Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
File: 19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa (raw, json)
Hash identifier: hgbD87xcm1S7gw2+C0udRcL5zC1t17BfUp2rwvRH5q0=
Subject key identifier: 21:8D:10:22:AD:D4:33:7E:F5:D2:34:A0:8F:76:5C:2A:51:D9:B5:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E847DEF0EF26E4DD17F43E6DAA6749AB2BBF31D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:84:7d:ef:0e:f2:6e:4d:d1:7f:43:e6:da:a6:74:9a:b2:bb:f3:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=2acac64967ffa7d2fb9201715f306f18cd049c067ee6739ac248d487d4472ea3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:05:c4:05:e9:60:a2:54:f0:2f:ab:04:98:24:
42:26:9e:10:08:72:ba:a0:1f:6d:a9:9d:d6:aa:24:
30:5d:a3:7f:94:d5:f4:79:80:11:3e:03:74:55:3f:
0d:45:12:65:29:4a:01:14:20:22:2c:4f:02:65:f5:
be:6e:cb:e5:87:94:40:9d:66:a7:ef:e5:73:62:f9:
96:2c:ba:b6:80:92:0d:47:32:2e:06:38:7a:e5:ee:
5c:81:6c:7a:04:05:f8:87:23:e8:b8:21:77:ee:0f:
fd:d3:af:ea:4a:b7:f5:fc:2f:df:d2:c9:e3:2d:07:
d8:b1:41:98:5f:5a:b4:a7:b5:0d:fb:91:34:5e:0c:
b3:63:53:ce:ab:54:9a:31:8f:6d:3c:45:57:4f:39:
a4:7f:2f:f6:83:55:a8:98:e8:f6:4c:01:97:ec:9a:
b1:15:f9:46:4d:21:78:75:a5:bd:02:23:2f:00:b4:
57:aa:97:47:ba:2a:2d:50:c1:68:8f:ae:4d:ce:f5:
3b:17:df:5e:1e:d8:8a:8b:74:e8:b7:f3:01:13:34:
7d:c1:73:db:d4:66:e4:50:f2:17:4e:d7:11:76:e5:
a5:ff:7e:c4:61:00:10:1c:49:5c:9c:49:b7:04:16:
45:be:27:ce:a1:df:a6:89:9b:1b:ce:9e:5f:8a:88:
1b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8D:10:22:AD:D4:33:7E:F5:D2:34:A0:8F:76:5C:2A:51:D9:B5:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
a2:28:67:6a:40:b5:41:83:dd:70:17:6a:77:21:ed:73:81:0a:
4a:8c:25:48:8f:62:2b:b7:20:9e:89:09:bb:4b:85:7c:c7:35:
9a:ac:3b:c2:c3:85:1f:5e:48:d1:ef:26:16:a2:4a:99:9c:cc:
ee:92:68:49:58:c3:90:32:d6:e5:22:ae:14:c1:3b:a7:4e:94:
7f:ab:ef:5f:ca:5d:0b:5d:d8:76:5c:44:a6:90:9d:42:05:9f:
f5:e2:27:e1:62:10:01:43:e4:0b:2d:11:2a:26:0d:79:77:b9:
9a:52:64:30:70:77:05:c1:63:91:d6:1b:85:c5:d0:3f:75:0b:
1f:31:62:0e:22:6b:82:9a:0d:5b:53:81:0b:b5:ab:8e:1a:4e:
85:5f:31:6f:70:a5:56:12:76:93:0b:03:a5:ab:cc:10:10:e9:
d5:ac:e3:f0:11:dd:b3:bc:8c:15:e3:5b:82:d3:35:4d:3b:ce:
2c:60:eb:df:52:a6:60:9e:72:16:f0:c1:44:30:7e:83:4d:37:
f7:50:e9:6c:98:16:9e:a7:0d:ca:6e:0a:54:8f:c6:a8:1b:08:
d1:c2:4a:6f:bd:c1:bd:23:e0:e8:c3:ae:5c:db:bc:cd:f9:e6:
2c:7b:fd:92:56:ad:d8:a6:c2:fa:04:a9:41:94:a8:ce:22:02:
53:96:d0:90
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHoR97w7ybk3Rf0Pm2qZ0mrK78x0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhY2FjNjQ5NjdmZmE3ZDJmYjkyMDE3MTVmMzA2ZjE4Y2QwNDljMDY3ZWU2
NzM5YWMyNDhkNDg3ZDQ0NzJlYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIFxAXpYKJU8C+rBJgkQiaeEAhyuqAfbamd1qokMF2jf5TV9HmAET4DdFU/
DUUSZSlKARQgIixPAmX1vm7L5YeUQJ1mp+/lc2L5liy6toCSDUcyLgY4euXuXIFs
egQF+Icj6Lghd+4P/dOv6kq39fwv39LJ4y0H2LFBmF9atKe1DfuRNF4Ms2NTzqtU
mjGPbTxFV085pH8v9oNVqJjo9kwBl+yasRX5Rk0heHWlvQIjLwC0V6qXR7oqLVDB
aI+uTc71OxffXh7Yiot06LfzARM0fcFz29Rm5FDyF07XEXblpf9+xGEAEBxJXJxJ
twQWRb4nzqHfpombG86eX4qIGysCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhjRAi
rdQzfvXSNKCPdlwqUdm1/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTljOWVlZDUtY2RkMi00ZTNhLTg3ODUtODAwZWM0ZjllMDIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQCiKGdqQLVBg91wF2p3Ie1zgQpKjCVIj2IrtyCe
iQm7S4V8xzWarDvCw4UfXkjR7yYWokqZnMzukmhJWMOQMtblIq4UwTunTpR/q+9f
yl0LXdh2XESmkJ1CBZ/14ifhYhABQ+QLLREqJg15d7maUmQwcHcFwWOR1huFxdA/
dQsfMWIOImuCmg1bU4ELtauOGk6FXzFvcKVWEnaTCwOlq8wQEOnVrOPwEd2zvIwV
41uC0zVNO84sYOvfUqZgnnIW8MFEMH6DTTf3UOlsmBaepw3KbgpUj8aoGwjRwkpv
vcG9I+Dow65c27zN+eYse/2SVq3YpsL6BKlBlKjOIgJTltCQ
-----END CERTIFICATE-----
Generated at Sun May 5 00:12:17 2024 by rpki-client on console-fra.rpki-client.org