Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
File: 73817c12-8c1e-4664-9721-3b7c6b416bab.roa (raw, json)
Hash identifier: VRsgZYdVq/RpoHjQ7O4ZVrCpPDIJ/zc4XEYMi8DmRsU=
Subject key identifier: 81:C7:FF:1C:2C:DC:59:8C:95:F2:DA:99:72:8E:80:6A:94:61:B9:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70869BB2C4213DB908812ECA155656B01E1A1436
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:86:9b:b2:c4:21:3d:b9:08:81:2e:ca:15:56:56:b0:1e:1a:14:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=5707672479af7c6f58a5ec21096f8b4f7e891ade6a6a33ec68172e72ff03b068, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:69:12:b9:02:be:4f:b2:9f:1a:65:eb:3b:
65:c2:ce:1c:8f:6d:d8:9b:c4:00:53:fb:a2:68:e5:
c7:1e:a3:ca:13:92:3a:42:c5:fb:33:b5:fc:b8:ad:
b7:54:c5:c9:63:f9:45:9f:b5:15:66:b5:79:f5:dc:
14:1a:c6:51:41:5f:d8:cc:dc:24:c2:22:92:84:38:
a8:09:5d:1b:a3:9a:07:75:fd:9e:0f:cf:b2:a1:36:
ad:36:b9:a9:71:93:ab:38:d0:29:d6:a2:e2:45:9f:
2e:a1:dd:d4:47:72:26:56:39:ad:21:d5:b4:62:db:
02:49:bf:9c:a3:36:1c:fd:09:01:28:d9:10:c6:3f:
8d:79:51:3f:bd:79:88:2f:a4:c6:7e:f9:80:f5:ab:
dd:c3:6d:b7:58:c0:3e:86:cf:ab:32:2a:2d:af:90:
c5:13:cd:eb:a2:4d:53:b7:d7:04:07:9d:8b:d0:5b:
c6:b2:00:c0:22:4d:4e:07:ba:de:c2:74:3d:5f:d4:
1c:e7:02:dc:30:9a:10:9d:92:d2:06:75:84:2d:15:
85:f9:28:4f:d5:88:c0:88:ca:f3:8b:cb:35:69:3d:
a8:47:61:b0:f1:84:e3:72:fb:fe:69:33:c7:2f:01:
0a:71:24:ee:52:5c:a0:d8:7a:ee:ab:84:bf:b6:00:
bc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C7:FF:1C:2C:DC:59:8C:95:F2:DA:99:72:8E:80:6A:94:61:B9:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73817c12-8c1e-4664-9721-3b7c6b416bab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
8d:ba:d5:f0:a8:a3:60:3d:3e:60:1c:2a:43:c0:ad:71:d2:f9:
cf:45:98:b5:c5:c3:91:24:62:7d:2c:9c:cc:6e:fc:d2:c5:d5:
0e:5b:38:09:05:0c:13:8f:25:68:4c:dc:64:ca:14:e2:9c:76:
80:3e:f8:ce:ee:b9:a6:f2:7c:96:34:2a:93:6d:d5:cf:cc:fc:
71:23:33:2d:ef:2f:46:d8:32:65:fc:9f:48:34:08:d2:b1:86:
50:33:1b:81:3b:33:cd:ee:ab:b1:3e:f0:59:c5:40:f6:6b:24:
44:40:86:65:c1:99:66:9d:d3:13:37:00:75:f9:8d:51:fd:7b:
e9:32:16:d0:d1:8b:9d:42:7a:4c:02:fb:f1:ec:63:a8:2c:c6:
b1:32:71:86:0f:35:5c:15:37:f0:49:3c:7e:90:16:43:54:c6:
79:de:fc:da:63:c5:34:13:e4:ea:73:fc:de:bd:f1:1f:2c:fd:
06:a7:5d:cc:1c:0f:8a:4a:55:7a:c7:b8:a8:a9:f6:0a:a6:36:
8b:ba:34:99:05:e4:f3:0e:50:fe:ac:8a:2c:63:51:c4:68:3f:
73:dd:87:1b:e2:77:a1:05:dc:29:5f:d2:b4:96:84:e9:db:3e:
90:15:a1:79:02:a3:53:2a:7e:53:56:66:eb:d2:f4:51:7f:ce:
56:db:94:ce
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcIabssQhPbkIgS7KFVZWsB4aFDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3MDc2NzI0NzlhZjdjNmY1OGE1ZWMyMTA5NmY4YjRmN2U4OTFhZGU2YTZh
MzNlYzY4MTcyZTcyZmYwM2IwNjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoEaRK5Ar5Psp8aZes7ZcLOHI9t2JvEAFP7omjlxx6jyhOSOkLF+zO1/Lit
t1TFyWP5RZ+1FWa1efXcFBrGUUFf2MzcJMIikoQ4qAldG6OaB3X9ng/PsqE2rTa5
qXGTqzjQKdai4kWfLqHd1EdyJlY5rSHVtGLbAkm/nKM2HP0JASjZEMY/jXlRP715
iC+kxn75gPWr3cNtt1jAPobPqzIqLa+QxRPN66JNU7fXBAedi9BbxrIAwCJNTge6
3sJ0PV/UHOcC3DCaEJ2S0gZ1hC0VhfkoT9WIwIjK84vLNWk9qEdhsPGE43L7/mkz
xy8BCnEk7lJcoNh67quEv7YAvCUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSBx/8c
LNxZjJXy2plyjoBqlGG5fjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzM4MTdjMTItOGMxZS00NjY0LTk3MjEtM2I3YzZiNDE2YmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAjbrV8KijYD0+YBwqQ8CtcdL5z0WYtcXDkSRifSyc
zG780sXVDls4CQUME48laEzcZMoU4px2gD74zu65pvJ8ljQqk23Vz8z8cSMzLe8v
RtgyZfyfSDQI0rGGUDMbgTszze6rsT7wWcVA9mskRECGZcGZZp3TEzcAdfmNUf17
6TIW0NGLnUJ6TAL78exjqCzGsTJxhg81XBU38Ek8fpAWQ1TGed782mPFNBPk6nP8
3r3xHyz9BqddzBwPikpVese4qKn2CqY2i7o0mQXk8w5Q/qyKLGNRxGg/c92HG+J3
oQXcKV/StJaE6ds+kBWheQKjUyp+U1Zm69L0UX/OVtuUzg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org