Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
File: 2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa (raw, json)
Hash identifier: SYkSNstn4i+E31Ot+CNWdlgsnm/dNHWY6LcGPeDNm5Q=
Subject key identifier: 23:10:72:58:85:2D:B0:3F:99:FB:5A:4E:96:B9:7B:87:34:32:44:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48D2CB085A5BBF81469EDF835D411CE4C12549DF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:d2:cb:08:5a:5b:bf:81:46:9e:df:83:5d:41:1c:e4:c1:25:49:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=224485acdb95807da52f2b28223b701ee6b9b3a7195792c7f5524b027f0cc8d7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4f:53:4f:67:f4:43:ad:18:ca:5f:2e:2d:4d:
b9:c6:a4:aa:9a:f7:d1:1b:89:ef:12:23:18:cf:99:
2e:fe:a5:77:e6:d7:de:e9:a9:55:09:65:7b:08:f3:
27:3b:01:d6:2a:e9:60:cc:ff:13:ac:5f:29:db:e9:
21:16:fb:b5:93:61:b3:a7:c7:87:2f:3f:61:4b:2e:
98:42:c9:e2:cf:87:2c:93:07:23:e6:17:dc:92:99:
87:b8:cd:a1:24:77:7e:f1:f1:d9:07:bd:88:64:1a:
96:cc:e3:e8:ad:e2:a3:2c:53:ea:ab:c1:79:fc:fa:
71:43:5c:bb:03:98:a7:ef:af:18:1b:52:01:93:6b:
1c:bc:fb:7f:5f:0a:34:e2:b6:8d:b1:c1:9e:21:8a:
3e:97:b3:17:f7:ba:52:8a:b9:5c:65:ca:70:ed:10:
af:35:9b:10:be:57:df:fd:4e:ee:5c:f1:4e:b6:95:
f8:2c:15:ca:69:70:63:80:00:2d:91:79:61:3a:dc:
6d:46:91:ad:6f:b5:73:1f:35:03:d7:2c:92:5b:ae:
47:09:cd:a3:d6:a3:a8:f7:12:b1:57:9c:2f:45:a2:
5f:33:3b:d5:31:e7:58:a1:ee:92:8d:ee:2b:4c:23:
86:8f:c3:c3:54:d4:4e:26:de:dc:d8:18:54:53:54:
9c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:10:72:58:85:2D:B0:3F:99:FB:5A:4E:96:B9:7B:87:34:32:44:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:4f:a1:48:52:1a:96:4d:6c:95:6a:b1:44:41:76:83:61:1e:
46:33:66:e0:5e:ac:4c:d5:5b:08:3c:9b:7e:c9:96:35:ae:10:
60:53:74:6a:b1:2d:1d:3b:f7:46:b2:b3:8d:ec:34:5c:67:a9:
a3:ee:3c:cd:cf:8f:d0:6d:b5:c7:bf:8c:0e:5f:45:64:9a:59:
6b:7b:05:b1:9a:61:b1:a7:1a:71:ad:f2:7a:c7:87:f1:e2:e7:
00:2f:78:cc:66:c3:75:42:37:e0:97:84:cd:dd:df:f6:09:e9:
4a:a5:87:74:55:04:3c:40:e1:27:fb:cf:7e:10:13:82:26:7d:
5c:15:96:a2:07:ee:97:9b:1c:55:cc:90:f1:9d:a8:e7:b9:29:
fd:08:36:56:8b:f6:44:5d:c6:64:20:28:d1:8b:f9:85:75:53:
23:22:54:98:93:e8:81:c9:7d:f5:96:95:2b:ed:55:99:7f:2b:
04:74:e5:31:6c:74:0d:29:6d:a0:38:5c:83:10:fb:80:b6:eb:
f6:e3:e6:30:06:4e:63:59:ff:9d:e5:e1:16:ed:03:b5:a2:d4:
f5:8b:84:07:c1:19:0a:75:bf:75:2b:f2:a0:f1:ce:9c:8e:2c:
96:7a:ca:fa:c9:78:41:7a:34:b8:4b:dc:51:cb:69:44:73:67:
d4:a2:ec:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSNLLCFpbv4FGnt+DXUEc5MElSd8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNDQ4NWFjZGI5NTgwN2RhNTJmMmIyODIyM2I3MDFlZTZiOWIzYTcxOTU3
OTJjN2Y1NTI0YjAyN2YwY2M4ZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxPU09n9EOtGMpfLi1Nucakqpr30RuJ7xIjGM+ZLv6ld+bX3umpVQllewjz
JzsB1irpYMz/E6xfKdvpIRb7tZNhs6fHhy8/YUsumELJ4s+HLJMHI+YX3JKZh7jN
oSR3fvHx2Qe9iGQalszj6K3ioyxT6qvBefz6cUNcuwOYp++vGBtSAZNrHLz7f18K
NOK2jbHBniGKPpezF/e6Uoq5XGXKcO0QrzWbEL5X3/1O7lzxTraV+CwVymlwY4AA
LZF5YTrcbUaRrW+1cx81A9cskluuRwnNo9ajqPcSsVecL0WiXzM71THnWKHuko3u
K0wjho/Dw1TUTibe3NgYVFNUnNkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjEHJY
hS2wP5n7Wk6WuXuHNDJEOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmUxMzcwYTYtOGRhNC00YjQ2LWE5ZTAtZjBmNmRjODdkOWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQCuT6FIUhqWTWyVarFEQXaDYR5GM2bgXqxM1VsIPJt+
yZY1rhBgU3RqsS0dO/dGsrON7DRcZ6mj7jzNz4/QbbXHv4wOX0VkmllrewWxmmGx
pxpxrfJ6x4fx4ucAL3jMZsN1Qjfgl4TN3d/2CelKpYd0VQQ8QOEn+89+EBOCJn1c
FZaiB+6XmxxVzJDxnajnuSn9CDZWi/ZEXcZkICjRi/mFdVMjIlSYk+iByX31lpUr
7VWZfysEdOUxbHQNKW2gOFyDEPuAtuv24+YwBk5jWf+d5eEW7QO1otT1i4QHwRkK
db91K/Kg8c6cjiyWesr6yXhBejS4S9xRy2lEc2fUouz/
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org