Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
File: 677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa (raw, json)
Hash identifier: QbDXeD1oY2vyrE8w0rX3PH9L0xRnVkGAdrN+0wppmAM=
Subject key identifier: 7A:CB:EA:6B:57:94:D9:DD:B2:F8:BC:AA:C8:DB:AF:76:5E:28:17:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7555F9C132E757E23B07FED22E5A8DB06FBA9F0F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:55:f9:c1:32:e7:57:e2:3b:07:fe:d2:2e:5a:8d:b0:6f:ba:9f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=4f22d8091ee6526de0387b7386fd7dea6860bd74e17eb7fc7263d40f7ccbec6a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:7f:d8:fb:89:c5:8d:f1:41:fe:19:d7:65:
c4:db:02:d5:46:32:82:45:0c:3f:f2:b9:e3:7a:51:
d1:05:56:81:c2:ab:9f:91:80:05:3c:89:25:a2:a1:
55:f4:0a:7e:98:9c:93:f5:93:9c:46:63:44:45:ed:
d6:9c:25:ee:fc:9d:8d:9a:ca:cd:fe:97:3b:ec:d5:
08:f2:21:95:7c:5c:fb:59:90:bd:8f:9a:aa:a3:24:
f0:23:c1:f3:58:b3:79:d5:79:6a:50:ce:2e:6e:0b:
73:c1:d5:1f:1d:ac:a3:63:1c:96:b6:6a:c7:28:69:
e6:12:77:20:69:1c:30:ef:bf:ec:d0:51:47:17:b5:
92:2d:50:e7:82:8f:48:0d:6c:2a:ea:7b:27:11:6d:
39:58:65:4a:41:4a:d6:59:d1:67:28:ec:76:32:aa:
ef:cd:cf:a8:ed:f2:c4:96:76:f6:38:ce:64:d7:90:
13:ac:20:48:10:43:8b:a6:9f:53:cd:61:3f:9c:65:
bb:3f:72:33:8c:46:c0:73:12:66:b1:d2:c6:1d:97:
47:04:6b:da:1c:02:4c:03:ce:6f:fa:aa:c0:8a:82:
16:d7:e9:a8:29:3c:b0:75:f9:59:11:ea:25:be:3d:
5b:11:fe:0f:bc:00:ec:75:6d:8a:64:72:7d:83:27:
e0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CB:EA:6B:57:94:D9:DD:B2:F8:BC:AA:C8:DB:AF:76:5E:28:17:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
5c:6e:3e:61:d2:d9:95:70:61:2c:71:d9:6d:5b:7e:ba:87:7f:
dc:31:96:11:3d:34:3b:58:7f:27:6d:ae:3d:48:e8:fe:94:95:
26:99:c1:92:72:11:df:70:50:96:ec:bb:14:da:10:14:4e:da:
53:19:0c:c0:1f:d0:13:12:a6:68:7b:bf:4e:9b:9f:fe:67:87:
01:d2:05:25:66:0d:c4:20:5d:c9:77:26:f9:ba:08:1e:c6:93:
51:10:a5:c2:1c:41:18:0a:16:89:59:c7:0e:e5:d8:5c:ca:1c:
51:90:26:9c:76:13:15:83:f9:0b:f2:1e:f8:47:84:20:07:de:
d9:ec:59:17:e2:88:98:22:42:72:75:2b:eb:0b:44:60:91:80:
ee:96:b8:28:d8:8b:86:61:ff:30:04:ba:2f:62:0c:37:5c:6a:
df:d5:37:46:09:60:ab:07:f5:c5:46:17:f5:45:5e:16:d0:bd:
b0:30:3d:75:5b:28:db:49:3a:84:b4:b8:01:ca:cb:db:77:4c:
fc:83:dc:a5:4d:4c:ab:82:4d:69:18:22:c2:fc:0d:9d:58:e4:
d3:20:d1:3e:84:9e:47:fe:f0:ee:75:3d:ef:40:cb:7c:08:d7:
c9:47:b2:35:03:45:b0:7f:79:f2:a9:76:21:4c:55:6f:98:2f:
ca:2c:2e:9b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdVX5wTLnV+I7B/7SLlqNsG+6nw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmMjJkODA5MWVlNjUyNmRlMDM4N2I3Mzg2ZmQ3ZGVhNjg2MGJkNzRlMTdl
YjdmYzcyNjNkNDBmN2NjYmVjNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALY2f9j7icWN8UH+GddlxNsC1UYygkUMP/K543pR0QVWgcKrn5GABTyJJaKh
VfQKfpick/WTnEZjREXt1pwl7vydjZrKzf6XO+zVCPIhlXxc+1mQvY+aqqMk8CPB
81izedV5alDOLm4Lc8HVHx2so2MclrZqxyhp5hJ3IGkcMO+/7NBRRxe1ki1Q54KP
SA1sKup7JxFtOVhlSkFK1lnRZyjsdjKq783PqO3yxJZ29jjOZNeQE6wgSBBDi6af
U81hP5xluz9yM4xGwHMSZrHSxh2XRwRr2hwCTAPOb/qqwIqCFtfpqCk8sHX5WRHq
Jb49WxH+D7wA7HVtimRyfYMn4B8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR6y+pr
V5TZ3bL4vKrI2692XigXaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc3YWJmYjctYTFkNy00YWQ4LTg4NmUtNTRmZjM3NGJjYzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAXG4+YdLZlXBhLHHZbVt+uod/3DGWET00O1h/
J22uPUjo/pSVJpnBknIR33BQluy7FNoQFE7aUxkMwB/QExKmaHu/Tpuf/meHAdIF
JWYNxCBdyXcm+boIHsaTURClwhxBGAoWiVnHDuXYXMocUZAmnHYTFYP5C/Ie+EeE
IAfe2exZF+KImCJCcnUr6wtEYJGA7pa4KNiLhmH/MAS6L2IMN1xq39U3Rglgqwf1
xUYX9UVeFtC9sDA9dVso20k6hLS4AcrL23dM/IPcpU1Mq4JNaRgiwvwNnVjk0yDR
PoSeR/7w7nU970DLfAjXyUeyNQNFsH958ql2IUxVb5gvyiwumw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org