Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
File: 79f828d9-a8c6-4d05-b291-d1f3154636f8.roa (raw, json)
Hash identifier: huntAhvU8LvinnyH2Rlc0sqHwZLzLBjmrrLiqURrZ7Y=
Subject key identifier: 83:40:DB:41:41:04:99:1A:DD:BB:4F:CD:86:9A:62:48:32:37:72:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C632C8EEDD68B947EC658CA7E3B4A7EF62BB9D1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:63:2c:8e:ed:d6:8b:94:7e:c6:58:ca:7e:3b:4a:7e:f6:2b:b9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=264694ca88559c0f7d04b32b112a6e85b92dd254ce6e2fca6d68a0753ac9ad17, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:23:6a:e9:e6:c0:ac:25:89:76:01:ec:fb:c8:
6c:80:d2:4a:f5:87:88:e0:b2:13:6d:28:ca:ff:98:
32:a5:ce:b0:54:7b:f1:4b:aa:ca:cd:03:59:e8:cb:
51:3c:72:98:87:56:2e:38:52:fd:ef:5a:d2:af:39:
c7:8c:83:09:38:d3:c0:91:69:19:6f:d9:ea:29:2f:
7f:f2:2a:74:42:11:56:76:87:9f:e6:2b:45:9a:b0:
14:e3:3b:ed:cd:28:49:60:ee:69:8e:6c:ec:e9:aa:
de:cb:c8:07:35:8f:d6:e6:2b:f7:d9:a3:bd:c5:14:
1d:e9:15:a5:85:1d:8f:f4:e1:6b:b2:ef:83:28:14:
97:60:07:0c:05:af:71:be:ce:1f:22:19:e4:8d:65:
73:f6:13:0c:a8:15:6f:48:9d:cd:90:83:66:72:2c:
00:0b:ce:7f:41:67:63:19:09:fc:6f:d5:61:27:53:
a6:82:35:7c:f8:65:cd:5e:92:71:7f:d4:80:ef:7f:
36:29:96:cf:10:3f:f7:18:d6:48:00:6e:7d:e8:5d:
7c:bf:98:83:8f:d3:e6:a7:89:e6:49:05:b6:ae:f6:
81:3a:0d:b9:50:17:f7:94:98:35:c5:81:85:12:33:
14:6a:f5:27:1d:ee:4a:56:54:8e:79:e8:5b:36:a1:
7f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:40:DB:41:41:04:99:1A:DD:BB:4F:CD:86:9A:62:48:32:37:72:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:2c:12:1f:d5:d8:46:f8:b9:56:d2:2e:77:4d:63:77:f8:97:
97:2a:3e:34:9a:4f:25:56:a2:9b:23:32:09:62:ca:8e:89:17:
b8:b6:9e:70:7e:ea:cf:a1:0e:01:4d:9c:01:6d:3c:f6:b4:01:
91:71:dd:73:e1:6e:27:b6:07:81:fe:8a:e6:17:42:79:a4:b2:
82:35:53:a9:7d:06:3e:29:38:bc:32:12:9f:97:1f:dc:d0:d4:
84:2d:9a:46:c5:ff:47:7c:87:8c:58:75:aa:6f:e3:dd:5c:69:
54:d0:81:a3:0b:a8:76:89:b0:63:45:18:7b:92:36:2e:fe:96:
e0:be:ac:9c:70:c5:56:8e:ce:d7:f0:62:4f:33:d0:16:68:58:
37:fe:ea:25:81:10:ac:08:10:c9:54:d7:06:3d:6f:58:40:19:
50:c2:92:a9:5c:2a:41:42:d5:b0:07:59:e0:ee:be:8e:27:40:
c2:6b:88:7e:1f:bf:25:3f:7e:72:bc:ea:d1:34:68:58:82:99:
62:cb:44:2e:30:b0:67:98:25:a1:5b:a1:ec:76:e0:65:18:e4:
b4:52:5c:cb:ea:6c:85:52:95:12:f1:ad:b2:f7:cb:2c:92:d3:
24:f9:9f:81:f9:03:d1:71:52:14:eb:ea:e7:76:b1:a3:2d:26:
39:05:62:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPGMsju3Wi5R+xljKfjtKfvYrudEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2NDY5NGNhODg1NTljMGY3ZDA0YjMyYjExMmE2ZTg1YjkyZGQyNTRjZTZl
MmZjYTZkNjhhMDc1M2FjOWFkMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMjaunmwKwliXYB7PvIbIDSSvWHiOCyE20oyv+YMqXOsFR78Uuqys0DWejL
UTxymIdWLjhS/e9a0q85x4yDCTjTwJFpGW/Z6ikvf/IqdEIRVnaHn+YrRZqwFOM7
7c0oSWDuaY5s7Omq3svIBzWP1uYr99mjvcUUHekVpYUdj/Tha7LvgygUl2AHDAWv
cb7OHyIZ5I1lc/YTDKgVb0idzZCDZnIsAAvOf0FnYxkJ/G/VYSdTpoI1fPhlzV6S
cX/UgO9/NimWzxA/9xjWSABufehdfL+Yg4/T5qeJ5kkFtq72gToNuVAX95SYNcWB
hRIzFGr1Jx3uSlZUjnnoWzahf58CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDQNtB
QQSZGt27T82GmmJIMjdyEDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzlmODI4ZDktYThjNi00ZDA1LWIyOTEtZDFmMzE1NDYzNmY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQCSLBIf1dhG+LlW0i53TWN3+JeXKj40mk8lVqKbIzIJ
YsqOiRe4tp5wfurPoQ4BTZwBbTz2tAGRcd1z4W4ntgeB/ormF0J5pLKCNVOpfQY+
KTi8MhKflx/c0NSELZpGxf9HfIeMWHWqb+PdXGlU0IGjC6h2ibBjRRh7kjYu/pbg
vqyccMVWjs7X8GJPM9AWaFg3/uolgRCsCBDJVNcGPW9YQBlQwpKpXCpBQtWwB1ng
7r6OJ0DCa4h+H78lP35yvOrRNGhYgpliy0QuMLBnmCWhW6HsduBlGOS0UlzL6myF
UpUS8a2y98ssktMk+Z+B+QPRcVIU6+rndrGjLSY5BWKe
-----END CERTIFICATE-----
Generated at Sat May 4 22:06:50 2024 by rpki-client on console-ams.rpki-client.org