Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: L+LJS+oQR6hf6QGY9WN3PXhmOoQE/En5MNpWfiL3vTE=
Subject key identifier: 2B:DA:B3:6F:6A:55:E6:5F:B7:90:66:1C:02:72:C6:C8:11:25:87:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D93D946645332ADB0EF1444753A8F17D6E0338A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:93:d9:46:64:53:32:ad:b0:ef:14:44:75:3a:8f:17:d6:e0:33:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=c636cd8d5016b25240e57f18b36aeeae70c3308279c9fd6595fb6bc50abad55c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:b9:dd:6b:b8:0c:73:ab:e5:f0:b9:92:2a:
72:ba:44:7a:ee:92:39:6e:af:8d:6e:34:b8:2a:d8:
f3:83:bf:d5:bc:46:33:84:21:a7:8c:4d:73:55:f5:
fe:ef:4c:24:96:cc:e6:89:ec:f5:a6:5a:ce:d4:9f:
eb:c2:fe:e1:e6:e4:07:f6:45:3c:f0:93:76:12:47:
17:e4:7d:0f:8a:f1:30:cb:9b:f4:e5:7a:f8:ab:23:
e1:b1:96:ff:f8:1f:66:70:34:d0:c8:33:f8:ff:6f:
e1:30:90:82:8b:b8:85:a3:02:70:18:ef:9d:78:a1:
0e:b9:96:5a:84:31:56:6f:ce:88:a1:36:9a:cd:d6:
92:17:3a:a9:05:97:e8:92:1a:81:b5:e2:22:c8:fc:
6b:9a:73:60:21:fc:0d:ca:a2:46:9a:ff:c1:bd:05:
72:16:f2:53:cc:76:76:70:1b:2a:02:ea:34:c9:e6:
58:c2:e8:7e:a7:d2:a3:d3:11:bb:7d:4c:1b:ce:2e:
e1:eb:ff:ec:de:bb:32:91:56:3e:aa:19:17:31:8d:
95:a5:f3:6a:1d:e4:29:42:cd:db:0d:ce:81:4a:96:
79:6e:b0:8f:f4:65:39:20:a0:6d:78:e3:7f:cc:b9:
e8:02:66:18:60:e3:ac:58:53:28:8f:62:c3:32:79:
07:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DA:B3:6F:6A:55:E6:5F:B7:90:66:1C:02:72:C6:C8:11:25:87:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:3f:ce:27:a2:c2:a6:d4:79:2d:40:ab:06:73:6c:ca:73:a0:
f6:7c:88:58:c4:d6:cf:03:4a:da:09:08:97:4c:1e:48:79:8e:
cf:f8:cd:12:b1:b4:2e:fb:67:af:b1:69:bd:bb:c0:3d:d2:dc:
50:08:ba:29:0b:87:43:7a:29:28:9a:4a:29:52:27:54:db:08:
7b:87:4d:14:5a:7e:84:d0:0d:19:59:e5:e6:20:4d:1c:0b:51:
65:cb:f0:11:dd:8e:b0:b2:88:b4:94:4c:6c:7f:7f:f8:41:12:
01:df:fa:3c:76:0a:44:8b:95:2a:f7:15:b2:9a:d9:dd:86:cf:
ef:93:41:34:9f:7e:fe:d1:a3:0f:03:d6:81:5e:25:f4:6d:83:
92:26:d9:2c:ba:53:bc:c4:70:aa:97:1e:f6:59:80:de:4d:7b:
2d:39:c3:e9:da:5b:bf:2e:94:a0:cb:27:3e:22:f4:b8:e7:7f:
88:da:7f:96:93:79:2d:04:7a:8d:2b:a1:0d:25:ab:f3:2c:e2:
da:64:8f:89:b5:a5:8f:6c:13:68:01:23:f1:93:4a:d5:66:91:
f5:09:fc:0e:85:94:63:e6:18:50:9b:7d:c7:07:4e:bf:7c:3a:
b2:5b:41:e7:68:55:1b:19:da:24:c9:66:32:9a:5f:07:e9:67:
6e:fb:dc:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHZPZRmRTMq2w7xREdTqPF9bgM4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2MzZjZDhkNTAxNmIyNTI0MGU1N2YxOGIzNmFlZWFlNzBjMzMwODI3OWM5
ZmQ2NTk1ZmI2YmM1MGFiYWQ1NWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK76ud1ruAxzq+XwuZIqcrpEeu6SOW6vjW40uCrY84O/1bxGM4Qhp4xNc1X1
/u9MJJbM5ons9aZaztSf68L+4ebkB/ZFPPCTdhJHF+R9D4rxMMub9OV6+Ksj4bGW
//gfZnA00Mgz+P9v4TCQgou4haMCcBjvnXihDrmWWoQxVm/OiKE2ms3Wkhc6qQWX
6JIagbXiIsj8a5pzYCH8DcqiRpr/wb0FchbyU8x2dnAbKgLqNMnmWMLofqfSo9MR
u31MG84u4ev/7N67MpFWPqoZFzGNlaXzah3kKULN2w3OgUqWeW6wj/RlOSCgbXjj
f8y56AJmGGDjrFhTKI9iwzJ5B4cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQr2rNv
alXmX7eQZhwCcsbIESWHaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQBGP84nosKm1HktQKsGc2zKc6D2fIhYxNbPA0raCQiX
TB5IeY7P+M0SsbQu+2evsWm9u8A90txQCLopC4dDeikomkopUidU2wh7h00UWn6E
0A0ZWeXmIE0cC1Fly/AR3Y6wsoi0lExsf3/4QRIB3/o8dgpEi5Uq9xWymtndhs/v
k0E0n37+0aMPA9aBXiX0bYOSJtksulO8xHCqlx72WYDeTXstOcPp2lu/LpSgyyc+
IvS453+I2n+Wk3ktBHqNK6ENJavzLOLaZI+JtaWPbBNoASPxk0rVZpH1CfwOhZRj
5hhQm33HB06/fDqyW0HnaFUbGdokyWYyml8H6Wdu+9xa
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org