Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6d580cc8-bbc1-409c-bd57-046c5b70250f.roa
File: 6d580cc8-bbc1-409c-bd57-046c5b70250f.roa (raw, json)
Hash identifier: oBXJ1gDSRnTOmzCOHwjIB3qer+lrvwC8XyeHCdnU/fw=
Subject key identifier: D1:C4:19:B6:F8:AA:FF:DD:1C:62:C6:B3:C7:76:70:27:A9:E5:32:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52B611951536430C8287322B03B4A647AC69F210
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6d580cc8-bbc1-409c-bd57-046c5b70250f.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 46.51.208.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:b6:11:95:15:36:43:0c:82:87:32:2b:03:b4:a6:47:ac:69:f2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4c:a6:d6:01:65:16:c9:4a:85:a0:9f:83:bc:
a2:58:92:1b:ed:27:04:9a:4a:dc:de:18:4e:4d:ad:
03:71:6f:c4:f5:dd:d8:6a:a0:37:5e:93:a5:a7:93:
e3:e1:7a:36:4b:04:2f:d0:de:0b:c2:5c:79:32:b0:
96:00:16:ca:da:54:f7:f3:2a:59:da:e2:fb:09:26:
11:a7:4c:c3:f9:5f:8e:ee:a2:d9:11:6a:6c:d8:08:
c2:e8:3c:41:74:07:8a:a3:4f:33:7b:9b:21:b4:80:
0c:f4:43:e7:52:aa:ba:df:9f:8f:8e:6b:b2:07:9c:
91:a6:ea:a8:17:85:9e:d7:31:69:30:a1:4b:b5:2e:
2d:6d:c8:5d:1d:e1:9d:aa:d0:01:12:32:5b:65:82:
db:6f:4e:d1:f0:16:9f:f1:4d:cb:67:74:29:4b:c7:
86:3d:6b:00:d9:40:9b:07:32:b8:e0:34:c4:13:a6:
32:f5:36:e0:73:e2:b6:f3:de:03:31:3e:ef:0f:b4:
fa:9e:11:69:53:90:ca:09:26:62:ba:35:29:20:48:
12:13:f9:0e:28:18:4f:8f:eb:c4:d2:f9:4f:20:f5:
f5:b8:00:45:6d:e5:8a:ad:ea:e9:ad:3c:9b:9e:a5:
e2:69:6d:bc:45:fc:e4:b1:c7:ec:61:9c:3d:32:0c:
ef:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C4:19:B6:F8:AA:FF:DD:1C:62:C6:B3:C7:76:70:27:A9:E5:32:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6d580cc8-bbc1-409c-bd57-046c5b70250f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.208.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:08:33:8f:74:71:18:61:b9:6e:bd:e8:eb:4a:f1:0d:35:f9:
7f:43:ba:de:25:6c:7c:a0:fb:d6:de:56:59:ab:0f:41:bb:ad:
e2:48:cf:8a:b7:8c:55:30:d5:48:8e:ee:cb:ce:b1:72:a9:f1:
5d:80:ec:04:d1:2c:ad:24:f4:3d:76:3d:68:70:b9:67:47:35:
3c:50:bc:47:84:c9:a4:9b:59:45:48:26:5a:bf:96:30:a7:74:
3d:59:49:a0:14:f2:7a:be:6d:17:58:96:e7:5a:69:2c:56:46:
03:84:c3:d1:1a:07:e1:6d:a4:09:d6:cd:b0:dd:c0:16:76:c3:
75:d7:34:af:34:02:89:34:3a:9a:01:57:9e:c6:8d:df:70:10:
e2:5c:54:3f:49:39:23:90:c7:77:14:ab:dd:3a:d8:c7:79:6b:
a9:7c:aa:bf:0f:a3:09:f3:50:f0:17:40:76:98:b7:74:ac:1c:
34:6f:d5:48:61:91:98:e5:6d:41:69:44:54:1f:76:9c:a2:7d:
15:f3:34:d2:4e:7f:96:f6:83:96:0a:5c:fc:6f:3c:3f:a8:53:
9b:7c:45:de:e6:59:e3:6e:42:85:94:47:a5:24:85:b0:3e:34:
51:94:99:98:cc:e9:8c:8e:d7:20:26:51:30:4d:94:91:24:cd:
4a:5a:ca:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUrYRlRU2QwyChzIrA7SmR6xp8hAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTAwMDAwMDBaFw0yNTAxMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMjY1ODI0MTNjNTA5ZWJmZTIxNjZkYThkZDhkZDI0Yjc3NzRkYjdhYjA5
NDc5NGNmMDVjMWNiMTBlMDgwNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJMptYBZRbJSoWgn4O8oliSG+0nBJpK3N4YTk2tA3FvxPXd2GqgN16TpaeT
4+F6NksEL9DeC8JceTKwlgAWytpU9/MqWdri+wkmEadMw/lfju6i2RFqbNgIwug8
QXQHiqNPM3ubIbSADPRD51Kqut+fj45rsgeckabqqBeFntcxaTChS7UuLW3IXR3h
narQARIyW2WC229O0fAWn/FNy2d0KUvHhj1rANlAmwcyuOA0xBOmMvU24HPitvPe
AzE+7w+0+p4RaVOQygkmYro1KSBIEhP5DigYT4/rxNL5TyD19bgARW3liq3q6a08
m56l4mltvEX85LHH7GGcPTIM72cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTRxBm2
+Kr/3RxixrPHdnAnqeUypTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmQ1ODBjYzgtYmJjMS00MDljLWJkNTctMDQ2YzViNzAyNTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi4z0DAN
BgkqhkiG9w0BAQsFAAOCAQEAPwgzj3RxGGG5br3o60rxDTX5f0O63iVsfKD71t5W
WasPQbut4kjPireMVTDVSI7uy86xcqnxXYDsBNEsrST0PXY9aHC5Z0c1PFC8R4TJ
pJtZRUgmWr+WMKd0PVlJoBTyer5tF1iW51ppLFZGA4TD0RoH4W2kCdbNsN3AFnbD
ddc0rzQCiTQ6mgFXnsaN33AQ4lxUP0k5I5DHdxSr3TrYx3lrqXyqvw+jCfNQ8BdA
dpi3dKwcNG/VSGGRmOVtQWlEVB92nKJ9FfM00k5/lvaDlgpc/G88P6hTm3xF3uZZ
425ChZRHpSSFsD40UZSZmMzpjI7XICZRME2UkSTNSlrKag==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:09 2025 by rpki-client