Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5250031-50c8-41eb-902a-008df475b518.roa
File: b5250031-50c8-41eb-902a-008df475b518.roa (raw, json)
Hash identifier: hikPHi3RfD1Lb3gqS0W1Fr4bC18J59HTNX99RG1QmbM=
Subject key identifier: 46:99:08:A7:87:AC:50:FD:8D:BA:14:6F:DD:E0:91:22:F9:0F:46:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 64D78A8B29CF5C300792B8F22D2BFBBFA660177B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5250031-50c8-41eb-902a-008df475b518.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:d7:8a:8b:29:cf:5c:30:07:92:b8:f2:2d:2b:fb:bf:a6:60:17:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:aa:73:ad:ef:82:24:2f:e4:7e:d2:7f:b8:81:
15:79:9f:66:00:40:70:c4:d8:2e:33:fe:9c:53:d6:
8f:9f:90:41:fa:f3:80:de:6e:7e:e1:5a:41:c2:6a:
c6:71:74:8b:dd:5a:c0:00:30:62:50:fc:e9:8f:08:
cf:1a:c8:1f:56:f0:9d:38:ae:fe:aa:29:7a:0e:63:
81:35:3d:fb:23:c9:ca:a9:72:41:a4:62:a2:ff:3b:
45:a5:6d:39:1a:c4:08:44:9a:64:88:8b:aa:9b:2e:
59:11:32:1a:00:9a:e5:79:fe:45:6f:34:1b:3f:6b:
6b:8d:9c:23:e7:f5:d6:2d:2a:17:b6:ad:82:0f:1f:
ef:88:98:91:b7:91:a8:f1:64:7d:11:27:a9:49:54:
2d:ec:b7:1b:9a:2e:6f:de:01:e1:28:11:9b:2e:90:
6b:ae:40:bf:34:ce:e5:6b:51:fa:17:4e:15:2e:7b:
22:20:6a:79:fd:6b:ba:12:eb:6e:ad:45:88:e6:8f:
2e:d7:53:9b:62:31:9f:f5:34:10:35:4d:ed:a9:86:
83:06:ab:4b:7e:9c:77:01:bf:11:e9:f5:cd:5e:52:
b2:41:b8:86:20:9c:06:7d:e9:d9:ce:1e:67:f5:0b:
ef:2c:6a:0f:08:5e:de:d0:d1:ab:4d:fb:a4:48:c6:
b5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:99:08:A7:87:AC:50:FD:8D:BA:14:6F:DD:E0:91:22:F9:0F:46:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5250031-50c8-41eb-902a-008df475b518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:47:b6:f2:da:1c:46:70:23:9e:d8:5b:32:71:d7:57:ea:e5:
ee:ba:2c:21:a5:f4:4d:c2:df:27:75:98:44:20:fb:1b:8a:b3:
22:f2:ab:eb:59:97:6d:54:4d:df:3f:1f:1e:89:29:ef:a4:ef:
87:17:11:68:33:fb:c5:ac:b4:a7:d0:ea:48:c3:09:f1:4f:39:
b1:2f:6f:1f:75:3a:ad:5f:a4:f2:59:16:6d:e2:0b:1f:91:79:
cb:54:b4:39:dc:4a:ce:32:a9:b3:f2:c8:38:58:c5:14:de:62:
9e:2d:4c:ff:c6:c5:3b:7d:3c:75:95:8a:61:aa:d7:e1:5c:c9:
95:28:3b:21:3b:f1:0d:4b:6c:7d:72:7a:31:ab:93:70:7b:cc:
0e:5c:49:74:ed:5a:06:f3:07:f4:9a:f5:9c:9b:02:80:a2:b4:
0e:4c:3f:5e:55:e5:f2:52:20:71:bd:a6:0c:ea:49:f7:90:f7:
d4:f8:68:92:0c:94:b7:0b:1f:dc:e0:83:2a:bd:4a:07:ff:c5:
9e:c0:40:bd:1a:52:2f:03:72:07:22:21:b8:f2:27:7f:a5:67:
64:ce:c4:50:8c:3e:c6:10:00:c3:c7:ad:fa:3a:e1:81:5c:0a:
08:5d:54:67:be:19:74:10:30:91:d5:e6:31:9e:86:87:f9:0a:
3a:db:e6:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZNeKiynPXDAHkrjyLSv7v6ZgF3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjODIxNzJmZmFjMzUwZTBlMDkwMzlkMmFhOTU1MzA0NTk4ZWJjNTVmNjA4
NmNjNTQ4NWUxM2FlOGFkZWEyZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCqc63vgiQv5H7Sf7iBFXmfZgBAcMTYLjP+nFPWj5+QQfrzgN5ufuFaQcJq
xnF0i91awAAwYlD86Y8IzxrIH1bwnTiu/qopeg5jgTU9+yPJyqlyQaRiov87RaVt
ORrECESaZIiLqpsuWREyGgCa5Xn+RW80Gz9ra42cI+f11i0qF7atgg8f74iYkbeR
qPFkfREnqUlULey3G5oub94B4SgRmy6Qa65AvzTO5WtR+hdOFS57IiBqef1ruhLr
bq1FiOaPLtdTm2Ixn/U0EDVN7amGgwarS36cdwG/Een1zV5SskG4hiCcBn3p2c4e
Z/UL7yxqDwhe3tDRq037pEjGtf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRGmQin
h6xQ/Y26FG/d4JEi+Q9GmjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjUyNTAwMzEtNTBjOC00MWViLTkwMmEtMDA4ZGY0NzViNTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQDGR7by2hxGcCOe2FsycddX6uXuuiwhpfRNwt8n
dZhEIPsbirMi8qvrWZdtVE3fPx8eiSnvpO+HFxFoM/vFrLSn0OpIwwnxTzmxL28f
dTqtX6TyWRZt4gsfkXnLVLQ53ErOMqmz8sg4WMUU3mKeLUz/xsU7fTx1lYphqtfh
XMmVKDshO/ENS2x9cnoxq5Nwe8wOXEl07VoG8wf0mvWcmwKAorQOTD9eVeXyUiBx
vaYM6kn3kPfU+GiSDJS3Cx/c4IMqvUoH/8WewEC9GlIvA3IHIiG48id/pWdkzsRQ
jD7GEADDx636OuGBXAoIXVRnvhl0EDCR1eYxnoaH+Qo62+as
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:42 2025 by rpki-client