Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbcb975b-22d4-4912-ae03-ce7b0158c404.roa
File: dbcb975b-22d4-4912-ae03-ce7b0158c404.roa (raw, json)
Hash identifier: 96wiLi0mawxRGJKxp61ynptjLbQEJID5zyFFijiycl0=
Subject key identifier: CF:17:A4:CE:F1:36:B4:FE:5F:95:7E:54:CC:8F:4A:DF:70:A7:33:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A8E17321D1E0213E38C568155D9686D52367DDE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbcb975b-22d4-4912-ae03-ce7b0158c404.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.48.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:8e:17:32:1d:1e:02:13:e3:8c:56:81:55:d9:68:6d:52:36:7d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8f:67:82:f1:08:be:ab:15:e2:44:70:43:c0:
37:2f:f5:28:86:0c:fc:68:c4:9c:b5:1b:a3:41:bb:
a1:14:a1:d2:f4:77:d3:15:46:af:c6:48:cd:b4:e4:
53:d5:bb:51:b4:24:23:24:be:01:1c:8c:fd:c4:0b:
36:66:ad:af:f5:59:77:ad:4e:82:10:95:52:b0:71:
34:14:33:b8:ca:8a:b4:00:5b:68:7c:45:ee:eb:a0:
03:c6:8f:38:1f:89:29:e8:cb:d8:e6:70:0c:05:80:
52:8c:80:95:a3:b1:5c:19:7f:70:58:1d:45:40:4d:
b3:c8:39:69:99:c6:3c:99:3c:b0:62:3a:95:16:3f:
db:0d:cb:75:af:a8:de:4f:0e:e1:41:a0:c7:52:5e:
2a:dd:be:b0:88:98:07:6f:dd:98:d5:5c:fd:8e:bf:
09:1c:0c:1e:7f:91:53:f3:39:b8:80:e3:f6:36:3b:
95:0a:eb:db:a8:bc:c3:4c:13:2e:53:8a:e3:46:e1:
43:a9:6f:79:d5:aa:35:ec:e9:4d:0e:94:93:75:de:
bc:b1:8f:05:83:28:ca:71:11:2e:0f:e7:26:38:5f:
b9:ac:25:ed:08:92:b2:07:15:28:c5:a8:6a:dc:4c:
f2:dc:a9:35:ca:bb:c7:c5:fe:f2:e1:37:35:4b:15:
f9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:17:A4:CE:F1:36:B4:FE:5F:95:7E:54:CC:8F:4A:DF:70:A7:33:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dbcb975b-22d4-4912-ae03-ce7b0158c404.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
65:8a:62:16:d8:9c:b6:cf:a9:bd:79:d7:30:25:cd:05:b6:7e:
03:2b:b5:c7:ef:b5:4f:69:bc:79:61:cd:48:fe:1d:74:6f:90:
f6:55:84:11:c7:5d:3b:39:4d:1e:64:ae:25:ce:3a:a1:18:b2:
59:22:3c:b8:4d:45:f4:24:1f:e1:92:67:56:40:67:ed:00:f5:
46:e2:73:00:04:e0:52:e9:8a:0f:6e:a0:e6:6f:ac:e2:9e:48:
df:d2:aa:cd:7d:18:97:48:b9:db:f6:7e:9e:fe:6d:10:2b:f7:
ee:68:3b:61:51:bf:d3:af:15:26:05:e0:6f:97:85:d9:41:89:
d9:9c:6a:29:83:b5:64:17:63:1f:d6:61:b8:44:02:44:b6:c6:
88:8f:06:fd:f9:bf:08:1b:19:97:bf:ef:b4:72:63:68:22:3e:
3f:48:9c:96:40:86:24:55:22:12:e9:21:0e:5d:d1:8f:15:57:
c9:f5:f7:2b:59:eb:9d:c2:f7:39:f0:c6:6e:00:66:e6:53:29:
02:1a:90:42:4d:6a:14:63:cf:b5:16:da:6e:12:68:a4:1e:9d:
c8:b8:fd:11:de:9b:11:e3:55:2e:ae:23:a8:8e:b1:ac:8f:a7:
a1:66:94:d2:ad:10:ad:ff:c1:56:08:0a:f7:92:53:40:0a:b2:
9b:a1:99:82
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOo4XMh0eAhPjjFaBVdlobVI2fd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNDAyMGY4M2M1Zjc0MzkzMmRlOTJjYzhiM2E1YTM2MDM5ZWE4NmVjZjk4
OTE1MzRjNzY2ODBjNTVhZTAzMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmPZ4LxCL6rFeJEcEPANy/1KIYM/GjEnLUbo0G7oRSh0vR30xVGr8ZIzbTk
U9W7UbQkIyS+ARyM/cQLNmatr/VZd61OghCVUrBxNBQzuMqKtABbaHxF7uugA8aP
OB+JKejL2OZwDAWAUoyAlaOxXBl/cFgdRUBNs8g5aZnGPJk8sGI6lRY/2w3Lda+o
3k8O4UGgx1JeKt2+sIiYB2/dmNVc/Y6/CRwMHn+RU/M5uIDj9jY7lQrr26i8w0wT
LlOK40bhQ6lvedWqNezpTQ6Uk3XevLGPBYMoynERLg/nJjhfuawl7QiSsgcVKMWo
atxM8typNcq7x8X+8uE3NUsV+eUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTPF6TO
8Ta0/l+VflTMj0rfcKczADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGJjYjk3NWItMjJkNC00OTEyLWFlMDMtY2U3YjAxNThjNDA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAZYpiFticts+pvXnXMCXNBbZ+Ayu1x++1T2m8eWHN
SP4ddG+Q9lWEEcddOzlNHmSuJc46oRiyWSI8uE1F9CQf4ZJnVkBn7QD1RuJzAATg
UumKD26g5m+s4p5I39KqzX0Yl0i52/Z+nv5tECv37mg7YVG/068VJgXgb5eF2UGJ
2ZxqKYO1ZBdjH9ZhuEQCRLbGiI8G/fm/CBsZl7/vtHJjaCI+P0iclkCGJFUiEukh
Dl3RjxVXyfX3K1nrncL3OfDGbgBm5lMpAhqQQk1qFGPPtRbabhJopB6dyLj9Ed6b
EeNVLq4jqI6xrI+noWaU0q0Qrf/BVggK95JTQAqym6GZgg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:16:31 2025 by rpki-client