Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
File: 6bb38644-80df-4860-b82a-121044191ffa.roa (raw, json)
Hash identifier: CIEGE5egkbye+HTvBmW48W77wAp+JTtuKNmAvOL9btw=
Subject key identifier: 4B:85:F4:A5:76:46:5B:35:55:C5:41:63:E5:36:D7:59:68:C8:FC:80
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16E17C069CA1D4BB12117CF456A6AC33E63538A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e1:7c:06:9c:a1:d4:bb:12:11:7c:f4:56:a6:ac:33:e6:35:38:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:97:95:94:d3:ab:63:13:5b:d2:89:f3:4d:8f:
68:64:8c:80:08:f1:8d:c9:79:00:1b:a8:5d:2f:f2:
5d:22:00:f2:04:71:ef:be:44:a4:ce:8e:8c:e0:3a:
2c:ff:7d:f8:50:73:12:70:0e:9a:58:f3:95:bd:e8:
5b:f2:23:ea:12:74:a3:0c:64:90:91:07:67:81:98:
f0:82:70:29:4d:ab:84:85:d7:66:84:88:1c:d8:ff:
4a:e9:10:54:24:2f:3c:fe:fb:1f:e9:f9:2c:54:99:
a9:49:ad:1a:f4:fd:e0:37:d6:23:21:7c:68:a1:c6:
31:ba:00:16:02:0c:b9:7f:c1:45:2b:28:01:7b:af:
bd:3a:c0:31:a4:7e:80:f3:61:5a:e2:7f:26:5a:40:
a0:64:af:9d:f0:b2:29:56:46:88:02:da:8c:6c:10:
42:e1:c0:38:bf:07:d8:32:d8:40:54:31:50:c8:bf:
e5:88:21:a1:fc:37:d5:11:12:1d:60:c1:68:cf:54:
04:1c:9d:ce:dc:b8:5d:34:73:9b:70:f1:85:9d:11:
97:d9:53:c5:aa:61:d3:51:04:d5:3e:24:bd:e1:9b:
b9:de:e1:68:5c:07:b0:19:a2:58:b1:80:ed:2d:1b:
2d:29:e8:40:3c:8a:0b:cd:fb:3e:a9:5f:f8:de:9d:
cf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:85:F4:A5:76:46:5B:35:55:C5:41:63:E5:36:D7:59:68:C8:FC:80
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6bb38644-80df-4860-b82a-121044191ffa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:04:6a:a5:bd:ae:20:5e:05:16:fc:a8:2a:3f:5e:28:4a:14:
a0:30:5b:06:ea:79:67:62:95:5a:54:47:54:08:fb:46:00:f4:
e2:e7:6a:86:a7:3f:a3:47:22:e1:be:6a:98:bc:90:64:3e:da:
10:2d:9c:ba:5c:6a:f0:96:44:bd:de:89:bf:0b:dd:d5:b6:d0:
d9:04:b7:41:f5:c7:a6:6f:12:47:48:c8:5e:36:ee:a4:25:e8:
38:21:00:bd:5d:f3:96:21:81:85:05:77:24:8d:f7:b3:1f:a0:
f6:3f:08:0c:44:24:7d:95:de:a7:4a:04:88:da:79:98:f3:60:
a9:f4:92:43:cd:12:68:73:dd:11:00:8d:89:dd:ee:fe:0b:55:
64:3b:ff:46:6f:ba:eb:d1:1f:ed:37:1d:dd:7b:fc:91:5f:c4:
e4:c8:83:2a:89:19:a5:86:0b:a8:ea:31:c8:a9:70:08:91:df:
c9:86:bb:16:7a:56:cb:a7:93:2f:59:bd:fa:a4:a0:15:ad:98:
97:56:66:f1:3c:72:56:4a:a1:cd:a6:ed:81:05:2d:85:53:4f:
c0:a0:f7:c4:d4:8d:f3:d3:d1:54:6b:75:f3:63:8a:61:d3:2e:
e2:6e:70:cb:cd:fc:a8:b3:90:fd:86:3a:a7:3f:08:c3:b5:28:
92:5b:6a:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFuF8Bpyh1LsSEXz0VqasM+Y1OKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NmE1ZjhjYjQwZjMzNTIxYWEyMjRmZmMwZGFkMWNmZjc5YTliMDhlN2M5
NTI5YmFlYThlNzQ0MDkyOGZhMDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKXlZTTq2MTW9KJ802PaGSMgAjxjcl5ABuoXS/yXSIA8gRx775EpM6OjOA6
LP99+FBzEnAOmljzlb3oW/Ij6hJ0owxkkJEHZ4GY8IJwKU2rhIXXZoSIHNj/SukQ
VCQvPP77H+n5LFSZqUmtGvT94DfWIyF8aKHGMboAFgIMuX/BRSsoAXuvvTrAMaR+
gPNhWuJ/JlpAoGSvnfCyKVZGiALajGwQQuHAOL8H2DLYQFQxUMi/5Yghofw31RES
HWDBaM9UBBydzty4XTRzm3DxhZ0Rl9lTxaph01EE1T4kveGbud7haFwHsBmiWLGA
7S0bLSnoQDyKC837Pqlf+N6dz5UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLhfSl
dkZbNVXFQWPlNtdZaMj8gDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmJiMzg2NDQtODBkZi00ODYwLWI4MmEtMTIxMDQ0MTkxZmZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dog
MA0GCSqGSIb3DQEBCwUAA4IBAQC5BGqlva4gXgUW/KgqP14oShSgMFsG6nlnYpVa
VEdUCPtGAPTi52qGpz+jRyLhvmqYvJBkPtoQLZy6XGrwlkS93om/C93VttDZBLdB
9cembxJHSMheNu6kJeg4IQC9XfOWIYGFBXckjfezH6D2PwgMRCR9ld6nSgSI2nmY
82Cp9JJDzRJoc90RAI2J3e7+C1VkO/9Gb7rr0R/tNx3de/yRX8TkyIMqiRmlhguo
6jHIqXAIkd/JhrsWelbLp5MvWb36pKAVrZiXVmbxPHJWSqHNpu2BBS2FU0/AoPfE
1I3z09FUa3XzY4ph0y7ibnDLzfyos5D9hjqnPwjDtSiSW2rU
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:22 2025 by rpki-client