Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
File: 53a9be89-d507-454e-96fb-d2a28e64f836.roa (raw, json)
Hash identifier: 2h/MMKCAO5P7CgPbRnbm96DrWicAZdGmnmR6WrH1KQI=
Subject key identifier: 34:FC:14:0D:70:EC:B1:54:41:E5:C2:18:E9:46:1C:E5:F9:8D:B0:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64DAB705C8463223C10E0C4F2665404B324BF353
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
Signing time: Fri 03 May 2024 00:00:00 +0000
ROA not before: Fri 03 May 2024 00:00:00 +0000
ROA not after: Fri 07 Jun 2024 23:59:59 +0000
asID: 14618
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:da:b7:05:c8:46:32:23:c1:0e:0c:4f:26:65:40:4b:32:4b:f3:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 3 00:00:00 2024 GMT
Not After : Jun 7 23:59:59 2024 GMT
Subject: serialNumber=93fa8ca203bc4b2a09acf5243056ad67d766fcaeb339616d2d9304e4782c2a83, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:18:f6:5b:0d:86:47:7b:c5:a8:ac:46:91:4d:
26:22:01:db:73:b0:1e:1c:91:8b:34:5f:a1:f9:7a:
83:a1:f8:e9:9c:d3:db:18:03:92:44:95:f8:ed:cd:
02:56:69:02:9e:54:bf:fc:40:44:93:33:40:8e:ab:
36:38:11:74:18:61:33:7b:98:91:b6:ef:d1:59:c2:
18:2b:11:4c:9b:4a:16:39:9a:66:73:a7:48:7a:37:
e4:de:47:7a:fe:bb:77:b0:36:fe:53:7d:26:41:d3:
46:08:e9:38:54:5a:3d:85:3c:b5:bf:eb:7e:09:c8:
0c:56:dc:f5:d5:b2:fe:c1:5a:3c:42:49:88:46:4f:
88:79:16:76:da:13:7a:40:1b:3c:00:d9:13:a9:55:
75:71:97:49:fd:3f:ea:87:3c:ae:42:0b:fa:1a:10:
aa:5b:0e:56:c6:34:1c:a4:94:04:2d:53:a5:33:c0:
79:1c:3d:91:e4:50:d7:b7:13:37:eb:3f:44:a8:50:
c4:80:4f:9f:c8:67:49:26:50:0c:af:4c:f8:25:96:
7f:67:c3:70:1c:81:44:c2:14:29:ec:c5:18:d5:8d:
95:d1:8e:4f:48:fc:c9:15:ce:85:ab:6b:9d:89:dc:
a4:64:9f:6c:42:07:89:80:a4:36:2b:50:15:40:fa:
75:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FC:14:0D:70:EC:B1:54:41:E5:C2:18:E9:46:1C:E5:F9:8D:B0:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/53a9be89-d507-454e-96fb-d2a28e64f836.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:09:da:fd:1a:5d:d2:13:01:9b:4a:bc:ca:7f:66:57:78:c2:
a1:22:f9:1b:46:5a:b9:68:64:60:96:f6:fc:c3:f1:df:af:2e:
38:f3:aa:84:c1:b1:aa:04:28:c4:3d:e0:75:e7:6a:6e:ea:fb:
5c:4a:27:c4:71:f7:6c:c8:b9:2e:f6:dd:50:e0:97:f6:05:f2:
27:07:86:28:aa:17:cb:26:fc:f2:de:e9:35:7a:72:b7:9b:b5:
97:09:b1:d4:87:f0:5a:a1:48:c5:72:12:9d:b5:b0:cb:11:0d:
eb:b7:57:68:be:40:aa:8d:22:49:c6:6a:16:e9:23:0e:3e:22:
11:13:02:92:f0:14:a0:13:9e:cb:c2:a5:63:c8:62:46:41:cd:
5c:44:58:02:73:cf:25:7d:b3:05:ba:0a:f4:b6:21:d1:62:f9:
19:71:80:3e:70:33:f5:47:32:b8:64:ef:28:5d:18:a3:f9:a8:
b2:a8:42:59:65:0a:ae:ce:05:e0:bb:58:1d:b2:eb:3a:81:62:
8f:28:78:09:0e:ca:79:68:d1:03:34:19:e6:ae:90:af:b0:a8:
e9:7b:3d:7c:64:4e:2a:57:53:98:d1:b4:f4:fa:6e:53:e0:5c:
70:a0:e4:24:5d:cd:19:7f:a1:82:0d:04:e9:51:b0:0d:cd:7e:
f5:c2:76:7b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZNq3BchGMiPBDgxPJmVASzJL81MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MDMwMDAwMDBaFw0yNDA2MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzZmE4Y2EyMDNiYzRiMmEwOWFjZjUyNDMwNTZhZDY3ZDc2NmZjYWViMzM5
NjE2ZDJkOTMwNGU0NzgyYzJhODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIY9lsNhkd7xaisRpFNJiIB23OwHhyRizRfofl6g6H46ZzT2xgDkkSV+O3N
AlZpAp5Uv/xARJMzQI6rNjgRdBhhM3uYkbbv0VnCGCsRTJtKFjmaZnOnSHo35N5H
ev67d7A2/lN9JkHTRgjpOFRaPYU8tb/rfgnIDFbc9dWy/sFaPEJJiEZPiHkWdtoT
ekAbPADZE6lVdXGXSf0/6oc8rkIL+hoQqlsOVsY0HKSUBC1TpTPAeRw9keRQ17cT
N+s/RKhQxIBPn8hnSSZQDK9M+CWWf2fDcByBRMIUKezFGNWNldGOT0j8yRXOhatr
nYncpGSfbEIHiYCkNitQFUD6dZ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0/BQN
cOyxVEHlwhjpRhzl+Y2w7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTNhOWJlODktZDUwNy00NTRlLTk2ZmItZDJhMjhlNjRmODM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQA4Cdr9Gl3SEwGbSrzKf2ZXeMKhIvkbRlq5aGRglvb8
w/Hfry4486qEwbGqBCjEPeB152pu6vtcSifEcfdsyLku9t1Q4Jf2BfInB4YoqhfL
Jvzy3uk1enK3m7WXCbHUh/BaoUjFchKdtbDLEQ3rt1dovkCqjSJJxmoW6SMOPiIR
EwKS8BSgE57LwqVjyGJGQc1cRFgCc88lfbMFugr0tiHRYvkZcYA+cDP1RzK4ZO8o
XRij+aiyqEJZZQquzgXgu1gdsus6gWKPKHgJDsp5aNEDNBnmrpCvsKjpez18ZE4q
V1OY0bT0+m5T4FxwoOQkXc0Zf6GCDQTpUbANzX71wnZ7
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org