Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa
File: ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa (raw, json)
Hash identifier: Gx9W48slfAP1z/6j2y5NKCP/N6qpUm0Uw6EUPB5yC+8=
Subject key identifier: CE:55:A0:6E:60:CC:50:42:E6:33:0D:84:22:1F:1A:B6:49:9B:D6:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69B3166C76A9E66BA68D113A82C404C9521E3361
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:b3:16:6c:76:a9:e6:6b:a6:8d:11:3a:82:c4:04:c9:52:1e:33:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:02:b6:a0:0f:7e:70:5a:bd:c5:56:5a:a9:80:
7d:1b:43:be:1b:fe:e8:31:7f:ee:b5:bd:f8:3c:68:
e3:c3:d2:8e:ec:99:9b:2e:3e:e9:ab:d6:07:c3:2d:
df:e8:bd:ed:d2:29:fe:dd:85:40:1f:3f:5b:74:86:
ba:40:6b:7c:0e:0e:ca:30:00:93:d5:ab:52:c5:55:
18:ff:31:db:ae:3a:dd:39:f2:39:4f:72:68:c1:b1:
b7:cf:ff:46:5a:df:92:bc:ac:62:8f:74:36:65:7e:
c2:7f:b0:8a:f1:9b:9a:82:e0:82:8d:62:71:c3:f4:
e0:ec:e4:0c:da:86:77:41:fd:57:07:1f:0e:b7:90:
f1:c8:d2:b2:8e:66:11:56:b3:d2:65:10:71:19:b3:
aa:3c:76:ca:b9:31:5e:d4:a0:7f:5c:c2:6b:8c:32:
ca:9a:21:0d:95:16:74:79:9d:5c:95:4e:a3:81:7c:
6d:32:01:22:d5:34:b2:62:c8:f4:c8:57:93:08:8a:
b0:96:ed:62:eb:49:b8:d3:7e:a3:ae:6a:20:cc:e8:
6c:09:52:26:04:8a:ce:03:71:ed:e7:4a:5d:91:73:
d9:9f:e3:c2:ca:45:97:19:9d:3b:1e:5f:5e:84:d0:
41:dd:7a:3d:53:63:bb:72:84:8a:5f:46:9a:a8:2f:
6c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:55:A0:6E:60:CC:50:42:E6:33:0D:84:22:1F:1A:B6:49:9B:D6:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce6dbbe7-ad50-484f-ae7a-a4935085715f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b::/36
Signature Algorithm: sha256WithRSAEncryption
92:a2:b5:e7:5a:67:70:b7:e4:93:65:bc:50:60:43:26:be:1a:
05:9f:13:7f:15:b4:6f:64:33:be:f6:d4:3a:af:00:5a:42:f8:
8f:75:ed:de:8c:1b:54:dd:96:12:ec:7b:53:ee:05:2c:46:e0:
d7:b7:ab:53:23:6f:26:c4:66:b0:88:8a:85:db:82:32:24:6b:
e2:c4:dd:9a:c8:82:ce:a6:41:4d:be:b0:1c:0a:42:4a:63:56:
22:ac:76:4f:76:0a:d7:ee:8a:3a:29:ec:33:2f:f3:48:53:ac:
f5:b6:d6:f1:59:44:8d:0d:48:d7:fa:69:6f:4b:4e:f6:9a:57:
8b:cc:1e:06:c2:37:92:93:2d:8b:fa:5d:b0:74:94:4a:e4:e3:
83:5b:07:7a:46:51:83:75:07:0e:6e:8e:4a:c8:3a:e7:ca:85:
1e:a6:0b:0a:69:f3:4d:cb:77:22:1e:7f:c9:68:5c:3b:84:b1:
a4:63:f2:97:a8:4b:57:4b:69:c8:0d:22:83:16:10:1e:85:7a:
c2:02:07:18:ae:6b:89:ae:78:1b:bd:74:6c:b8:77:df:47:63:
cc:50:e6:14:ad:dd:e8:5c:1b:b0:c1:9c:bb:30:9e:57:0a:49:
81:95:6b:70:99:11:53:31:44:de:6e:d0:f5:b9:61:1c:00:c8:
43:42:de:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUabMWbHap5mumjRE6gsQEyVIeM2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiZjZiZTFmNWY5M2Q0NDgxOTcyODNhYTY0MzIzNzgyNTMyZjk0ZjgxY2E1
NzMxNTE0ZTg2ZDliYzYzMmU4MjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALECtqAPfnBavcVWWqmAfRtDvhv+6DF/7rW9+Dxo48PSjuyZmy4+6avWB8Mt
3+i97dIp/t2FQB8/W3SGukBrfA4OyjAAk9WrUsVVGP8x26463TnyOU9yaMGxt8//
RlrfkrysYo90NmV+wn+wivGbmoLggo1iccP04OzkDNqGd0H9VwcfDreQ8cjSso5m
EVaz0mUQcRmzqjx2yrkxXtSgf1zCa4wyypohDZUWdHmdXJVOo4F8bTIBItU0smLI
9MhXkwiKsJbtYutJuNN+o65qIMzobAlSJgSKzgNx7edKXZFz2Z/jwspFlxmdOx5f
XoTQQd16PVNju3KEil9GmqgvbG8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTOVaBu
YMxQQuYzDYQiHxq2SZvWczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2U2ZGJiZTctYWQ1MC00ODRmLWFlN2EtYTQ5MzUwODU3MTVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSorXnWmdwt+STZbxQYEMmvhoFnxN/FbRvZDO+
9tQ6rwBaQviPde3ejBtU3ZYS7HtT7gUsRuDXt6tTI28mxGawiIqF24IyJGvixN2a
yILOpkFNvrAcCkJKY1YirHZPdgrX7oo6KewzL/NIU6z1ttbxWUSNDUjX+mlvS072
mleLzB4GwjeSky2L+l2wdJRK5OODWwd6RlGDdQcObo5KyDrnyoUepgsKafNNy3ci
Hn/JaFw7hLGkY/KXqEtXS2nIDSKDFhAehXrCAgcYrmuJrngbvXRsuHffR2PMUOYU
rd3oXBuwwZy7MJ5XCkmBlWtwmRFTMUTebtD1uWEcAMhDQt6R
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:14 2025 by rpki-client