Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af9121-2fa0-422d-9c11-2e15bcdcdd17.roa
File: c8af9121-2fa0-422d-9c11-2e15bcdcdd17.roa (raw, json)
Hash identifier: NHGYmzV6MxK81N3Gx/DULVP5guhVQEiAovMBLYvVMCE=
Subject key identifier: D4:1B:43:C8:AE:1F:09:05:F4:CF:0F:F0:0F:7F:A0:42:BB:1F:BE:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04B58CEEB6737F632AF41CD3F384676BA309ED94
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af9121-2fa0-422d-9c11-2e15bcdcdd17.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 178.236.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:b5:8c:ee:b6:73:7f:63:2a:f4:1c:d3:f3:84:67:6b:a3:09:ed:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=30cf06224a92271225beff2092623ca0fd34f4b6bc4837fa247e19bd0c4659c7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:08:3a:6a:b4:73:f3:b1:f4:c6:42:2d:07:
2a:55:9c:8a:f5:df:56:5e:f8:e6:69:a5:c3:ca:f4:
21:85:13:69:02:be:6d:53:e7:a5:a0:81:bd:58:c8:
b2:56:e8:d0:cf:66:ea:d4:cc:62:f1:ec:55:66:3c:
30:05:11:c7:b6:7a:a2:ea:07:18:c8:45:3a:4c:cb:
b4:22:68:3f:81:70:51:bd:ab:3b:35:c3:66:af:b6:
11:e6:08:1f:b1:bb:a9:32:f0:3e:64:f4:e0:c9:e9:
b3:88:c3:18:a5:96:eb:e5:9d:e4:e8:35:ee:95:60:
ab:52:3f:36:e3:c7:6b:99:b1:bd:35:9f:01:98:1f:
5d:8d:5f:92:6f:5e:d3:ff:13:27:36:e8:96:e2:8d:
86:98:f0:34:89:93:6d:53:a5:4d:b8:9f:36:6f:67:
52:88:55:d6:13:9d:b0:46:b3:b7:69:e4:0a:91:31:
87:79:71:d8:41:a3:95:ef:09:95:89:16:e5:ed:c3:
c7:c9:c7:d5:5d:ae:bb:fd:f7:6e:7c:45:10:07:83:
c8:a9:3e:78:13:c7:e2:9a:23:96:64:a6:b8:c2:80:
a1:bd:3c:6e:2e:93:3f:04:79:46:9b:8c:86:e4:ce:
84:a2:a1:dc:86:e2:0f:1e:5e:5a:f3:dd:d7:7a:3e:
8c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1B:43:C8:AE:1F:09:05:F4:CF:0F:F0:0F:7F:A0:42:BB:1F:BE:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c8af9121-2fa0-422d-9c11-2e15bcdcdd17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.0.0/20
Signature Algorithm: sha256WithRSAEncryption
60:04:e9:08:a8:42:f8:09:19:7c:58:16:13:91:56:76:2f:f8:
43:8d:35:83:66:6e:cb:d0:6b:bd:db:b5:64:c6:7b:72:ba:7d:
28:27:68:79:ac:08:77:d5:fe:f8:e3:67:76:97:e5:40:6b:8c:
06:18:9c:82:05:1a:82:a3:b2:d5:93:4b:34:1c:4b:34:ea:9e:
1f:4e:ef:57:9c:25:76:ca:e3:57:15:ff:a5:4d:72:e5:5b:f3:
96:df:59:01:16:d1:25:52:ff:b2:5c:32:7c:ae:4f:89:fb:30:
16:30:42:e7:dd:90:f2:ce:bc:71:08:b2:eb:1c:0b:25:26:5b:
00:ad:50:21:52:91:3c:9c:a1:d6:d2:c6:e9:7e:e9:7d:6e:93:
76:01:64:60:dc:63:32:46:f2:0c:1c:cd:92:7e:65:14:dd:67:
46:ff:52:31:4d:83:c4:4c:78:42:5a:d1:6d:70:5e:94:6d:d2:
c0:69:06:a0:4e:ed:47:e5:86:a6:ec:ca:91:e5:c5:41:c3:20:
45:11:7c:52:62:46:9f:95:2d:1a:3c:3f:4f:99:17:c6:ff:18:
a8:c8:1d:b1:16:99:4a:c8:81:f3:d8:58:83:1f:95:ca:c4:a0:
1d:82:92:9a:41:7b:ec:b9:e8:96:f5:41:19:95:99:55:8e:55:
ca:fc:21:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBLWM7rZzf2Mq9BzT84Rna6MJ7ZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwY2YwNjIyNGE5MjI3MTIyNWJlZmYyMDkyNjIzY2EwZmQzNGY0YjZiYzQ4
MzdmYTI0N2UxOWJkMGM0NjU5YzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/tCDpqtHPzsfTGQi0HKlWcivXfVl745mmlw8r0IYUTaQK+bVPnpaCBvVjI
slbo0M9m6tTMYvHsVWY8MAURx7Z6ouoHGMhFOkzLtCJoP4FwUb2rOzXDZq+2EeYI
H7G7qTLwPmT04Mnps4jDGKWW6+Wd5Og17pVgq1I/NuPHa5mxvTWfAZgfXY1fkm9e
0/8TJzboluKNhpjwNImTbVOlTbifNm9nUohV1hOdsEazt2nkCpExh3lx2EGjle8J
lYkW5e3Dx8nH1V2uu/33bnxFEAeDyKk+eBPH4pojlmSmuMKAob08bi6TPwR5RpuM
huTOhKKh3IbiDx5eWvPd13o+jHUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTUG0PI
rh8JBfTPD/APf6BCux++DTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzhhZjkxMjEtMmZhMC00MjJkLTljMTEtMmUxNWJjZGNkZDE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLLsADAN
BgkqhkiG9w0BAQsFAAOCAQEAYATpCKhC+AkZfFgWE5FWdi/4Q401g2Zuy9Brvdu1
ZMZ7crp9KCdoeawId9X++ONndpflQGuMBhicggUagqOy1ZNLNBxLNOqeH07vV5wl
dsrjVxX/pU1y5Vvzlt9ZARbRJVL/slwyfK5PifswFjBC592Q8s68cQiy6xwLJSZb
AK1QIVKRPJyh1tLG6X7pfW6TdgFkYNxjMkbyDBzNkn5lFN1nRv9SMU2DxEx4QlrR
bXBelG3SwGkGoE7tR+WGpuzKkeXFQcMgRRF8UmJGn5UtGjw/T5kXxv8YqMgdsRaZ
SsiB89hYgx+VysSgHYKSmkF77LnolvVBGZWZVY5Vyvwhag==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:20 2025 by rpki-client