Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
File: 65e74b89-5008-4b73-92b0-311e73580735.roa (raw, json)
Hash identifier: tUIzjFOIdyTV7DLFifLYqxZ9X1Xaz4sDxvlW3AK+USE=
Subject key identifier: 76:3F:20:44:66:24:92:DE:1B:E4:35:CD:F7:1E:13:47:21:1A:E5:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A915317BF4893B917D778BE64CAC22CC039B228
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:91:53:17:bf:48:93:b9:17:d7:78:be:64:ca:c2:2c:c0:39:b2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:76:a7:8f:50:27:4f:58:ef:80:51:f7:dc:
5e:1a:b0:b5:bd:be:2f:50:3d:4e:5b:dd:f2:27:7a:
f6:39:49:80:9e:02:ba:46:a7:09:c0:0e:92:b8:43:
9b:5a:c6:de:f3:12:b2:00:de:49:b1:be:28:2d:81:
e3:73:d0:4b:80:b9:5b:1a:e4:01:70:5f:44:6e:a7:
99:9b:4f:ca:37:e1:7d:50:c7:5e:15:73:e3:5c:7f:
36:80:bc:65:98:e8:98:02:14:65:28:97:55:79:11:
a0:c5:45:d0:f0:54:b9:0a:9e:e9:2d:28:e1:92:de:
0d:72:1b:f9:66:d5:73:81:fc:59:13:14:4f:f4:17:
34:d8:e1:9b:16:14:50:3f:f1:41:20:4a:0a:da:9a:
a4:ff:3e:3e:1b:95:1b:4d:55:31:f3:b6:2b:18:05:
70:33:4a:ca:33:5e:4a:48:45:ee:63:c4:ab:c0:ab:
16:89:ef:42:b5:42:6c:84:68:84:7e:e9:72:1b:46:
91:3f:5d:aa:ae:69:fa:08:70:a9:20:4c:1e:59:e8:
a1:57:04:83:64:9f:15:69:cc:96:08:06:2c:a5:31:
c8:e5:09:09:01:ff:9c:46:c6:04:09:17:d8:53:d0:
9c:1a:16:55:43:de:a1:44:bc:4b:c8:02:65:85:79:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3F:20:44:66:24:92:DE:1B:E4:35:CD:F7:1E:13:47:21:1A:E5:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e74b89-5008-4b73-92b0-311e73580735.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:9000::/40
Signature Algorithm: sha256WithRSAEncryption
52:16:5e:17:97:82:38:17:64:76:e3:bf:24:7c:ae:01:19:b6:
d5:f9:93:9a:d0:37:f5:dc:66:1d:90:0b:55:c3:66:26:94:68:
08:1d:92:6f:70:1b:2a:87:21:69:44:3f:34:57:06:65:af:6a:
b6:5b:88:5d:1f:50:bb:2e:da:c4:ac:3a:60:dc:42:e3:e0:2d:
34:94:d7:28:fe:db:1c:af:d1:8f:f0:f0:16:57:ac:b1:a9:c9:
e1:fd:52:6b:b4:55:92:dd:fe:88:a5:14:f0:5f:e1:d1:a7:cc:
c6:25:e5:3a:34:74:f2:19:7f:1e:bc:ed:cf:7a:e9:59:87:c2:
d5:28:70:de:5c:c7:98:c0:73:b8:78:e3:be:b4:55:ea:41:02:
7a:e6:e5:82:b4:c8:36:f6:8d:15:8a:7f:47:55:43:90:6b:37:
3e:71:99:a2:09:e4:e3:b6:5e:0f:e4:64:df:57:c7:b7:69:a7:
aa:d0:a4:49:14:1c:68:cc:64:21:e6:fd:7c:a8:b1:da:1b:b3:
b7:34:dc:af:9f:7a:84:06:90:6d:10:a3:64:f8:bf:a8:3d:18:
9a:23:fe:ec:4e:cd:f1:04:2e:53:89:29:17:e2:4a:26:b6:f5:
6b:f2:eb:37:50:8e:82:55:a6:ac:73:69:f6:0a:e3:ef:2c:a3:
0b:5d:4d:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCpFTF79Ik7kX13i+ZMrCLMA5sigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNDNmNThlYjQ3ODY4ZDE1MTNlYWJjMTYzZDM2ODRiOWY3OGUxNzRkYWM0
MTE5OWM3NzYwMjhmODJiOGRkY2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOAdqePUCdPWO+AUffcXhqwtb2+L1A9Tlvd8id69jlJgJ4CukanCcAOkrhD
m1rG3vMSsgDeSbG+KC2B43PQS4C5WxrkAXBfRG6nmZtPyjfhfVDHXhVz41x/NoC8
ZZjomAIUZSiXVXkRoMVF0PBUuQqe6S0o4ZLeDXIb+WbVc4H8WRMUT/QXNNjhmxYU
UD/xQSBKCtqapP8+PhuVG01VMfO2KxgFcDNKyjNeSkhF7mPEq8CrFonvQrVCbIRo
hH7pchtGkT9dqq5p+ghwqSBMHlnooVcEg2SfFWnMlggGLKUxyOUJCQH/nEbGBAkX
2FPQnBoWVUPeoUS8S8gCZYV5LK0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR2PyBE
ZiSS3hvkNc33HhNHIRrlJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVlNzRiODktNTAwOC00YjczLTkyYjAtMzExZTczNTgwNzM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBSFl4Xl4I4F2R2478kfK4BGbbV+ZOa0Df13GYd
kAtVw2YmlGgIHZJvcBsqhyFpRD80VwZlr2q2W4hdH1C7LtrErDpg3ELj4C00lNco
/tscr9GP8PAWV6yxqcnh/VJrtFWS3f6IpRTwX+HRp8zGJeU6NHTyGX8evO3PeulZ
h8LVKHDeXMeYwHO4eOO+tFXqQQJ65uWCtMg29o0Vin9HVUOQazc+cZmiCeTjtl4P
5GTfV8e3aaeq0KRJFBxozGQh5v18qLHaG7O3NNyvn3qEBpBtEKNk+L+oPRiaI/7s
Ts3xBC5TiSkX4komtvVr8us3UI6CVaasc2n2CuPvLKMLXU18
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:25 2025 by rpki-client