Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86f9f321-0423-4a3c-8481-9118cd38fde4.roa
File: 86f9f321-0423-4a3c-8481-9118cd38fde4.roa (raw, json)
Hash identifier: tM6IWZjafWowO3YyXz3Hpwpj6uRLNw3r6bt3MJXJJSs=
Subject key identifier: 97:DC:5A:94:A1:22:37:C2:0E:DC:03:6E:4F:ED:8A:AB:CC:50:81:BF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FECA993D354B05C4DDDD819F0901108798E12C9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86f9f321-0423-4a3c-8481-9118cd38fde4.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 185.48.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ec:a9:93:d3:54:b0:5c:4d:dd:d8:19:f0:90:11:08:79:8e:12:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=f1f002efc656e4a4949524616a10fdbdd21678b05c69cee8d8ae6d615619d8fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:af:d6:8d:30:6e:77:59:f4:37:b8:6e:94:93:
9e:cc:b3:2d:83:9c:a1:5e:12:cd:b9:a5:32:6a:5c:
b4:be:f8:aa:96:05:d5:3e:f0:1c:d8:42:77:9b:78:
16:7a:d9:90:0b:23:7f:58:e9:fc:25:81:f0:2e:c4:
bc:a9:99:c6:51:69:46:0d:24:2b:e2:ca:d7:21:3d:
7a:15:4d:ab:a8:de:11:f7:4c:bd:76:bf:1b:a2:17:
69:e0:87:33:9b:11:d3:45:31:7e:38:d0:ae:2e:10:
8a:1c:c2:7f:80:7f:a8:6b:8a:28:22:02:b2:df:47:
87:41:7c:96:67:4e:83:9c:76:17:d3:82:69:84:d7:
ea:78:65:b6:ba:e7:e4:6d:40:81:09:2d:11:e6:1f:
e0:e5:2f:d1:d8:99:5d:74:4a:b3:76:30:75:f4:d1:
5b:2e:a7:59:08:5a:ee:5b:bb:43:90:a8:1a:1d:c8:
df:37:11:58:3d:15:17:04:a6:0f:b5:d3:c6:7f:44:
85:bd:c1:ac:4a:68:6d:5a:e5:71:d2:46:40:b4:61:
a5:b6:f4:72:f4:ab:a3:e0:db:35:ac:5c:9c:73:fa:
8c:a8:d0:ba:9c:66:19:ba:2f:9f:74:6f:15:1d:34:
c7:da:52:44:e9:e5:de:cd:85:35:54:a4:cb:cb:78:
0b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:DC:5A:94:A1:22:37:C2:0E:DC:03:6E:4F:ED:8A:AB:CC:50:81:BF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86f9f321-0423-4a3c-8481-9118cd38fde4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.48.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:b8:be:a0:01:df:b1:a8:03:2d:23:75:17:9c:89:5a:3a:d4:
ba:4c:46:90:ae:22:ec:7d:ea:33:72:3a:6e:ee:e8:c1:83:9d:
54:e6:de:1c:37:5e:d5:54:34:75:99:b1:47:80:dc:d7:7f:2e:
1c:0c:46:9e:54:ed:f3:b4:ec:c7:a5:f7:20:fb:fc:14:4e:76:
41:4f:b9:4b:7d:68:7c:f9:aa:d4:67:d3:84:3f:f6:bc:0e:e6:
29:19:1b:84:a3:b7:5e:0a:6a:da:58:28:00:5f:30:52:a2:7e:
01:48:13:45:68:09:18:07:73:16:d0:c0:eb:c0:f9:96:7b:ed:
2e:e6:fa:9a:ed:9d:40:40:24:1f:66:30:53:3b:c8:ea:dc:d7:
08:dc:93:5d:46:f4:52:0c:de:4f:11:09:cb:68:72:df:66:de:
2b:d4:67:5a:11:cf:12:b5:06:c4:fe:4f:cf:10:03:2f:e4:61:
3e:7a:00:ac:c5:6c:df:1f:70:5e:70:2d:b8:a5:af:d7:e9:33:
9f:3b:13:c7:85:8f:16:24:85:2c:5d:12:ad:96:26:b2:01:90:
a6:9c:93:4f:60:e3:23:2e:91:74:c9:cc:d9:73:18:6d:7e:26:
c2:0d:5c:54:2f:2a:f6:07:d8:a1:fd:af:63:fb:65:47:bd:e8:
5c:88:a8:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL+ypk9NUsFxN3dgZ8JARCHmOEskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZjAwMmVmYzY1NmU0YTQ5NDk1MjQ2MTZhMTBmZGJkZDIxNjc4YjA1YzY5
Y2VlOGQ4YWU2ZDYxNTYxOWQ4ZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGv1o0wbndZ9De4bpSTnsyzLYOcoV4SzbmlMmpctL74qpYF1T7wHNhCd5t4
FnrZkAsjf1jp/CWB8C7EvKmZxlFpRg0kK+LK1yE9ehVNq6jeEfdMvXa/G6IXaeCH
M5sR00UxfjjQri4QihzCf4B/qGuKKCICst9Hh0F8lmdOg5x2F9OCaYTX6nhltrrn
5G1AgQktEeYf4OUv0diZXXRKs3YwdfTRWy6nWQha7lu7Q5CoGh3I3zcRWD0VFwSm
D7XTxn9Ehb3BrEpobVrlcdJGQLRhpbb0cvSro+DbNaxcnHP6jKjQupxmGbovn3Rv
FR00x9pSROnl3s2FNVSky8t4C+sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSX3FqU
oSI3wg7cA25P7YqrzFCBvzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODZmOWYzMjEtMDQyMy00YTNjLTg0ODEtOTExOGNkMzhmZGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkweDAN
BgkqhkiG9w0BAQsFAAOCAQEAt7i+oAHfsagDLSN1F5yJWjrUukxGkK4i7H3qM3I6
bu7owYOdVObeHDde1VQ0dZmxR4Dc138uHAxGnlTt87Tsx6X3IPv8FE52QU+5S31o
fPmq1GfThD/2vA7mKRkbhKO3Xgpq2lgoAF8wUqJ+AUgTRWgJGAdzFtDA68D5lnvt
Lub6mu2dQEAkH2YwUzvI6tzXCNyTXUb0UgzeTxEJy2hy32beK9RnWhHPErUGxP5P
zxADL+RhPnoArMVs3x9wXnAtuKWv1+kznzsTx4WPFiSFLF0SrZYmsgGQppyTT2Dj
Iy6RdMnM2XMYbX4mwg1cVC8q9gfYof2vY/tlR73oXIioFw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:27 2025 by rpki-client