Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: lgbkwv0PVqz6xphugVCgKbwHSK7tQLfUxhLYzSyc/4I=
Subject key identifier: 5F:6D:D7:3B:A4:22:64:BA:B1:7B:D5:D2:5C:9F:53:D4:20:FB:B4:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0162DD28790FE01E7CE69B522E054F6DB2A5CF77
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Tue 28 May 2024 00:00:00 +0000
ROA not before: Tue 28 May 2024 00:00:00 +0000
ROA not after: Tue 02 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:62:dd:28:79:0f:e0:1e:7c:e6:9b:52:2e:05:4f:6d:b2:a5:cf:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 28 00:00:00 2024 GMT
Not After : Jul 2 23:59:59 2024 GMT
Subject: serialNumber=f289f5882c7c1b5fa68851021754d0f045079c6b0a9e6cf46790fd3cce92718c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:05:03:c1:61:61:9c:29:e8:02:ed:96:d8:1c:
27:88:79:f5:3e:eb:a4:e6:9a:10:90:14:de:af:55:
dc:6a:7c:f5:e1:04:87:f5:42:a5:66:5e:86:99:55:
dc:cc:95:55:90:b0:ec:fa:27:55:34:fc:03:f5:bf:
4a:1a:50:ec:d4:56:07:8e:ff:20:64:00:75:c2:dd:
6c:bd:b3:6f:02:6d:72:78:9c:46:82:3e:eb:f8:fe:
8a:a6:e1:3f:29:e5:c1:ce:72:16:9e:d9:f0:d5:bd:
02:bf:a8:db:5e:7f:94:13:bb:3a:a1:7f:1e:c1:55:
54:b3:b9:e1:26:9b:7c:d6:37:46:28:c8:28:71:f3:
cf:1a:99:43:16:2f:be:45:18:c6:c4:05:07:49:75:
f3:1d:0f:52:48:09:05:30:04:f4:fd:f1:47:75:ee:
a1:0a:24:4e:c9:a6:af:8c:ae:fb:27:3c:24:c3:c1:
1c:b6:86:94:49:31:11:4f:9f:24:84:55:df:13:1d:
cd:dc:90:24:9c:76:26:a2:cd:62:a2:63:87:2d:e2:
80:d7:07:7f:68:57:84:88:7c:84:f0:df:3c:13:ae:
60:ee:c7:7b:4c:75:5a:47:88:34:71:b6:11:5b:fb:
0a:a4:9e:f7:31:10:d6:28:0f:7f:11:3d:33:0f:74:
82:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6D:D7:3B:A4:22:64:BA:B1:7B:D5:D2:5C:9F:53:D4:20:FB:B4:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
8f:cd:14:cb:22:31:07:cc:4f:05:02:3f:44:cc:50:57:3e:7c:
ff:fb:19:1c:c2:a3:bc:6c:ac:6e:26:72:05:aa:bd:ec:6b:10:
12:be:67:f0:c3:e5:a6:b8:ed:91:90:2d:e3:db:fc:93:4b:88:
54:1f:f7:1f:95:be:78:c9:20:7a:ee:86:5a:75:d4:ab:6f:46:
c3:98:14:eb:b4:ff:9d:ac:9e:36:82:ed:53:71:0a:df:ce:ee:
73:d8:ed:ce:08:ad:11:63:18:10:4d:4e:a5:9f:32:5a:ec:42:
88:7e:1d:b2:bc:af:0a:76:6c:be:ef:3e:3c:89:8c:66:e0:0b:
4a:35:1d:ee:b4:9e:93:8c:b6:c1:70:66:68:c9:26:94:08:dc:
e1:37:32:1f:6d:5a:03:3b:fa:1b:ad:33:c5:5c:2c:3a:e1:39:
86:24:92:c6:33:74:95:41:a8:81:10:f8:b6:fb:43:96:fd:77:
de:44:ec:fd:09:d4:cf:b1:87:4b:57:19:57:ec:e6:c8:2c:6e:
a0:5d:da:21:f2:6c:66:90:0e:47:35:a1:41:68:c4:fd:31:12:
d9:d4:91:cd:cf:4a:c4:7c:1b:a0:1a:24:56:fc:c3:85:6a:72:
77:0c:a6:0b:8b:24:dd:dd:45:82:80:a6:03:11:02:23:5f:5e:
df:c6:e3:86
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAWLdKHkP4B585ptSLgVPbbKlz3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjgwMDAwMDBaFw0yNDA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyODlmNTg4MmM3YzFiNWZhNjg4NTEwMjE3NTRkMGYwNDUwNzljNmIwYTll
NmNmNDY3OTBmZDNjY2U5MjcxOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUFA8FhYZwp6ALtltgcJ4h59T7rpOaaEJAU3q9V3Gp89eEEh/VCpWZehplV
3MyVVZCw7PonVTT8A/W/ShpQ7NRWB47/IGQAdcLdbL2zbwJtcnicRoI+6/j+iqbh
Pynlwc5yFp7Z8NW9Ar+o215/lBO7OqF/HsFVVLO54SabfNY3RijIKHHzzxqZQxYv
vkUYxsQFB0l18x0PUkgJBTAE9P3xR3XuoQokTsmmr4yu+yc8JMPBHLaGlEkxEU+f
JIRV3xMdzdyQJJx2JqLNYqJjhy3igNcHf2hXhIh8hPDfPBOuYO7He0x1WkeINHG2
EVv7CqSe9zEQ1igPfxE9Mw90gl0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRfbdc7
pCJkurF71dJcn1PUIPu0hDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAj80UyyIxB8xPBQI/RMxQVz58//sZHMKjvGysbiZy
Baq97GsQEr5n8MPlprjtkZAt49v8k0uIVB/3H5W+eMkgeu6GWnXUq29Gw5gU67T/
nayeNoLtU3EK387uc9jtzgitEWMYEE1OpZ8yWuxCiH4dsryvCnZsvu8+PImMZuAL
SjUd7rSek4y2wXBmaMkmlAjc4TcyH21aAzv6G60zxVwsOuE5hiSSxjN0lUGogRD4
tvtDlv133kTs/QnUz7GHS1cZV+zmyCxuoF3aIfJsZpAORzWhQWjE/TES2dSRzc9K
xHwboBokVvzDhWpydwymC4sk3d1FgoCmAxECI19e38bjhg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org