Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
File: 7f93618f-074f-4431-abe6-691e069b191f.roa (raw, json)
Hash identifier: 9bL/HMW4sn2l+IBUZkOXUlRHdfzpWmsdGH35RdFf68U=
Subject key identifier: F5:E0:8A:17:15:C3:B9:02:EA:51:BD:F2:D4:8B:67:E8:C4:14:72:5F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 269735CD4674C2337F02359C04795572D8BB2026
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:97:35:cd:46:74:c2:33:7f:02:35:9c:04:79:55:72:d8:bb:20:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=8f3d0f3b1bf045a7356fef0efd3e01e9aa26afbf10edc37e0e3cb35143009f2e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fa:12:bd:c4:a5:b1:d6:31:6a:55:46:da:5f:
d3:c2:48:fa:85:fb:6a:1b:c3:dd:63:a2:89:af:de:
4c:8d:e0:1b:77:f4:cd:3b:af:b8:5f:e1:d0:1e:5e:
1d:49:61:61:85:1b:e9:11:66:1c:8e:66:d1:ee:74:
df:73:e6:0b:67:4f:28:e6:25:ef:59:a9:b0:f2:c7:
31:17:d3:17:c1:a6:5b:a6:89:9c:31:eb:9a:cb:21:
ef:83:95:09:f9:a1:f6:96:90:6f:65:6d:55:ec:ad:
fd:e8:e3:c9:78:9a:50:39:6f:ee:bf:b8:8d:23:3a:
9b:32:28:23:d1:b3:4b:01:e9:f3:ac:60:c3:e2:cb:
67:0a:0e:4f:ea:ce:a9:1f:51:36:64:92:60:73:70:
ae:4b:cd:6e:b0:0b:2d:c6:ab:a6:77:e5:05:5d:f5:
66:d7:17:7c:16:2a:19:7d:51:2b:98:c0:f1:d2:fe:
ba:c9:7d:88:af:dc:9c:90:6a:04:35:51:18:33:5f:
bc:6f:6c:ff:09:83:31:2c:16:4f:48:e8:69:0d:1d:
ac:32:fc:02:8c:89:a6:e4:a0:24:c6:bc:b7:88:fe:
0a:33:57:cf:53:f8:16:d4:5b:09:78:bb:5e:4b:6e:
d5:12:d3:c3:cf:96:49:32:43:5e:f1:86:0c:d2:8e:
a7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E0:8A:17:15:C3:B9:02:EA:51:BD:F2:D4:8B:67:E8:C4:14:72:5F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:5f:0f:4d:bc:9e:a1:f9:7c:2a:0f:5e:dd:fa:24:8c:dc:a9:
be:10:81:63:ac:0f:26:bf:c0:f5:f3:ad:9e:ff:49:46:61:20:
a9:99:44:87:cf:94:7e:a2:2a:21:98:5d:0a:1b:80:ab:f3:52:
e9:0c:44:47:02:5d:57:cf:26:47:66:ff:9a:43:15:61:d5:e2:
b1:e7:ac:c8:98:44:60:da:e0:4e:c9:1a:95:4f:64:b4:7a:44:
f9:fb:93:eb:3f:91:5e:27:3b:83:f1:0e:a8:b7:00:6f:ca:30:
5e:4d:23:f0:5c:a9:08:9a:fd:99:41:e1:c3:db:18:59:c0:df:
cb:be:1d:e8:fc:69:34:06:e2:af:d5:21:e4:10:58:5c:54:06:
f4:bb:5b:d3:ec:04:9e:54:17:f2:08:f4:38:c2:09:97:38:ed:
45:5b:a5:59:d5:9c:d9:f6:14:60:26:44:a1:f0:f7:7a:31:5e:
72:e5:b8:0f:ac:d1:ce:89:29:95:bf:f9:00:a0:dd:53:fc:cb:
0f:79:c7:7b:91:ec:f0:15:d2:92:f3:0b:b1:50:fa:6c:f5:3f:
18:bf:19:fe:79:3f:b8:3a:2b:8d:2d:05:74:6a:41:17:bf:fe:
f6:36:b6:79:31:69:f7:36:cd:5a:25:5a:43:49:8a:91:55:3f:
10:8c:fd:da
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJpc1zUZ0wjN/AjWcBHlVcti7ICYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmM2QwZjNiMWJmMDQ1YTczNTZmZWYwZWZkM2UwMWU5YWEyNmFmYmYxMGVk
YzM3ZTBlM2NiMzUxNDMwMDlmMmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJT6Er3EpbHWMWpVRtpf08JI+oX7ahvD3WOiia/eTI3gG3f0zTuvuF/h0B5e
HUlhYYUb6RFmHI5m0e5033PmC2dPKOYl71mpsPLHMRfTF8GmW6aJnDHrmssh74OV
Cfmh9paQb2VtVeyt/ejjyXiaUDlv7r+4jSM6mzIoI9GzSwHp86xgw+LLZwoOT+rO
qR9RNmSSYHNwrkvNbrALLcarpnflBV31ZtcXfBYqGX1RK5jA8dL+usl9iK/cnJBq
BDVRGDNfvG9s/wmDMSwWT0joaQ0drDL8AoyJpuSgJMa8t4j+CjNXz1P4FtRbCXi7
Xktu1RLTw8+WSTJDXvGGDNKOp7cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT14IoX
FcO5AupRvfLUi2foxBRyXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y5MzYxOGYtMDc0Zi00NDMxLWFiZTYtNjkxZTA2OWIxOTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQCYXw9NvJ6h+XwqD17d+iSM3Km+EIFjrA8mv8D1862e
/0lGYSCpmUSHz5R+oiohmF0KG4Cr81LpDERHAl1XzyZHZv+aQxVh1eKx56zImERg
2uBOyRqVT2S0ekT5+5PrP5FeJzuD8Q6otwBvyjBeTSPwXKkImv2ZQeHD2xhZwN/L
vh3o/Gk0BuKv1SHkEFhcVAb0u1vT7ASeVBfyCPQ4wgmXOO1FW6VZ1ZzZ9hRgJkSh
8Pd6MV5y5bgPrNHOiSmVv/kAoN1T/MsPecd7kezwFdKS8wuxUPps9T8Yvxn+eT+4
OiuNLQV0akEXv/72NrZ5MWn3Ns1aJVpDSYqRVT8QjP3a
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org