Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cc65de9d-dc78-4e7d-96ff-16c3294057be.roa
File: cc65de9d-dc78-4e7d-96ff-16c3294057be.roa (raw, json)
Hash identifier: nBAHUml3sPlFMCAgn/N7hxhDqptzuuwnqxdeen0csP0=
Subject key identifier: F0:33:97:07:0C:40:E0:7B:EF:60:31:EE:4B:50:6B:E8:27:12:69:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11F331884D8E1240DBA64251A2D1B00D09FF6C8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cc65de9d-dc78-4e7d-96ff-16c3294057be.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:f3:31:88:4d:8e:12:40:db:a6:42:51:a2:d1:b0:0d:09:ff:6c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f6:9a:89:1f:5c:f4:8a:2d:d4:f9:3c:c6:86:
da:57:ec:c2:12:12:01:40:ef:6f:82:bc:4f:24:6d:
91:2a:85:72:6c:7b:d6:2e:38:83:71:ef:2b:80:b7:
03:e8:0b:0a:bd:fb:30:90:33:3c:f8:81:80:f4:50:
2c:04:1f:48:b0:91:e1:7e:30:5c:6b:f0:ea:f9:b4:
b9:45:0f:88:2d:ab:dc:da:89:b4:60:1f:60:b9:d6:
b3:2e:be:24:88:69:45:c2:2f:83:3b:ae:ca:6b:2b:
7b:08:ba:6e:53:5e:a8:bd:a5:ad:e8:56:c0:4a:8d:
76:b3:ed:d7:46:bd:71:9c:0e:31:4b:50:1d:44:f4:
8e:e4:44:84:bf:98:21:db:fb:f3:32:a5:50:55:8e:
55:6d:08:c8:9c:02:ca:cd:f1:7e:9e:63:b5:03:13:
42:29:e3:76:fe:54:c6:16:0f:37:c3:1d:b4:4a:92:
f0:d4:4d:a3:5d:5c:3a:4e:ca:64:17:72:d8:9c:3b:
7e:6c:1d:c6:93:4f:b0:9d:f8:77:85:ed:41:92:41:
13:c7:30:08:de:f7:28:8e:09:cb:06:10:04:2a:9a:
32:5e:60:ca:38:b5:72:dc:7d:ad:48:df:31:e5:27:
c8:86:4b:f1:bb:9d:7c:f2:87:69:d8:a9:e4:73:b1:
bf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:33:97:07:0C:40:E0:7B:EF:60:31:EE:4B:50:6B:E8:27:12:69:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cc65de9d-dc78-4e7d-96ff-16c3294057be.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d1:7b:1c:9b:27:f8:42:00:ab:56:e7:a2:e1:96:76:a5:bc:a9:
43:b6:97:42:32:57:b6:a4:47:fe:10:59:57:c9:67:7a:47:6f:
74:2a:36:7f:c5:81:32:7f:c3:a2:22:4f:c9:7c:60:ba:be:59:
b4:78:84:a1:74:5f:fb:e2:16:1c:1a:74:1c:cf:4e:16:77:4f:
63:8d:b1:c0:bc:c0:ee:1c:92:5d:33:26:38:d8:41:3b:dd:e4:
36:c9:bd:b7:f5:43:3f:7c:0d:27:2a:f7:90:c8:23:f3:13:d1:
2f:ff:d7:4d:cf:39:23:17:49:ad:5d:c0:6f:73:f7:f3:b4:41:
6f:b6:37:d1:5f:82:c6:f3:33:7e:40:73:ac:1b:97:74:ac:29:
d3:78:b6:1e:55:b2:c3:df:fd:2f:f8:ca:fb:3f:af:ca:10:fb:
fb:2a:f7:c9:23:da:e4:b8:17:65:8f:2d:06:0e:18:20:0d:9a:
de:63:5a:72:59:81:81:55:3a:75:20:6b:a5:40:34:11:06:9f:
d9:b5:53:54:28:e2:0c:bc:53:c9:a5:c5:81:a7:9a:b8:42:69:
35:ab:96:37:55:f7:ab:48:82:e3:87:8e:f2:3b:fd:f1:44:10:
9f:0e:a7:ce:d0:36:d2:db:b0:8e:b7:fc:cf:8d:ea:0e:c6:b7:
ed:c2:b7:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEfMxiE2OEkDbpkJRotGwDQn/bIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ZWI5MDc4Yjk3YjVhZTg5ZWZmZDMyOWJhYjQ3NjBmNTQwYWZlZmZhY2Q3
OTdjM2VhMTlmNWNjMmJmMDU1ZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMT2mokfXPSKLdT5PMaG2lfswhISAUDvb4K8TyRtkSqFcmx71i44g3HvK4C3
A+gLCr37MJAzPPiBgPRQLAQfSLCR4X4wXGvw6vm0uUUPiC2r3NqJtGAfYLnWsy6+
JIhpRcIvgzuuymsrewi6blNeqL2lrehWwEqNdrPt10a9cZwOMUtQHUT0juREhL+Y
Idv78zKlUFWOVW0IyJwCys3xfp5jtQMTQinjdv5UxhYPN8MdtEqS8NRNo11cOk7K
ZBdy2Jw7fmwdxpNPsJ34d4XtQZJBE8cwCN73KI4JywYQBCqaMl5gyji1ctx9rUjf
MeUnyIZL8budfPKHadip5HOxv+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwM5cH
DEDge+9gMe5LUGvoJxJpVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2M2NWRlOWQtZGM3OC00ZTdkLTk2ZmYtMTZjMzI5NDA1N2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQDRexybJ/hCAKtW56LhlnalvKlDtpdCMle2pEf+EFlX
yWd6R290KjZ/xYEyf8OiIk/JfGC6vlm0eIShdF/74hYcGnQcz04Wd09jjbHAvMDu
HJJdMyY42EE73eQ2yb239UM/fA0nKveQyCPzE9Ev/9dNzzkjF0mtXcBvc/fztEFv
tjfRX4LG8zN+QHOsG5d0rCnTeLYeVbLD3/0v+Mr7P6/KEPv7KvfJI9rkuBdljy0G
DhggDZreY1pyWYGBVTp1IGulQDQRBp/ZtVNUKOIMvFPJpcWBp5q4Qmk1q5Y3Vfer
SILjh47yO/3xRBCfDqfO0DbS27COt/zPjeoOxrftwreZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:56 2025 by rpki-client