Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7172771d-3e78-4e00-a2fb-7e6e17da5fed.roa
File: 7172771d-3e78-4e00-a2fb-7e6e17da5fed.roa (raw, json)
Hash identifier: hvX9GrizH91vhP2Ag9C6pXW736V3oGKlepZvjaDgfYQ=
Subject key identifier: DE:34:0B:A8:F5:E4:24:03:F7:35:E3:24:79:AD:BF:54:11:B8:9E:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 116980D13DF95989D82F8FD01296F026DA27A3C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7172771d-3e78-4e00-a2fb-7e6e17da5fed.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:69:80:d1:3d:f9:59:89:d8:2f:8f:d0:12:96:f0:26:da:27:a3:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6c:04:5d:6d:1f:6e:30:e5:c9:7e:5c:f0:59:
c6:59:1f:a6:8b:0f:30:01:45:64:86:60:64:26:8e:
6a:00:82:24:e8:da:b3:a0:b1:28:56:fd:5f:93:27:
10:a1:f5:d6:cd:6f:19:1c:e3:f9:d4:57:94:a7:83:
c5:c6:28:99:97:aa:fe:cc:67:e9:0f:39:08:94:dd:
45:f0:d8:7b:12:4c:ea:6f:19:de:f2:8f:99:16:83:
76:6a:26:43:66:94:d6:a1:3a:36:f2:5f:c4:5b:17:
a0:d7:87:92:47:60:e7:dd:cf:0c:43:93:f9:c0:5b:
3c:9c:df:f2:2b:7a:e5:3f:a0:eb:64:82:82:3d:11:
89:66:51:56:ae:83:5d:a5:26:9f:c6:f0:6d:26:41:
46:e7:cf:8d:25:02:fd:b7:56:c4:66:e1:9a:f7:2f:
0e:8a:ef:68:68:62:d5:0e:0e:a1:ea:65:21:b0:e6:
b2:96:ad:fb:cf:cc:30:87:e5:e7:c0:76:04:60:c0:
97:59:ab:1a:f4:82:5d:64:7d:40:53:6c:82:27:12:
2b:12:70:4d:1b:de:b4:cd:b6:c8:d2:ac:21:0a:e6:
52:3f:50:8a:77:a4:b6:94:79:53:f1:76:27:4b:fa:
fb:7f:e0:41:64:ca:f2:07:59:fc:86:3d:5e:e7:9e:
79:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:34:0B:A8:F5:E4:24:03:F7:35:E3:24:79:AD:BF:54:11:B8:9E:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7172771d-3e78-4e00-a2fb-7e6e17da5fed.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:b000::/40
Signature Algorithm: sha256WithRSAEncryption
28:e6:bb:9d:a1:8e:4e:49:fd:ae:7e:c5:a4:30:4d:50:de:12:
87:d1:f9:bf:62:5b:3b:42:1e:4c:de:75:77:cb:a6:86:91:53:
16:e8:75:58:d8:43:d0:1a:77:8e:2b:1a:2d:77:4e:dc:d6:4d:
26:20:15:9f:05:f4:8a:f9:33:cd:ba:e3:3e:2e:39:f1:f7:dc:
12:91:99:10:1c:4b:0c:25:1a:3e:dd:ea:c7:ab:57:cb:bc:ef:
ba:ae:e9:cc:24:31:8a:5b:89:91:25:f3:7e:b3:00:8d:46:37:
5b:5a:ea:a9:f0:9a:a2:42:22:17:05:03:d1:33:fa:40:a9:a0:
f3:38:f5:dc:fd:46:88:3a:7a:59:dd:24:de:b7:33:6d:0e:c0:
94:26:97:d1:32:40:2f:d7:51:46:38:d0:fe:26:2d:4b:0b:83:
cd:6f:89:80:70:94:46:91:09:59:75:b3:f4:d5:19:0d:23:e8:
c7:df:b3:ac:bd:12:ef:45:d0:55:25:f3:33:94:3a:4f:84:80:
06:66:ee:e1:0f:b6:63:d2:88:60:64:b9:87:9a:ac:30:7f:7d:
d4:2d:b4:56:48:b7:12:eb:d2:4b:0d:06:be:fd:82:fb:c2:b1:
e9:40:e7:95:da:56:81:6a:3b:6d:8d:3e:99:48:a7:c5:75:5d:
4b:d0:64:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEWmA0T35WYnYL4/QEpbwJtono8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlZjkyZjU2MzAzYjZjYTFiNWFjM2YyNjNlZjJkY2M4N2JiNWRmZGFhMmY1
NjhmMjU1ZGNiNjE0ZjMzYTlmNmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZsBF1tH24w5cl+XPBZxlkfposPMAFFZIZgZCaOagCCJOjas6CxKFb9X5Mn
EKH11s1vGRzj+dRXlKeDxcYomZeq/sxn6Q85CJTdRfDYexJM6m8Z3vKPmRaDdmom
Q2aU1qE6NvJfxFsXoNeHkkdg593PDEOT+cBbPJzf8it65T+g62SCgj0RiWZRVq6D
XaUmn8bwbSZBRufPjSUC/bdWxGbhmvcvDorvaGhi1Q4OoeplIbDmspat+8/MMIfl
58B2BGDAl1mrGvSCXWR9QFNsgicSKxJwTRvetM22yNKsIQrmUj9QinektpR5U/F2
J0v6+3/gQWTK8gdZ/IY9XueeedcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTeNAuo
9eQkA/c14yR5rb9UEbieCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzE3Mjc3MWQtM2U3OC00ZTAwLWEyZmItN2U2ZTE3ZGE1ZmVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HCw
MA0GCSqGSIb3DQEBCwUAA4IBAQAo5rudoY5OSf2ufsWkME1Q3hKH0fm/Yls7Qh5M
3nV3y6aGkVMW6HVY2EPQGneOKxotd07c1k0mIBWfBfSK+TPNuuM+Ljnx99wSkZkQ
HEsMJRo+3erHq1fLvO+6runMJDGKW4mRJfN+swCNRjdbWuqp8JqiQiIXBQPRM/pA
qaDzOPXc/UaIOnpZ3STetzNtDsCUJpfRMkAv11FGOND+Ji1LC4PNb4mAcJRGkQlZ
dbP01RkNI+jH37OsvRLvRdBVJfMzlDpPhIAGZu7hD7Zj0ohgZLmHmqwwf33ULbRW
SLcS69JLDQa+/YL7wrHpQOeV2laBajttjT6ZSKfFdV1L0GT6
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:43 2025 by rpki-client