Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72fccd43-b670-4a4c-a4dd-752e0ada314a.roa
File: 72fccd43-b670-4a4c-a4dd-752e0ada314a.roa (raw, json)
Hash identifier: Fqp6cYJypBZ/PpUzZ6o8HdqUs9LNJ/YEvpemYaxBn5E=
Subject key identifier: 35:7D:B4:81:CB:70:A0:E5:15:E0:AF:B5:35:68:90:5D:13:F6:83:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 153FA8E47AEEC41281D397E6221B96D7070FEAA3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72fccd43-b670-4a4c-a4dd-752e0ada314a.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:3f:a8:e4:7a:ee:c4:12:81:d3:97:e6:22:1b:96:d7:07:0f:ea:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=4091d29a220dc304bb1c816ae36b068fe086dc9d15d876aece20732bc6e94ce9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:20:fe:00:29:26:91:68:ec:46:96:bc:7a:5f:
61:3d:54:8b:8f:51:d4:c0:01:10:1e:eb:a2:f2:a6:
c0:66:86:b5:5f:1e:db:50:e7:14:18:cf:47:dd:5a:
f2:83:d1:8f:5d:cc:77:f1:da:0e:2b:83:b1:9c:d5:
fa:68:46:16:b3:14:03:90:68:c9:83:28:e8:07:5e:
d2:7c:6b:b1:31:85:32:33:51:7b:85:d9:f8:93:a4:
b6:64:b5:bd:0b:23:33:92:14:0f:4c:1f:c2:dc:c5:
25:90:2b:33:57:9b:e4:e5:d4:b0:5b:15:61:e6:1e:
31:3a:f1:4a:fe:f8:87:26:a6:ef:7d:62:6f:34:5f:
b7:b9:76:b0:9b:6c:d1:30:72:03:b4:8d:bc:7e:51:
47:e1:94:64:c6:08:9b:63:1b:5d:0a:55:36:d0:84:
4a:21:a8:ae:24:10:5b:67:8b:48:f7:61:76:a7:d7:
f9:0a:ed:ce:ec:46:af:3e:cd:a5:dd:25:2a:90:13:
da:3b:9c:3b:68:62:83:32:19:15:07:ea:82:2d:27:
f5:35:a3:be:57:f7:31:80:1a:8e:5c:d9:0c:08:0d:
e7:1c:0a:56:40:9f:2a:b1:c9:9b:7a:4e:7b:00:38:
ff:c1:ba:9f:96:fb:ad:fd:85:94:cb:2b:62:ea:a1:
43:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7D:B4:81:CB:70:A0:E5:15:E0:AF:B5:35:68:90:5D:13:F6:83:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72fccd43-b670-4a4c-a4dd-752e0ada314a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:99:ba:9e:34:a5:2c:6b:0b:bf:18:c6:bb:b8:58:80:a2:76:
35:68:62:d2:31:cd:07:4e:44:27:d8:d9:4b:69:b9:42:e5:28:
a3:79:79:e8:a7:4c:42:8b:cb:db:03:62:c6:b1:bd:cb:1e:a2:
c6:cd:0d:81:2d:37:43:0b:9f:93:50:05:34:37:25:d0:a7:eb:
0c:70:13:54:cd:9b:4e:e7:88:1f:83:3b:a8:1b:31:c3:3e:c3:
fb:a3:11:1b:3b:fe:b5:51:d9:d4:1f:9b:e0:69:64:25:83:c6:
f8:d8:f8:9c:0e:34:26:5a:7d:16:ab:aa:03:0a:be:a7:3a:94:
88:2c:00:2a:53:a7:75:d5:3c:78:7b:71:b2:93:75:b9:85:06:
15:72:8b:80:9b:34:81:58:ef:25:39:b5:76:46:7c:b1:fe:b6:
82:64:0f:fe:8d:fd:4b:4b:e9:fd:d6:0c:7f:be:7e:20:fd:25:
b3:24:f8:62:1b:69:59:03:5a:a6:28:22:3a:c8:58:1b:c9:81:
2d:0b:cf:d6:17:74:50:87:3b:80:87:93:d4:a9:74:07:f9:07:
a5:08:de:db:65:3e:00:67:71:92:31:74:29:f7:7b:9e:5f:a7:
88:9d:93:85:5f:28:5a:69:bb:4c:74:29:ec:c3:6f:8f:63:15:
07:e2:a5:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFT+o5HruxBKB05fmIhuW1wcP6qMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwOTFkMjlhMjIwZGMzMDRiYjFjODE2YWUzNmIwNjhmZTA4NmRjOWQxNWQ4
NzZhZWNlMjA3MzJiYzZlOTRjZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUg/gApJpFo7EaWvHpfYT1Ui49R1MABEB7rovKmwGaGtV8e21DnFBjPR91a
8oPRj13Md/HaDiuDsZzV+mhGFrMUA5BoyYMo6Ade0nxrsTGFMjNRe4XZ+JOktmS1
vQsjM5IUD0wfwtzFJZArM1eb5OXUsFsVYeYeMTrxSv74hyam731ibzRft7l2sJts
0TByA7SNvH5RR+GUZMYIm2MbXQpVNtCESiGoriQQW2eLSPdhdqfX+QrtzuxGrz7N
pd0lKpAT2jucO2higzIZFQfqgi0n9TWjvlf3MYAajlzZDAgN5xwKVkCfKrHJm3pO
ewA4/8G6n5b7rf2FlMsrYuqhQ+cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ1fbSB
y3Cg5RXgr7U1aJBdE/aDNDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzJmY2NkNDMtYjY3MC00YTRjLWE0ZGQtNzUyZTBhZGEzMTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQC6mbqeNKUsawu/GMa7uFiAonY1aGLSMc0HTkQn2NlL
ablC5SijeXnop0xCi8vbA2LGsb3LHqLGzQ2BLTdDC5+TUAU0NyXQp+sMcBNUzZtO
54gfgzuoGzHDPsP7oxEbO/61UdnUH5vgaWQlg8b42PicDjQmWn0Wq6oDCr6nOpSI
LAAqU6d11Tx4e3Gyk3W5hQYVcouAmzSBWO8lObV2Rnyx/raCZA/+jf1LS+n91gx/
vn4g/SWzJPhiG2lZA1qmKCI6yFgbyYEtC8/WF3RQhzuAh5PUqXQH+QelCN7bZT4A
Z3GSMXQp93ueX6eInZOFXyhaabtMdCnsw2+PYxUH4qUZ
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org