Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: K5T5qlK0BlcscbM1MDjiXg6CtfrU7FrsXJva1vXd+mg=
Subject key identifier: 37:6F:A4:AC:B7:48:7A:D6:EF:7D:61:7F:59:1A:E5:DA:9A:E7:BC:FF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65F25FAF2D4ACCF6A296717686438C7A25B876CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f2:5f:af:2d:4a:cc:f6:a2:96:71:76:86:43:8c:7a:25:b8:76:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=20f66999dc0956aa4287c144381c0243e8cd31139da0a9107da3f456ed84b818, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2a:4e:32:22:0d:50:f2:57:86:95:72:55:53:
e7:9e:85:1f:5c:18:19:d0:5a:b4:2d:28:c5:da:b1:
7d:81:85:f9:d1:dd:8c:9c:d9:36:bf:f0:7c:5b:0c:
71:e8:48:f5:75:d4:fc:10:f3:45:f8:9f:58:63:21:
75:15:55:bb:a8:6d:4f:63:70:45:a8:2e:11:0f:45:
9c:63:c8:b0:9e:e3:fd:6f:1c:a6:61:2f:7b:49:00:
6d:54:7c:05:9f:6e:8e:fc:b2:40:20:17:ca:51:5d:
bf:80:0d:8f:8c:dd:ff:2f:f4:d1:ae:b2:d0:b8:fe:
db:b6:90:00:1e:b5:d2:02:24:ef:9d:7e:83:03:91:
0e:bd:56:3f:dd:5e:dc:00:88:90:dd:5c:6a:4f:77:
a1:0e:a7:9b:61:cc:9b:3b:57:84:86:36:17:f6:2a:
ec:93:ec:77:f7:79:56:b6:28:a1:e3:08:1d:79:70:
7e:b6:22:28:b6:57:ca:4e:ba:2c:1a:2f:54:65:4c:
e0:05:0a:bd:fe:83:4e:a1:c0:db:21:5b:ea:2f:0b:
6e:82:58:c0:ad:a1:0b:80:e9:09:1b:c5:8b:7e:91:
55:c4:db:ea:e0:4f:09:a6:15:92:77:57:f1:0f:fa:
4e:54:0e:53:8b:d7:5a:83:b6:b7:6b:81:25:51:5c:
7d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6F:A4:AC:B7:48:7A:D6:EF:7D:61:7F:59:1A:E5:DA:9A:E7:BC:FF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
9f:66:9a:d4:29:7c:01:fb:e0:18:93:03:69:18:8a:f4:04:05:
6f:98:01:5c:5d:57:7f:bc:88:38:a0:1d:d3:6d:18:ce:92:3c:
3f:03:f9:05:f5:0c:33:99:1b:4a:00:fe:d2:8d:69:c8:17:49:
86:29:96:9f:d0:87:dd:40:9e:f8:7c:f2:24:26:a8:d3:7a:24:
8f:49:72:3e:9a:9f:0b:6c:8f:ad:4f:d9:63:c4:43:68:d7:02:
14:f7:04:25:0d:b9:6d:eb:2f:c2:34:15:99:00:97:e4:bc:f5:
3f:e1:cd:6e:49:e4:e7:e6:62:05:32:17:7c:b2:96:29:1c:5e:
d3:a0:fb:b7:5c:af:3d:f4:98:ec:14:13:5a:45:16:67:8b:46:
3d:e0:ea:49:34:6c:04:87:49:3b:de:c7:96:d5:58:55:79:96:
b5:db:ce:ef:51:6e:8f:5a:43:00:0d:a5:dc:f0:38:d0:37:3d:
ed:a1:b9:d7:d1:5a:be:b1:55:ee:f2:78:d4:c4:89:1b:53:b9:
ce:24:b7:84:e1:36:d5:ae:dd:54:56:14:07:e9:68:16:7e:c2:
3a:f4:b3:38:88:0f:ee:85:ed:49:8d:27:72:78:d5:83:d7:4f:
eb:76:b4:27:ea:28:46:7f:b3:4e:0b:57:81:df:15:4b:7f:49:
41:07:d4:2c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZfJfry1KzPailnF2hkOMeiW4ds4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwZjY2OTk5ZGMwOTU2YWE0Mjg3YzE0NDM4MWMwMjQzZThjZDMxMTM5ZGEw
YTkxMDdkYTNmNDU2ZWQ4NGI4MTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMqTjIiDVDyV4aVclVT556FH1wYGdBatC0oxdqxfYGF+dHdjJzZNr/wfFsM
cehI9XXU/BDzRfifWGMhdRVVu6htT2NwRaguEQ9FnGPIsJ7j/W8cpmEve0kAbVR8
BZ9ujvyyQCAXylFdv4ANj4zd/y/00a6y0Lj+27aQAB610gIk751+gwORDr1WP91e
3ACIkN1cak93oQ6nm2HMmztXhIY2F/Yq7JPsd/d5VrYooeMIHXlwfrYiKLZXyk66
LBovVGVM4AUKvf6DTqHA2yFb6i8LboJYwK2hC4DpCRvFi36RVcTb6uBPCaYVkndX
8Q/6TlQOU4vXWoO2t2uBJVFcfRsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ3b6Ss
t0h61u99YX9ZGuXamue8/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQCfZprUKXwB++AYkwNpGIr0BAVvmAFcXVd/vIg4oB3T
bRjOkjw/A/kF9QwzmRtKAP7SjWnIF0mGKZaf0IfdQJ74fPIkJqjTeiSPSXI+mp8L
bI+tT9ljxENo1wIU9wQlDblt6y/CNBWZAJfkvPU/4c1uSeTn5mIFMhd8spYpHF7T
oPu3XK899JjsFBNaRRZni0Y94OpJNGwEh0k73seW1VhVeZa1287vUW6PWkMADaXc
8DjQNz3tobnX0Vq+sVXu8njUxIkbU7nOJLeE4TbVrt1UVhQH6WgWfsI69LM4iA/u
he1JjSdyeNWD10/rdrQn6ihGf7NOC1eB3xVLf0lBB9Qs
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org