Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
File: 8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa (raw, json)
Hash identifier: aqU6viy/hNtOmKiaz+eBPEKud3LRT6OimfUJDtQyNSA=
Subject key identifier: F7:67:36:A8:69:68:31:F1:7E:00:BC:38:68:65:44:AB:2E:68:74:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43C0F8F8E6C93CF8B65AA5996792148C5F8D0ABD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:c0:f8:f8:e6:c9:3c:f8:b6:5a:a5:99:67:92:14:8c:5f:8d:0a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=0452329b1cebd10341dd64c1cff12fea24d6c6e14dc0c5e4e7a5c4d7215dab2e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:c8:5b:54:ca:e2:3f:0f:8c:6f:32:1c:17:
63:30:ce:66:05:7e:04:ea:fb:bd:a2:56:44:d1:62:
59:39:09:2d:8f:da:54:2d:8e:cb:7f:ba:43:d6:0e:
85:d2:34:b1:5a:1f:2d:09:dd:4d:de:94:cb:6f:c4:
63:74:65:77:d4:f4:83:4f:eb:1d:d3:ed:7b:5b:07:
40:d8:c8:6c:81:6f:c3:52:b5:e1:a5:d7:cb:b9:47:
28:3a:06:4c:6e:54:1b:58:d6:5f:78:28:ea:3b:26:
37:81:b7:a8:56:30:71:25:2a:46:c1:29:cc:77:96:
3c:17:7c:67:88:cb:de:aa:13:f4:c9:8b:76:d5:b6:
9d:7e:3b:9a:d3:b0:a8:81:dd:38:1a:09:15:a7:24:
47:c0:37:31:46:c7:71:5e:a0:8e:82:e0:d7:dd:00:
ab:02:f4:0e:aa:54:a5:c6:6c:0e:d2:09:90:88:b2:
10:77:1c:d5:5d:85:0c:7b:c8:65:d6:f6:27:87:98:
c8:e5:fd:5e:cc:d7:21:27:c7:e2:e9:2f:f0:a5:6f:
4b:cc:b7:52:3e:ff:65:4e:f0:61:f5:bf:0e:c2:60:
00:3b:d6:6d:65:35:a1:83:15:c0:84:a0:5e:d0:9e:
59:d0:6e:49:72:a2:2f:a5:12:fc:de:f9:83:34:51:
3c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:67:36:A8:69:68:31:F1:7E:00:BC:38:68:65:44:AB:2E:68:74:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bc:49:bd:1c:9f:1d:65:6d:3f:53:99:43:d8:9b:da:32:24:d1:
de:c6:eb:70:53:e9:0d:fe:a0:d3:ea:36:53:8e:0c:b6:7e:c5:
0b:f2:7a:51:e9:5f:30:52:92:95:e6:ca:75:30:8d:81:fe:b2:
10:96:83:e0:e8:d9:00:9e:2b:d1:75:5f:80:7f:06:d9:95:f0:
c8:a5:e0:0d:6e:7a:e1:b2:31:54:f3:52:81:64:8c:2b:44:9e:
28:49:a4:6a:54:e5:89:29:2a:ad:43:56:25:80:72:39:7e:fb:
f8:91:7f:98:1f:d7:0e:4f:32:dd:d0:fa:cb:39:2d:29:a2:79:
12:e2:80:51:ee:96:bf:ca:bc:e3:46:1f:aa:de:a1:a0:e0:dc:
14:60:31:2b:f2:46:a0:b0:31:c1:96:a9:4e:d6:83:0f:0d:ee:
56:e6:39:7b:2e:ac:fc:9c:58:29:bb:57:72:65:ba:3d:9d:66:
61:6e:26:6f:66:f9:8e:22:52:eb:52:3f:46:38:17:ec:d0:79:
7b:9b:21:97:e4:22:7b:1f:75:02:2c:47:0e:a5:33:ce:6b:4c:
dc:96:c3:04:63:55:f9:32:58:28:88:f9:43:eb:ed:84:7a:4d:
7e:84:c3:1f:17:df:0e:3f:cb:f5:7f:50:5c:78:68:ed:dc:99:
6c:e6:91:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ8D4+ObJPPi2WqWZZ5IUjF+NCr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0NTIzMjliMWNlYmQxMDM0MWRkNjRjMWNmZjEyZmVhMjRkNmM2ZTE0ZGMw
YzVlNGU3YTVjNGQ3MjE1ZGFiMmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuVyFtUyuI/D4xvMhwXYzDOZgV+BOr7vaJWRNFiWTkJLY/aVC2Oy3+6Q9YO
hdI0sVofLQndTd6Uy2/EY3Rld9T0g0/rHdPte1sHQNjIbIFvw1K14aXXy7lHKDoG
TG5UG1jWX3go6jsmN4G3qFYwcSUqRsEpzHeWPBd8Z4jL3qoT9MmLdtW2nX47mtOw
qIHdOBoJFackR8A3MUbHcV6gjoLg190AqwL0DqpUpcZsDtIJkIiyEHcc1V2FDHvI
Zdb2J4eYyOX9XszXISfH4ukv8KVvS8y3Uj7/ZU7wYfW/DsJgADvWbWU1oYMVwISg
XtCeWdBuSXKiL6US/N75gzRRPEUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3Zzao
aWgx8X4AvDhoZUSrLmh0LDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGIxNGEwZjktODYyNy00ZTIzLWI5YWItZmE4ZGRkODM1ZjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQC8Sb0cnx1lbT9TmUPYm9oyJNHexutwU+kN/qDT6jZT
jgy2fsUL8npR6V8wUpKV5sp1MI2B/rIQloPg6NkAnivRdV+AfwbZlfDIpeANbnrh
sjFU81KBZIwrRJ4oSaRqVOWJKSqtQ1YlgHI5fvv4kX+YH9cOTzLd0PrLOS0ponkS
4oBR7pa/yrzjRh+q3qGg4NwUYDEr8kagsDHBlqlO1oMPDe5W5jl7Lqz8nFgpu1dy
Zbo9nWZhbiZvZvmOIlLrUj9GOBfs0Hl7myGX5CJ7H3UCLEcOpTPOa0zclsMEY1X5
MlgoiPlD6+2Eek1+hMMfF98OP8v1f1BceGjt3Jls5pFP
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org