ
t8tjrokuw5bgzP/B/8HIV4TsuEcE2GZznwmaQrA7ypD1BjgblrtfAI79kHi7HuBb
LsHlHAhrpzTIHACFOoDssIX7/ElNvKw1B9rvEqaqY1/9S1txDNWOzK19KBXYvYc7
I1riIR9ZuN4JtTnGKYFw5ovYmw+1ppaQINgWBgmYlnzfIwLszwF8ik5hj5qnrWB0
gczNeQx6LMU8dkmnRtkCk1d2uUm4K94SInNvpOtG3JKm
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:53 2025 by rpki-client