Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
File: 527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa (raw, json)
Hash identifier: zVmTXgdCZodANOX2TpOytMtAgcggaN8wKjuuwuwqjJU=
Subject key identifier: 49:E6:08:1B:32:10:C2:BB:35:E1:73:5F:7C:87:15:4B:33:07:22:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DC86655CFD9E3B8454543291DCF3B6F7F8ABAA6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:c8:66:55:cf:d9:e3:b8:45:45:43:29:1d:cf:3b:6f:7f:8a:ba:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a0:23:3e:90:be:d7:22:5c:f3:43:7b:0d:53:
68:c2:6e:6e:8c:29:3e:9d:86:9b:d7:4f:23:ae:da:
81:62:20:cd:df:8e:6c:ea:38:e9:2b:02:71:d8:4b:
af:19:5f:ee:56:f1:db:ed:87:8e:e5:2c:5e:19:1a:
5a:b9:00:60:56:b4:ac:16:a9:8f:a1:5b:9c:fe:e0:
8a:c5:8f:45:61:83:fc:90:90:69:b1:bb:34:78:ff:
64:f6:86:0b:e3:3e:72:27:0a:95:fa:49:cb:b1:81:
e1:77:4e:59:44:a4:32:ab:ec:ba:17:16:72:8c:20:
9d:de:54:56:6e:22:a0:42:36:04:99:57:cd:a3:e4:
7b:98:66:95:71:9c:31:d4:cf:a3:ce:f2:10:1d:88:
84:4b:6a:ea:b7:d4:e3:a9:58:af:fa:0d:6c:f5:1a:
c7:77:5f:a2:84:c4:67:5b:0b:7e:57:41:c3:b4:54:
5b:9d:ba:a3:23:5d:83:bc:c1:9e:d9:c3:a3:db:e1:
0b:1a:03:d4:d6:30:86:86:3a:c9:88:c7:89:21:f4:
bf:25:03:7d:e2:1e:a9:da:95:d0:88:68:40:01:8d:
e1:eb:58:63:cf:f8:4f:d9:6a:60:6e:ed:8a:23:11:
af:60:c3:0c:72:3a:87:ef:17:00:2d:a1:99:a6:1d:
aa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E6:08:1B:32:10:C2:BB:35:E1:73:5F:7C:87:15:4B:33:07:22:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/527a47ab-8fe5-4e4c-8e65-4a3536b33dfd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/19
Signature Algorithm: sha256WithRSAEncryption
41:64:d7:23:7e:31:31:e5:f5:13:26:f8:4e:e8:9e:8e:fa:68:
1b:67:45:5b:07:59:5b:67:a7:71:54:f2:fd:41:df:5c:48:c0:
38:f8:cd:de:92:51:5e:81:7d:c2:cc:d3:2f:37:3d:72:af:30:
0d:8b:c3:a2:35:61:11:94:1b:06:4b:29:2d:f0:48:ff:f4:69:
f3:2d:14:6a:f7:38:1a:25:42:eb:42:ba:25:b7:92:93:b1:20:
e7:74:56:de:28:2c:d7:68:5d:7f:3c:23:5a:55:cd:86:4e:20:
3f:49:ce:a6:2f:b3:4e:68:b9:00:65:33:93:1e:70:9f:7b:1a:
6a:c3:ec:67:ab:25:a9:26:ae:13:88:d6:ce:2b:07:62:4f:8f:
ae:10:37:e7:47:8e:da:63:2c:d5:17:d0:89:4f:d7:49:05:58:
66:42:ac:bc:8b:bd:14:49:ec:3a:74:90:7e:18:13:3d:19:3e:
98:1a:4e:61:79:9c:31:fb:2d:c0:c1:b4:b8:0d:54:1f:37:a4:
57:b2:08:02:bb:80:71:96:13:07:e8:71:03:94:34:ad:37:62:
c6:de:71:28:90:99:ad:f4:4a:2c:c2:e4:27:e4:a8:1b:0f:bc:
4e:4e:01:fe:64:8c:e7:8a:44:dd:e3:d0:60:24:90:38:29:66:
ea:45:c9:d8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbchmVc/Z47hFRUMpHc87b3+KuqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTAwMDAwMDBaFw0yNTAxMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MzZhZTlhNjdkZDJlNTYzOTNlN2FiYjg3NTNiZTY1MzMxZDM3Y2RmZDkw
ZmI5MmJkMWVmOTZjZmRjYTVmMzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOigIz6QvtciXPNDew1TaMJubowpPp2Gm9dPI67agWIgzd+ObOo46SsCcdhL
rxlf7lbx2+2HjuUsXhkaWrkAYFa0rBapj6FbnP7gisWPRWGD/JCQabG7NHj/ZPaG
C+M+cicKlfpJy7GB4XdOWUSkMqvsuhcWcowgnd5UVm4ioEI2BJlXzaPke5hmlXGc
MdTPo87yEB2IhEtq6rfU46lYr/oNbPUax3dfooTEZ1sLfldBw7RUW526oyNdg7zB
ntnDo9vhCxoD1NYwhoY6yYjHiSH0vyUDfeIeqdqV0IhoQAGN4etYY8/4T9lqYG7t
iiMRr2DDDHI6h+8XAC2hmaYdqv8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJ5ggb
MhDCuzXhc198hxVLMwcikzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI3YTQ3YWItOGZlNS00ZTRjLThlNjUtNGEzNTM2YjMzZGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAiADAN
BgkqhkiG9w0BAQsFAAOCAQEAQWTXI34xMeX1Eyb4TuiejvpoG2dFWwdZW2encVTy
/UHfXEjAOPjN3pJRXoF9wszTLzc9cq8wDYvDojVhEZQbBkspLfBI//Rp8y0Uavc4
GiVC60K6JbeSk7Eg53RW3igs12hdfzwjWlXNhk4gP0nOpi+zTmi5AGUzkx5wn3sa
asPsZ6slqSauE4jWzisHYk+PrhA350eO2mMs1RfQiU/XSQVYZkKsvIu9FEnsOnSQ
fhgTPRk+mBpOYXmcMfstwMG0uA1UHzekV7IIAruAcZYTB+hxA5Q0rTdixt5xKJCZ
rfRKLMLkJ+SoGw+8Tk4B/mSM54pE3ePQYCSQOClm6kXJ2A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:06 2025 by rpki-client