Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
File: 75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa (raw, json)
Hash identifier: RLhQjWJlwqf+n2V29iJyUfw+qGYrNVcpMIWKH4Ee/L8=
Subject key identifier: 25:5E:DF:B2:D0:F3:CD:BA:76:5A:E9:CD:33:19:03:A6:56:1E:45:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5FBB190FEC5787FF4221013824E7AD00487AC762
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:bb:19:0f:ec:57:87:ff:42:21:01:38:24:e7:ad:00:48:7a:c7:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=b77b0cd0f1d2eefc814e8fb82b22b8f1818c5497e177a7ae4b4be2e6f173c55e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:12:35:18:44:25:59:73:77:b0:9c:f2:d8:b8:
45:ce:a1:1f:d1:fa:cc:61:d4:e0:e5:1b:09:ec:2a:
3d:7b:a6:93:e2:bb:04:8e:70:b1:ac:54:7a:e9:62:
c1:9a:13:3c:dd:0d:e8:44:60:97:4d:a8:75:7e:48:
d0:bf:6a:0e:db:bd:cb:5f:17:10:1b:ba:e1:5b:66:
87:20:65:bc:96:f5:85:96:fb:e8:64:4c:fb:27:4e:
17:26:2f:9e:36:4a:73:fa:ba:68:88:43:07:38:78:
0b:cd:00:d3:11:ab:d1:5f:72:df:d4:26:e2:41:68:
cc:a9:22:0e:65:d7:70:aa:c3:4e:ea:1e:97:81:80:
f7:75:58:df:de:a8:87:f7:0e:ce:51:be:f4:e3:0b:
fe:a7:98:60:3f:7e:fb:60:8a:92:88:50:82:ab:6a:
03:c6:8f:64:a6:37:f8:b2:66:c8:ca:94:4b:2f:dc:
dd:ed:b5:2e:b3:c0:4a:9e:c5:2b:55:6a:a7:d8:63:
37:5a:4b:d1:a0:ca:f6:ef:c2:33:53:a6:b9:d5:17:
ee:6f:cf:b8:9c:6f:4d:55:4b:0d:59:da:f4:75:61:
60:9b:f7:95:30:12:dc:6c:f9:a8:24:74:dd:58:aa:
68:7a:1a:e6:b9:0b:65:06:3f:b2:46:a8:5a:df:c1:
50:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5E:DF:B2:D0:F3:CD:BA:76:5A:E9:CD:33:19:03:A6:56:1E:45:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
55:45:00:28:ab:b2:c3:83:20:4b:71:92:a7:2c:f7:eb:b2:79:
51:9a:fb:5d:34:c9:08:53:da:cc:4a:40:91:b7:e7:d1:3b:8b:
bd:92:e7:d8:80:53:e4:11:55:3e:ac:cf:42:e3:e6:b8:0c:35:
1b:db:10:c0:4f:1b:9f:c4:94:d6:a8:c0:4e:93:c9:c0:77:d1:
b5:f8:1b:23:de:7e:56:a4:0a:fc:03:3c:d9:13:92:99:c6:74:
a9:12:9c:76:bd:3e:0b:d6:28:b3:bf:01:4c:68:b8:f8:2f:a1:
ec:1a:d0:52:57:a3:5d:06:2a:d8:e6:c6:a1:5f:eb:67:ca:2c:
9b:f4:1b:f8:17:d9:48:e4:c9:0c:16:6e:e2:92:08:d8:a6:ad:
67:0f:98:e5:dd:94:54:e7:b3:a0:89:6e:0c:70:ef:18:93:1a:
48:82:60:4d:5b:c7:5e:aa:54:69:d7:28:c6:42:23:9e:06:80:
05:ca:be:81:47:e4:48:71:63:49:4a:ef:26:17:df:c2:bd:4a:
08:e3:7b:66:67:90:fe:8b:d8:b3:6e:e6:45:9a:d6:df:3f:77:
08:16:7e:e1:6d:24:ec:73:97:8e:f0:6d:9a:fe:b9:35:8d:80:
13:20:7f:8e:fe:55:2b:cb:39:03:f9:11:69:fb:07:62:58:b3:
aa:f5:f2:67
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX7sZD+xXh/9CIQE4JOetAEh6x2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3N2IwY2QwZjFkMmVlZmM4MTRlOGZiODJiMjJiOGYxODE4YzU0OTdlMTc3
YTdhZTRiNGJlMmU2ZjE3M2M1NWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8SNRhEJVlzd7Cc8ti4Rc6hH9H6zGHU4OUbCewqPXumk+K7BI5wsaxUeuli
wZoTPN0N6ERgl02odX5I0L9qDtu9y18XEBu64VtmhyBlvJb1hZb76GRM+ydOFyYv
njZKc/q6aIhDBzh4C80A0xGr0V9y39Qm4kFozKkiDmXXcKrDTuoel4GA93VY396o
h/cOzlG+9OML/qeYYD9++2CKkohQgqtqA8aPZKY3+LJmyMqUSy/c3e21LrPASp7F
K1Vqp9hjN1pL0aDK9u/CM1OmudUX7m/PuJxvTVVLDVna9HVhYJv3lTAS3Gz5qCR0
3ViqaHoa5rkLZQY/skaoWt/BUFsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQlXt+y
0PPNunZa6c0zGQOmVh5FZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzVkMTZkOTYtOWU1Ny00Y2MwLTgzZGYtMmMwMTFjY2M4ZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQBVRQAoq7LDgyBLcZKnLPfrsnlRmvtdNMkIU9rM
SkCRt+fRO4u9kufYgFPkEVU+rM9C4+a4DDUb2xDATxufxJTWqMBOk8nAd9G1+Bsj
3n5WpAr8AzzZE5KZxnSpEpx2vT4L1iizvwFMaLj4L6HsGtBSV6NdBirY5sahX+tn
yiyb9Bv4F9lI5MkMFm7ikgjYpq1nD5jl3ZRU57OgiW4McO8YkxpIgmBNW8deqlRp
1yjGQiOeBoAFyr6BR+RIcWNJSu8mF9/CvUoI43tmZ5D+i9izbuZFmtbfP3cIFn7h
bSTsc5eO8G2a/rk1jYATIH+O/lUryzkD+RFp+wdiWLOq9fJn
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org