Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
File: 8e43baaa-efa7-4143-a595-a0519a0318ec.roa (raw, json)
Hash identifier: UEwAtXeWz2bDqu6wLaCu18vRLZfuOISxirgbmHyKWD4=
Subject key identifier: BA:34:A8:12:22:B7:2B:E4:E6:2E:35:8E:BE:D6:31:65:8E:34:59:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A12BE8A915D8CAB450C0FCD2017044904A2403B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:12:be:8a:91:5d:8c:ab:45:0c:0f:cd:20:17:04:49:04:a2:40:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=9f3e4d787065bce170e4ba0affdef450fa50ab9f082ea09455fbc66ef71e5bf6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0e:eb:73:c1:c1:30:ca:24:3b:9c:eb:91:4a:
fc:ad:68:08:a4:00:b8:80:c7:c3:d9:af:19:05:20:
a1:f8:1f:36:36:26:df:40:b5:6e:aa:96:7e:85:bc:
fe:5b:d5:a5:ce:9c:f1:0d:21:26:18:ce:54:cf:24:
35:75:51:bb:35:47:1c:e3:e5:6e:69:ca:eb:d7:b8:
1e:04:a0:40:c7:18:d8:d6:62:b2:23:93:b6:e1:f6:
41:ab:3d:c1:b5:42:b5:b1:4a:90:d8:48:27:c1:21:
d8:1a:10:b8:c4:7c:9a:85:6f:af:c3:d1:77:b7:95:
99:f8:43:69:f6:d8:31:67:01:b3:37:29:e2:82:0b:
3b:7c:8f:b8:1b:35:8e:b6:fd:2c:23:19:99:2f:68:
2c:a1:44:36:0e:8e:a3:33:5b:9a:9d:8f:02:24:db:
6d:57:fe:a1:bc:cd:21:8b:af:05:c4:8c:01:e6:d4:
9c:ed:46:ce:76:3b:20:59:19:78:f4:d2:52:87:3d:
b5:85:ac:86:15:5f:11:a8:ec:3a:9f:58:b7:d3:0d:
73:f9:fd:cc:32:42:2a:5a:fd:89:4b:a3:74:4d:ae:
f3:66:cb:93:9e:34:5f:f8:90:0a:f3:0b:9d:2b:c4:
39:60:06:79:3e:58:1b:be:33:74:a3:c1:32:98:8d:
f0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:34:A8:12:22:B7:2B:E4:E6:2E:35:8E:BE:D6:31:65:8E:34:59:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e43baaa-efa7-4143-a595-a0519a0318ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:bf:2c:c6:7e:0f:bb:f0:44:8a:86:75:f8:4a:fc:58:7c:62:
32:49:2b:4c:bf:d2:98:53:43:23:a7:3c:27:32:82:62:c4:6d:
cd:83:4a:46:b9:ba:c8:d8:35:b5:35:64:d0:fe:23:2b:25:0c:
9d:fc:02:4a:a0:88:b6:f1:26:e9:02:f7:2c:7c:77:1c:03:53:
f6:7a:ea:2d:d6:3f:71:0f:9e:95:bf:8b:09:22:45:31:b3:df:
86:93:2f:af:05:44:b2:0f:35:ee:b5:f9:67:8f:56:f4:0e:ee:
ff:73:d7:2c:65:d6:0e:36:20:b6:80:90:c2:b4:78:cc:ee:09:
76:60:ba:c9:38:50:9e:16:f8:0d:89:51:9d:18:84:e8:94:8e:
6a:9e:0b:c6:70:44:34:ef:16:34:fa:c2:7d:1c:bb:bb:e9:9a:
f6:f7:8a:11:71:e4:01:a3:9c:08:8e:d4:6e:e6:48:0c:6f:16:
19:ec:87:c4:dd:58:0a:15:e0:1a:10:88:b0:1c:8b:2b:cb:71:
54:d7:55:39:71:0d:42:58:dc:d0:ea:0a:88:85:de:4a:a7:a6:
0b:98:a1:b7:46:a5:7b:62:ee:e3:2b:c2:2e:50:05:7a:f4:72:
44:71:7f:49:3e:93:ea:2e:8c:d7:f3:e5:52:a7:1a:f3:cb:80:
74:2a:99:00
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGhK+ipFdjKtFDA/NIBcESQSiQDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmM2U0ZDc4NzA2NWJjZTE3MGU0YmEwYWZmZGVmNDUwZmE1MGFiOWYwODJl
YTA5NDU1ZmJjNjZlZjcxZTViZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoO63PBwTDKJDuc65FK/K1oCKQAuIDHw9mvGQUgofgfNjYm30C1bqqWfoW8
/lvVpc6c8Q0hJhjOVM8kNXVRuzVHHOPlbmnK69e4HgSgQMcY2NZisiOTtuH2Qas9
wbVCtbFKkNhIJ8Eh2BoQuMR8moVvr8PRd7eVmfhDafbYMWcBszcp4oILO3yPuBs1
jrb9LCMZmS9oLKFENg6OozNbmp2PAiTbbVf+obzNIYuvBcSMAebUnO1GznY7IFkZ
ePTSUoc9tYWshhVfEajsOp9Yt9MNc/n9zDJCKlr9iUujdE2u82bLk540X/iQCvML
nSvEOWAGeT5YG74zdKPBMpiN8KsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS6NKgS
Ircr5OYuNY6+1jFljjRZPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0M2JhYWEtZWZhNy00MTQzLWE1OTUtYTA1MTlhMDMxOGVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAvb8sxn4Pu/BEioZ1+Er8WHxiMkkrTL/SmFNDI6c8
JzKCYsRtzYNKRrm6yNg1tTVk0P4jKyUMnfwCSqCItvEm6QL3LHx3HANT9nrqLdY/
cQ+elb+LCSJFMbPfhpMvrwVEsg817rX5Z49W9A7u/3PXLGXWDjYgtoCQwrR4zO4J
dmC6yThQnhb4DYlRnRiE6JSOap4LxnBENO8WNPrCfRy7u+ma9veKEXHkAaOcCI7U
buZIDG8WGeyHxN1YChXgGhCIsByLK8txVNdVOXENQljc0OoKiIXeSqemC5iht0al
e2Lu4yvCLlAFevRyRHF/ST6T6i6M1/PlUqca88uAdCqZAA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org