Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: zuXTmYfBJjTTDus5Mogw/fXRKTARj1nG/LOU1vBcdms=
Subject key identifier: 7A:C6:EE:88:6D:58:CE:BA:7D:97:4B:B2:41:31:0E:83:46:E1:A7:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41ED7E5F91D7928D74FA608D5AF1119031687892
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ed:7e:5f:91:d7:92:8d:74:fa:60:8d:5a:f1:11:90:31:68:78:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=dd438a8effc6c3e2648ee911be387537555bea6d0d7e65ef3c21a0f32bc340db, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ec:4e:82:f1:73:7a:f1:ac:34:ed:fd:61:f8:
ff:c7:61:cb:bb:ba:5d:95:4a:e1:5a:e8:f8:6d:40:
c9:75:96:d9:59:fd:fc:1e:5c:05:6e:1f:6c:aa:bc:
3d:91:4f:41:b2:48:f5:25:18:4f:e8:ad:e9:30:30:
5c:2c:14:61:87:fe:48:33:4f:09:e3:4c:ae:d7:b5:
e3:26:91:20:6d:94:af:4b:99:77:4e:af:7c:b4:18:
83:9e:db:95:e0:c6:05:d7:95:cb:1f:82:fd:74:f9:
0e:1c:4b:6d:aa:7a:2c:4e:f5:bb:ce:94:9d:0a:43:
22:5c:26:7b:58:da:89:6e:d5:fd:4e:f4:a5:a1:eb:
8c:52:6a:99:06:85:c8:3c:c0:4e:07:cb:c3:87:80:
09:ad:fd:43:01:95:00:31:18:94:fe:f3:68:9e:fd:
f2:fb:69:9d:59:10:65:2f:91:6e:04:b8:ca:cd:aa:
ac:50:67:0b:6e:12:4c:74:06:20:d7:d7:60:41:52:
5c:28:d2:03:62:a8:f3:82:d1:1a:a6:db:da:0c:8c:
5a:b6:4d:47:ba:d3:37:0e:c4:52:62:99:cd:83:43:
17:28:21:3c:d9:62:05:41:1a:ba:32:2d:48:ed:95:
3b:7e:c2:30:46:9c:8f:b9:6b:a0:bf:49:e3:99:5a:
74:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C6:EE:88:6D:58:CE:BA:7D:97:4B:B2:41:31:0E:83:46:E1:A7:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:0d:ce:a1:02:f9:fa:23:6b:73:f2:de:a4:11:c2:99:59:82:
6c:5f:81:bc:4e:d7:44:d3:b0:9d:43:4c:a1:f5:03:12:23:e1:
16:d9:76:14:3b:c6:bf:84:34:36:5a:44:61:76:2d:b9:5b:54:
23:70:80:8d:16:49:64:b7:4d:f2:db:c1:c9:68:40:31:ad:de:
18:c6:f5:87:b3:6b:51:3a:fb:1c:c5:09:d7:1d:a1:2d:ee:98:
82:2a:03:66:fb:e0:50:1f:08:ff:a7:3e:36:3d:5a:24:fd:0e:
11:67:ef:dc:5c:50:40:fc:8d:bf:bd:07:a2:fa:7a:4a:3b:c1:
2f:a4:66:ac:de:8f:11:28:5c:59:8c:38:6e:ce:ef:b6:76:cb:
92:bb:55:34:e9:35:95:bc:20:2b:24:0a:ec:18:96:51:a5:10:
c6:9f:c6:25:ac:35:a9:b6:e5:58:7d:f2:64:c8:c8:6d:2a:48:
4a:09:b8:43:b0:e8:60:87:6a:25:75:97:f9:e6:77:b1:4e:a0:
56:f0:ae:30:1c:61:8b:dc:dd:12:b5:8d:4e:29:97:ef:5c:f1:
4b:7d:ef:fe:e1:a0:d4:e2:25:a1:c9:aa:a9:67:f8:33:00:ae:
c2:dd:bd:1b:63:f9:a4:d1:44:e2:7a:6c:f1:e5:b7:41:fa:91:
ab:4d:e5:ce
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQe1+X5HXko10+mCNWvERkDFoeJIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkNDM4YThlZmZjNmMzZTI2NDhlZTkxMWJlMzg3NTM3NTU1YmVhNmQwZDdl
NjVlZjNjMjFhMGYzMmJjMzQwZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbsToLxc3rxrDTt/WH4/8dhy7u6XZVK4Vro+G1AyXWW2Vn9/B5cBW4fbKq8
PZFPQbJI9SUYT+it6TAwXCwUYYf+SDNPCeNMrte14yaRIG2Ur0uZd06vfLQYg57b
leDGBdeVyx+C/XT5DhxLbap6LE71u86UnQpDIlwme1jaiW7V/U70paHrjFJqmQaF
yDzATgfLw4eACa39QwGVADEYlP7zaJ798vtpnVkQZS+RbgS4ys2qrFBnC24STHQG
INfXYEFSXCjSA2Ko84LRGqbb2gyMWrZNR7rTNw7EUmKZzYNDFyghPNliBUEaujIt
SO2VO37CMEacj7lroL9J45ladAcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR6xu6I
bVjOun2XS7JBMQ6DRuGnZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEA0w3OoQL5+iNrc/LepBHCmVmCbF+BvE7XRNOwnUNM
ofUDEiPhFtl2FDvGv4Q0NlpEYXYtuVtUI3CAjRZJZLdN8tvByWhAMa3eGMb1h7Nr
UTr7HMUJ1x2hLe6YgioDZvvgUB8I/6c+Nj1aJP0OEWfv3FxQQPyNv70Hovp6SjvB
L6RmrN6PEShcWYw4bs7vtnbLkrtVNOk1lbwgKyQK7BiWUaUQxp/GJaw1qbblWH3y
ZMjIbSpISgm4Q7DoYIdqJXWX+eZ3sU6gVvCuMBxhi9zdErWNTimX71zxS33v/uGg
1OIlocmqqWf4MwCuwt29G2P5pNFE4nps8eW3QfqRq03lzg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org