Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
File: 5bf13655-f776-45ba-8cff-e3d853dce89d.roa (raw, json)
Hash identifier: 3ih8ZTsNXNgepdHZ88nsxLxc/uJ/UmGAgNrkRXX1Z68=
Subject key identifier: 62:57:21:5A:C5:76:13:6B:6D:ED:06:76:9A:51:7F:21:4C:81:4D:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 580BA688763C3C7F17844FA2A20AF6BFD96BAF09
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:0b:a6:88:76:3c:3c:7f:17:84:4f:a2:a2:0a:f6:bf:d9:6b:af:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=8d9c99159418f6493ce9b7349e078113e7b4a667771c2ce0b055fb986a71d376, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:63:ad:ce:38:10:e4:cd:20:3f:d6:67:1d:b8:
3e:15:63:67:7b:39:4a:3a:e5:e6:45:e4:9d:89:e8:
91:32:0e:c5:7e:45:5a:b6:ab:0a:15:5e:e4:a9:47:
0e:7e:79:97:6a:91:bd:df:cc:47:9f:57:16:dc:9f:
e8:07:50:5f:ad:d0:38:3e:c9:82:1a:93:ad:03:89:
45:9b:56:a4:40:3c:f0:db:09:f4:4d:4a:c0:af:cd:
be:67:d8:83:cc:f3:92:f5:2c:8f:b5:60:c2:9a:79:
f3:ff:90:0d:2c:a1:83:05:c5:be:ae:e6:e2:6d:0d:
57:06:7c:da:52:2d:13:29:ee:95:ae:8e:a5:6c:89:
c6:ec:aa:72:09:4c:9c:48:17:e7:9a:8b:c9:53:0a:
36:b5:91:a6:d8:94:23:db:83:31:d9:09:ac:11:dd:
22:1c:4c:e8:d5:81:20:b8:7b:5e:83:6a:11:f9:e5:
d6:f6:ac:57:18:e2:b1:a8:11:49:a4:e9:7f:de:3c:
3d:74:03:bd:e2:fa:0c:ff:a7:fd:8e:fe:61:fc:43:
a7:27:6b:d1:e6:6a:53:05:bc:74:d3:70:03:b3:21:
4c:d1:18:a7:54:14:d5:69:80:fc:4c:a9:74:4b:47:
f7:cc:1f:81:fa:85:7a:a8:a2:4e:73:9b:70:d7:36:
a4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:57:21:5A:C5:76:13:6B:6D:ED:06:76:9A:51:7F:21:4C:81:4D:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:1c:8e:9b:c5:8e:c5:d8:48:18:85:ae:14:cb:80:be:9e:5b:
f5:69:66:50:69:45:b2:e5:27:d3:2f:91:e7:11:ed:e9:f7:aa:
58:b4:97:21:87:11:59:ff:6c:6b:7e:5b:19:33:84:ea:5a:77:
84:e7:f5:b3:83:55:8b:52:7c:c5:e9:f6:0f:d4:86:5a:ff:68:
97:fc:ac:78:b0:dd:71:e3:b8:98:02:f2:be:21:3a:36:6e:72:
49:db:8d:0e:12:b1:0e:4f:ef:7e:97:7d:0d:06:a7:16:21:22:
0d:5d:4c:9e:30:db:7d:38:fe:70:34:de:da:71:19:c1:3b:6a:
05:c0:2a:ad:20:5b:4c:8a:60:39:72:cb:42:18:fe:2d:30:bf:
20:15:bc:1d:51:7e:c8:41:7d:ea:94:9f:2f:23:e2:27:6b:84:
8f:1c:9d:c8:58:22:14:aa:78:45:8d:a5:3c:eb:28:04:d1:3e:
6d:88:f2:60:fa:de:d3:3c:c6:5f:c0:53:51:0b:d3:ef:3c:55:
e5:fe:39:77:01:79:1d:b9:0b:5b:72:5e:69:a4:bd:6b:15:71:
e1:d9:fd:69:37:92:5d:a1:cd:15:56:60:82:8a:cf:24:2a:67:
84:2c:65:41:bc:77:34:e6:ef:02:f5:c3:68:c1:81:f9:45:68:
d9:78:ee:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWAumiHY8PH8XhE+iogr2v9lrrwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkOWM5OTE1OTQxOGY2NDkzY2U5YjczNDllMDc4MTEzZTdiNGE2Njc3NzFj
MmNlMGIwNTVmYjk4NmE3MWQzNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxjrc44EOTNID/WZx24PhVjZ3s5Sjrl5kXknYnokTIOxX5FWrarChVe5KlH
Dn55l2qRvd/MR59XFtyf6AdQX63QOD7JghqTrQOJRZtWpEA88NsJ9E1KwK/NvmfY
g8zzkvUsj7Vgwpp58/+QDSyhgwXFvq7m4m0NVwZ82lItEynula6OpWyJxuyqcglM
nEgX55qLyVMKNrWRptiUI9uDMdkJrBHdIhxM6NWBILh7XoNqEfnl1vasVxjisagR
SaTpf948PXQDveL6DP+n/Y7+YfxDpydr0eZqUwW8dNNwA7MhTNEYp1QU1WmA/Eyp
dEtH98wfgfqFeqiiTnObcNc2pPUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRiVyFa
xXYTa23tBnaaUX8hTIFNYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWJmMTM2NTUtZjc3Ni00NWJhLThjZmYtZTNkODUzZGNlODlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAfByOm8WOxdhIGIWuFMuAvp5b9WlmUGlFsuUn0y+R
5xHt6feqWLSXIYcRWf9sa35bGTOE6lp3hOf1s4NVi1J8xen2D9SGWv9ol/yseLDd
ceO4mALyviE6Nm5ySduNDhKxDk/vfpd9DQanFiEiDV1MnjDbfTj+cDTe2nEZwTtq
BcAqrSBbTIpgOXLLQhj+LTC/IBW8HVF+yEF96pSfLyPiJ2uEjxydyFgiFKp4RY2l
POsoBNE+bYjyYPre0zzGX8BTUQvT7zxV5f45dwF5HbkLW3JeaaS9axVx4dn9aTeS
XaHNFVZggorPJCpnhCxlQbx3NObvAvXDaMGB+UVo2Xju6w==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org