Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
File: 43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa (raw, json)
Hash identifier: sXCj01w4vvPrXl64+AMspLyPmr7SOn2j0UmFv25WveM=
Subject key identifier: 97:77:F6:A2:9E:BF:10:5B:DE:38:8D:4A:AF:72:38:22:D6:56:35:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 735884DE525F60CBA2ADEFDBAC57928D00BC5BF6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:58:84:de:52:5f:60:cb:a2:ad:ef:db:ac:57:92:8d:00:bc:5b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=4299980da72a553748ad0ac3812c27f6443e4297ae6f07fbd83a28011c0be8fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fa:25:d6:a4:c8:36:22:23:e2:32:76:ff:49:
40:25:62:3c:c6:f0:29:8f:89:43:6c:f0:1f:0b:58:
b0:ba:de:7c:cf:78:25:bb:5e:13:e1:1c:a3:28:0b:
53:f0:a9:1f:dd:81:0a:50:b2:eb:75:f5:93:b3:ec:
d3:1e:62:39:a1:96:df:41:3b:b1:02:cc:5a:6b:43:
94:fc:e9:35:31:84:8e:de:b0:7a:9c:4e:ca:31:5c:
ff:8e:9a:3f:94:25:de:48:5d:7e:da:c6:b3:50:f2:
ee:b3:f3:52:5d:02:c6:cc:dd:49:6e:af:a0:80:f9:
d1:46:9a:c9:19:e1:43:af:47:b4:e7:21:83:e3:d5:
bc:81:49:de:f2:be:b8:12:a4:9e:7f:dd:0e:c7:03:
63:b5:f1:41:63:df:d8:0d:7a:49:ad:d1:97:c9:48:
17:58:ff:2f:7f:d2:10:a4:f8:b6:74:17:2b:10:bd:
27:32:8f:d5:32:ba:5f:4c:03:7d:cd:51:00:47:70:
64:e6:65:27:a9:b8:28:37:ef:8a:81:05:9a:7e:81:
18:31:c8:b4:57:c6:da:48:be:93:56:51:7d:2c:65:
25:57:41:9d:c1:fc:d1:f1:93:6c:e2:86:a8:a6:65:
9a:a3:59:7f:c7:91:77:77:60:12:cf:b9:9f:e4:41:
be:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:77:F6:A2:9E:BF:10:5B:DE:38:8D:4A:AF:72:38:22:D6:56:35:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:d1:29:bc:90:e6:3a:0d:01:03:cc:07:0d:9b:3b:9a:3f:cc:
b7:40:2d:7f:44:c2:b1:17:71:67:4d:72:17:72:e4:b1:c1:41:
79:8c:33:09:37:a1:3b:d1:6d:73:f6:2d:ca:2b:39:f6:2f:03:
3e:cd:d8:31:6f:a8:e0:0a:86:7a:f1:37:8a:e7:61:8c:87:64:
01:b9:e6:9b:e5:3f:0b:23:a8:fc:53:5c:bc:b1:c2:73:13:4f:
53:09:46:de:7a:dc:6c:4c:e6:af:96:ab:2d:6c:63:86:2c:07:
a6:93:31:c8:7b:d7:37:c1:81:7b:b9:f6:ff:07:cc:8e:38:b7:
b8:7b:eb:6f:4a:34:25:f3:8b:5f:ba:15:72:a3:9d:44:aa:6c:
c0:6d:72:73:62:9e:d8:2e:4d:d9:78:09:9e:a6:71:7c:8a:95:
9c:45:a9:b5:af:89:f4:ee:95:8a:8a:ed:d6:23:37:ae:2c:49:
51:02:13:62:ee:f0:3c:3f:b6:21:fc:bd:bf:5a:ed:b2:76:3e:
d4:0f:73:d5:90:35:b2:e8:a0:c7:72:72:7c:ce:82:b0:7a:22:
1a:e0:05:95:fc:75:99:a8:f9:b6:d3:06:fc:b3:7d:d8:47:f0:
a7:b7:46:34:cb:75:64:d0:2a:07:6b:34:af:d6:16:4b:e3:45:
19:7b:05:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc1iE3lJfYMuire/brFeSjQC8W/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyOTk5ODBkYTcyYTU1Mzc0OGFkMGFjMzgxMmMyN2Y2NDQzZTQyOTdhZTZm
MDdmYmQ4M2EyODAxMWMwYmU4ZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALj6JdakyDYiI+Iydv9JQCViPMbwKY+JQ2zwHwtYsLrefM94JbteE+EcoygL
U/CpH92BClCy63X1k7Ps0x5iOaGW30E7sQLMWmtDlPzpNTGEjt6wepxOyjFc/46a
P5Ql3khdftrGs1Dy7rPzUl0CxszdSW6voID50UaayRnhQ69HtOchg+PVvIFJ3vK+
uBKknn/dDscDY7XxQWPf2A16Sa3Rl8lIF1j/L3/SEKT4tnQXKxC9JzKP1TK6X0wD
fc1RAEdwZOZlJ6m4KDfvioEFmn6BGDHItFfG2ki+k1ZRfSxlJVdBncH80fGTbOKG
qKZlmqNZf8eRd3dgEs+5n+RBvrsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXd/ai
nr8QW944jUqvcjgi1lY1lTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNiNGY1ZTEtMDVlZC00YzJjLTk2YTktMTY1MzQ4ODM1ZThjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQBx0Sm8kOY6DQEDzAcNmzuaP8y3QC1/RMKxF3FnTXIX
cuSxwUF5jDMJN6E70W1z9i3KKzn2LwM+zdgxb6jgCoZ68TeK52GMh2QBueab5T8L
I6j8U1y8scJzE09TCUbeetxsTOavlqstbGOGLAemkzHIe9c3wYF7ufb/B8yOOLe4
e+tvSjQl84tfuhVyo51EqmzAbXJzYp7YLk3ZeAmepnF8ipWcRam1r4n07pWKiu3W
IzeuLElRAhNi7vA8P7Yh/L2/Wu2ydj7UD3PVkDWy6KDHcnJ8zoKweiIa4AWV/HWZ
qPm20wb8s33YR/Cnt0Y0y3Vk0CoHazSv1hZL40UZewUy
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org