Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f870cd2-3211-4d48-b083-dc34ba1cf991.roa
File: 0f870cd2-3211-4d48-b083-dc34ba1cf991.roa (raw, json)
Hash identifier: iDuaIeCgL0iiGHBiBgPc6KV2HENP1TP0YmiIPuYSO28=
Subject key identifier: F8:BE:BB:74:26:F8:72:B9:BC:E1:D0:13:E4:11:AA:34:82:AA:5D:4B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50BC396FB46CA1F73DF7C7BA3BC5A38A57D90E98
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f870cd2-3211-4d48-b083-dc34ba1cf991.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01a::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:bc:39:6f:b4:6c:a1:f7:3d:f7:c7:ba:3b:c5:a3:8a:57:d9:0e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:d9:ec:96:de:b3:1f:11:a2:c4:3d:3a:fc:
52:13:5f:0e:68:18:af:71:3a:5e:a2:f2:17:4e:7a:
b6:b2:97:fb:47:e9:96:7b:a8:94:b6:c6:66:74:f2:
75:0e:c3:03:6b:f7:cb:39:45:77:3a:5d:10:b8:ef:
8b:a9:43:df:74:4e:4e:a8:0a:10:c0:b6:44:17:47:
cf:29:55:b0:24:ca:02:3d:5a:ff:60:f8:6b:79:2f:
c2:8e:58:53:dd:9b:f7:30:02:3b:96:0c:2a:2f:ae:
d0:36:71:fd:3a:2b:71:b7:60:e9:bd:1a:aa:98:ba:
4e:ff:80:9f:77:7a:9d:ba:51:a2:e4:84:dd:de:de:
c0:48:45:20:ab:49:52:e4:80:98:a4:75:f6:76:ef:
84:f1:37:a3:d2:22:d5:71:e4:63:35:fb:c1:44:5d:
eb:53:28:3c:e6:7a:15:5f:7a:b5:66:02:c7:f4:8d:
cd:48:89:87:53:91:a2:9f:32:56:ff:11:34:d0:d0:
d9:31:f6:ee:dc:81:ca:3b:b1:e7:b6:04:37:43:50:
3f:99:43:b9:c8:df:50:de:7c:7f:ab:99:d7:e7:e0:
89:94:9b:af:8d:be:16:95:a4:cd:d3:4f:05:89:8c:
14:da:70:8a:89:b1:be:6b:40:d6:54:e5:e4:05:53:
43:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BE:BB:74:26:F8:72:B9:BC:E1:D0:13:E4:11:AA:34:82:AA:5D:4B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f870cd2-3211-4d48-b083-dc34ba1cf991.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01a::/36
Signature Algorithm: sha256WithRSAEncryption
43:d3:24:ae:11:1e:d2:55:14:89:8d:bc:d0:e7:63:80:56:d1:
59:ff:14:f1:66:0b:ef:41:0c:4d:11:4d:ec:71:d9:ac:3f:b2:
49:7a:fc:b2:a0:22:2e:bd:cd:3a:a7:af:e8:3d:0b:8e:4c:6d:
58:20:e0:0d:22:f0:56:13:84:90:cf:5b:3c:8b:a9:ac:97:80:
f8:9f:60:22:6b:96:a8:73:3f:b5:2b:35:34:25:cb:54:8a:2d:
0f:89:0b:24:04:10:1b:11:fe:28:a6:8a:4f:b1:e0:e7:48:d2:
74:7b:ed:99:51:6b:52:5c:b4:51:d2:9e:7b:b0:a7:14:8b:64:
70:ab:79:0e:f2:25:5f:23:87:d5:af:06:90:e7:a2:d8:13:35:
b7:86:06:ac:80:dd:e7:c2:93:59:61:05:4d:18:f2:d0:6c:bf:
64:4e:a5:00:37:d7:c9:f3:75:c8:79:7f:3f:c3:b2:3c:37:b1:
72:08:30:21:d8:26:71:59:a8:e8:de:63:a2:79:2d:61:97:1b:
af:95:44:2f:3c:f3:71:9e:df:01:e4:c9:a9:b7:76:4a:d0:34:
94:de:0f:ce:16:49:f8:ac:6d:d3:21:ce:04:5c:09:27:a7:74:
2b:3d:a9:11:66:d0:f5:e0:c6:67:6a:8b:6b:db:e9:05:c9:73:
18:ea:d3:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUULw5b7Rsofc998e6O8WjilfZDpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2YzhjZmM2Mzk3NTAwZmJiMzYwNmMwOWNkNmRiMWYxMmI2OWZmNzkwMjBk
NGIzMDVmNzNlYWIzOWI1NjcwNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz22eyW3rMfEaLEPTr8UhNfDmgYr3E6XqLyF056trKX+0fplnuolLbGZnTy
dQ7DA2v3yzlFdzpdELjvi6lD33ROTqgKEMC2RBdHzylVsCTKAj1a/2D4a3kvwo5Y
U92b9zACO5YMKi+u0DZx/Torcbdg6b0aqpi6Tv+An3d6nbpRouSE3d7ewEhFIKtJ
UuSAmKR19nbvhPE3o9Ii1XHkYzX7wURd61MoPOZ6FV96tWYCx/SNzUiJh1ORop8y
Vv8RNNDQ2TH27tyByjux57YEN0NQP5lDucjfUN58f6uZ1+fgiZSbr42+FpWkzdNP
BYmMFNpwiomxvmtA1lTl5AVTQykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4vrt0
Jvhyubzh0BPkEao0gqpdSzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGY4NzBjZDItMzIxMS00ZDQ4LWIwODMtZGMzNGJhMWNmOTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BoA
MA0GCSqGSIb3DQEBCwUAA4IBAQBD0ySuER7SVRSJjbzQ52OAVtFZ/xTxZgvvQQxN
EU3scdmsP7JJevyyoCIuvc06p6/oPQuOTG1YIOANIvBWE4SQz1s8i6msl4D4n2Ai
a5aocz+1KzU0JctUii0PiQskBBAbEf4opopPseDnSNJ0e+2ZUWtSXLRR0p57sKcU
i2Rwq3kO8iVfI4fVrwaQ56LYEzW3hgasgN3nwpNZYQVNGPLQbL9kTqUAN9fJ83XI
eX8/w7I8N7FyCDAh2CZxWajo3mOieS1hlxuvlUQvPPNxnt8B5Mmpt3ZK0DSU3g/O
Fkn4rG3TIc4EXAknp3QrPakRZtD14MZnaotr2+kFyXMY6tOA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:21:27 2025 by rpki-client