Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
File: 73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa (raw, json)
Hash identifier: WEe3nK7jCjIzzWWQNX67nCeM2gzrJAP1ms7ImNFOz04=
Subject key identifier: 5D:89:39:30:C6:B9:F8:32:03:56:E7:DC:50:E8:62:52:3E:A8:23:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4384063AE7BA417979AF0DEAEDE974053F6C64ED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:84:06:3a:e7:ba:41:79:79:af:0d:ea:ed:e9:74:05:3f:6c:64:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=ff75d0b82ccf8b68c54df687a3ab555ff699b531cb9cd6fd41fb122694a79f00, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f8:c1:b2:91:ed:ba:7e:70:eb:a4:9c:4c:f4:
42:36:b3:b0:17:eb:d0:9c:aa:8f:6e:23:9a:cc:1e:
71:e0:71:06:a6:db:f8:0c:14:35:db:1f:f1:1a:22:
5d:58:ea:4d:7a:d7:36:77:88:c2:ba:36:af:c2:aa:
1a:ea:8c:97:e8:0f:fc:f2:63:38:e8:e0:29:c7:0a:
26:37:c1:61:5c:fc:5b:b6:9f:bb:56:aa:73:9b:28:
7f:ba:7e:31:7a:b3:b8:53:b5:f1:d6:a7:ab:a2:1c:
91:8d:71:ba:cf:03:11:e2:50:50:d0:b0:5a:40:f0:
1a:c8:e9:1c:a1:1e:14:20:f8:b7:4b:6d:23:ff:59:
de:5d:94:ef:a3:5c:25:bb:d3:57:8a:ee:37:62:22:
4b:64:c1:03:ad:bf:b5:1f:ac:e7:d9:3d:05:95:6c:
31:d2:e3:3b:ef:cd:2d:fd:66:29:62:0e:5b:bb:2e:
70:7e:3a:7d:2b:f2:e8:7d:eb:89:5c:6c:3d:54:a9:
1f:a0:6d:6f:18:09:43:c7:1d:82:07:28:9d:f5:73:
4d:19:31:bb:74:a6:1a:6b:d3:96:a6:b9:c2:83:b4:
a8:9a:07:92:37:23:8b:72:f0:50:b8:42:6a:46:c3:
0b:dc:db:ae:76:54:df:dd:c0:63:1f:3f:75:d6:03:
cb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:89:39:30:C6:B9:F8:32:03:56:E7:DC:50:E8:62:52:3E:A8:23:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:c7:37:34:83:db:10:58:f7:f5:f7:6d:d3:a7:4e:fb:6e:73:
a0:26:25:8e:ef:34:5a:48:19:16:3f:44:bd:96:56:a4:68:3d:
8c:96:54:b1:12:da:e3:df:df:e0:ba:d8:43:a1:af:29:3e:e8:
e8:d1:f7:d3:df:fc:09:60:f1:20:b1:b6:23:5f:84:cb:03:5c:
c5:2d:30:0e:75:9a:43:2f:1d:13:f9:67:f9:14:5f:9b:44:1c:
07:f0:94:b3:9e:96:de:e5:fe:92:a1:99:fe:35:ae:55:6f:73:
a9:40:cd:53:43:68:0e:a5:08:2f:e2:8c:47:67:c6:c1:7f:f5:
cc:ee:76:ae:ad:96:3d:ee:dd:b7:45:56:a0:b7:2e:81:7e:7c:
d9:81:10:c0:1e:d6:25:5e:45:8c:59:04:1c:59:69:6c:19:89:
68:9a:fd:fb:66:ad:f2:15:0d:a7:fd:47:80:b8:8c:c5:b1:c6:
ef:a3:06:43:aa:79:65:d3:be:d3:b1:f0:a4:49:f4:54:86:02:
9d:3f:7e:a0:fa:19:40:9b:27:3b:a6:9d:3c:3e:8a:bd:c7:cb:
98:82:70:05:c0:20:f8:ac:dd:58:7a:39:f0:fe:84:e6:75:db:
37:8c:6b:31:2e:aa:b0:2e:81:ff:cb:f1:c0:3b:7a:09:fd:c2:
92:2c:40:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ4QGOue6QXl5rw3q7el0BT9sZO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmNzVkMGI4MmNjZjhiNjhjNTRkZjY4N2EzYWI1NTVmZjY5OWI1MzFjYjlj
ZDZmZDQxZmIxMjI2OTRhNzlmMDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANb4wbKR7bp+cOuknEz0QjazsBfr0Jyqj24jmsweceBxBqbb+AwUNdsf8Roi
XVjqTXrXNneIwro2r8KqGuqMl+gP/PJjOOjgKccKJjfBYVz8W7afu1aqc5sof7p+
MXqzuFO18danq6IckY1xus8DEeJQUNCwWkDwGsjpHKEeFCD4t0ttI/9Z3l2U76Nc
JbvTV4ruN2IiS2TBA62/tR+s59k9BZVsMdLjO+/NLf1mKWIOW7sucH46fSvy6H3r
iVxsPVSpH6BtbxgJQ8cdggconfVzTRkxu3SmGmvTlqa5woO0qJoHkjcji3LwULhC
akbDC9zbrnZU393AYx8/ddYDy1UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdiTkw
xrn4MgNW59xQ6GJSPqgj1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzNlZTI0NzItN2NhZi00N2I1LWIyZmYtMTVhYjZmNTQxMjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQByxzc0g9sQWPf1923Tp077bnOgJiWO7zRaSBkWP0S9
llakaD2MllSxEtrj39/guthDoa8pPujo0ffT3/wJYPEgsbYjX4TLA1zFLTAOdZpD
Lx0T+Wf5FF+bRBwH8JSznpbe5f6SoZn+Na5Vb3OpQM1TQ2gOpQgv4oxHZ8bBf/XM
7naurZY97t23RVagty6BfnzZgRDAHtYlXkWMWQQcWWlsGYlomv37Zq3yFQ2n/UeA
uIzFscbvowZDqnll077TsfCkSfRUhgKdP36g+hlAmyc7pp08Poq9x8uYgnAFwCD4
rN1Yejnw/oTmdds3jGsxLqqwLoH/y/HAO3oJ/cKSLECG
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org