Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa
File: d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa (raw, json)
Hash identifier: LsR5dFZ2j4B5W5TDKeijle5pErtvW97rcHb60GAry68=
Subject key identifier: AA:4C:4B:86:AF:63:06:51:F0:B7:85:74:8E:D9:61:4C:1B:1B:A0:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 018AB9B4BC4554D1B0A5B71519EDCA3DD482139D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:b4:bc:45:54:d1:b0:a5:b7:15:19:ed:ca:3d:d4:82:13:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:5f:2b:0c:f1:7c:3f:d3:fb:00:33:76:3d:
3b:28:bd:f7:5a:f1:fb:10:82:1f:07:b9:16:a7:d5:
d5:80:45:de:a2:db:47:5b:99:98:c9:87:da:40:bd:
48:bb:7b:18:66:f1:db:74:8a:a0:e4:e3:82:14:8e:
d1:d8:fe:77:fb:f2:c2:ef:7d:bc:42:fc:cf:ab:e1:
70:e4:79:8f:57:33:8c:d2:44:c8:f4:44:97:b0:2b:
24:1d:ee:56:4b:59:46:3d:b0:b6:6f:1b:0f:cd:25:
ab:c4:2e:94:ec:ef:e2:35:3a:b0:59:97:f2:ef:2d:
5a:de:a7:b3:63:bb:8b:35:6e:58:21:de:fd:9a:ef:
f1:78:57:0b:b7:38:e6:35:39:55:5a:eb:c0:5a:8c:
1b:0b:e2:e6:19:34:c8:62:92:b3:4e:bc:a6:3b:a0:
bd:c9:8c:2e:d9:0d:68:0e:c9:26:6a:e7:b9:0c:f7:
30:63:d0:c4:a4:da:ca:60:e9:0c:ca:db:81:e7:a2:
b7:ef:b4:4e:3d:89:29:a6:5b:57:8f:6a:9a:39:6e:
e5:bb:2b:2f:34:2e:f7:78:34:08:51:77:ab:6e:cb:
19:fb:f6:02:eb:eb:3c:b0:65:13:9d:d2:f2:d8:28:
21:2b:30:49:a8:cf:92:69:6e:f0:09:24:f2:2e:a4:
cf:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4C:4B:86:AF:63:06:51:F0:B7:85:74:8E:D9:61:4C:1B:1B:A0:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
aa:58:f4:96:7c:b7:c2:67:fa:18:6e:c6:bb:24:e8:5d:c5:2d:
9f:2a:48:03:92:4a:03:cf:73:5c:f7:8e:48:9d:2e:bd:09:85:
4f:14:db:d2:87:4f:44:05:d7:63:b1:11:56:78:9c:cb:4f:64:
da:35:54:6d:6c:b4:c2:63:98:60:ad:ff:fc:03:66:3f:64:56:
a8:1d:6a:b7:0d:51:04:91:fa:32:59:80:cc:67:c8:01:59:dc:
bf:0f:d2:2e:d3:6b:bb:46:cc:70:53:d7:ad:dd:62:54:97:8e:
6a:ea:2e:b5:50:4e:f1:b3:cf:b4:52:f2:51:f6:6a:24:c3:c4:
66:32:22:b0:ac:a5:af:84:fd:a6:0b:cf:48:27:48:b8:0e:01:
ac:62:b8:9b:5b:30:1f:23:c2:83:da:3a:b6:00:bb:e8:a2:18:
78:e4:de:95:84:bb:32:c6:9d:21:57:78:36:00:4b:f1:89:0f:
29:80:e2:3e:d4:8d:8b:0f:07:75:e1:6b:69:9b:63:7f:12:ac:
17:5a:28:66:f0:f0:6e:4e:5e:4e:b7:8e:75:8f:e0:d1:a8:62:
92:c4:ad:a0:26:22:f6:d2:bc:2b:62:13:4d:b3:3a:70:d5:68:
36:73:44:be:7d:de:d1:ea:04:09:3a:7e:e9:ed:1c:c0:f4:c1:
29:61:a7:40
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAYq5tLxFVNGwpbcVGe3KPdSCE50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxYTBkMTljYWNiODJmMWJkN2IwMDA4MDdkZjA4ZTFiMDExODc1OTEwZGEx
MTdmZmM0MjcxMDAxNmNhMDE3NTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOMXysM8Xw/0/sAM3Y9Oyi991rx+xCCHwe5FqfV1YBF3qLbR1uZmMmH2kC9
SLt7GGbx23SKoOTjghSO0dj+d/vywu99vEL8z6vhcOR5j1czjNJEyPREl7ArJB3u
VktZRj2wtm8bD80lq8QulOzv4jU6sFmX8u8tWt6ns2O7izVuWCHe/Zrv8XhXC7c4
5jU5VVrrwFqMGwvi5hk0yGKSs068pjugvcmMLtkNaA7JJmrnuQz3MGPQxKTaymDp
DMrbgeeit++0Tj2JKaZbV49qmjlu5bsrLzQu93g0CFF3q27LGfv2AuvrPLBlE53S
8tgoISswSajPkmlu8Akk8i6kz4MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSqTEuG
r2MGUfC3hXSO2WFMGxugEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI4ZjFmZTAtYTU0Ni00YmM0LWI0ODctMzhkZmVkYzBjNjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAqlj0lny3wmf6GG7GuyToXcUtnypIA5JKA89zXPeO
SJ0uvQmFTxTb0odPRAXXY7ERVnicy09k2jVUbWy0wmOYYK3//ANmP2RWqB1qtw1R
BJH6MlmAzGfIAVncvw/SLtNru0bMcFPXrd1iVJeOauoutVBO8bPPtFLyUfZqJMPE
ZjIisKylr4T9pgvPSCdIuA4BrGK4m1swHyPCg9o6tgC76KIYeOTelYS7MsadIVd4
NgBL8YkPKYDiPtSNiw8HdeFraZtjfxKsF1ooZvDwbk5eTreOdY/g0ahiksStoCYi
9tK8K2ITTbM6cNVoNnNEvn3e0eoECTp+6e0cwPTBKWGnQA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:39:53 2025 by rpki-client