Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/988eabea-f594-4f5c-8be7-14382de8c36c.roa
File: 988eabea-f594-4f5c-8be7-14382de8c36c.roa (raw, json)
Hash identifier: ZlaipQOkY4ssSb4tBRYNxDcYgtbsXX8Hunv1IaSPp6Q=
Subject key identifier: 40:BA:19:DB:94:9C:B9:05:EF:58:FF:F5:96:50:CF:52:09:CC:45:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21836636DC29476289F08ED0889101670F18FC8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/988eabea-f594-4f5c-8be7-14382de8c36c.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:83:66:36:dc:29:47:62:89:f0:8e:d0:88:91:01:67:0f:18:fc:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=2a4820f277f96afa25a005058a5f0c7d1f9e9ec36937e5a67b8ef4446ad34d4f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:53:80:d5:cd:58:91:4e:ab:97:71:b6:4c:93:
a6:7b:36:1a:2e:29:75:c9:07:21:32:64:be:dc:5b:
5c:16:5f:38:75:3c:49:34:78:4f:54:de:24:38:b4:
43:1b:2b:74:8d:c8:78:97:ed:2f:c3:e4:43:37:e5:
39:eb:24:a8:02:21:06:93:ba:38:cf:25:82:bb:d6:
fc:70:7e:01:a6:4e:fe:55:6f:89:14:15:cc:5b:b7:
3d:70:8a:73:0c:96:c9:ef:e8:1a:9c:8b:b7:d7:87:
21:9c:1d:98:1f:94:d7:bb:4a:d2:c5:2e:d0:02:8a:
4c:34:04:39:89:8a:f9:7a:18:a8:2c:a5:9e:67:f5:
d0:4a:0b:53:43:da:8e:4d:4c:c4:b1:e3:05:7a:60:
19:50:ff:31:14:6b:e1:2c:8a:e4:18:78:62:4f:4c:
9b:e0:d3:dc:9d:7f:df:e7:3c:19:66:3a:a6:c9:c1:
b2:e2:b5:9d:0b:e5:58:15:a4:50:1c:a1:dd:ce:28:
b2:55:3f:87:ae:a5:c6:d4:f3:8a:78:61:d1:7c:0a:
bd:9c:d3:98:2c:e0:a2:22:c5:43:42:dc:40:7e:d6:
41:3a:e5:14:93:97:ae:a9:a8:f8:4c:c3:76:d8:0a:
2d:c8:39:52:e8:f4:11:ea:e1:14:eb:ce:73:42:cd:
58:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BA:19:DB:94:9C:B9:05:EF:58:FF:F5:96:50:CF:52:09:CC:45:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/988eabea-f594-4f5c-8be7-14382de8c36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:9d:e2:a9:f9:bb:61:d5:af:c6:a5:d3:c5:6e:d4:e5:9d:50:
d7:e3:0c:df:35:87:24:03:c6:21:e0:21:87:35:b7:d5:a6:a0:
a6:c6:2c:c5:6c:a1:d3:f8:23:7b:a4:43:0f:1d:78:4e:73:db:
a7:43:fe:96:eb:c1:02:76:b0:37:10:e9:c1:81:da:7d:ac:82:
34:52:e2:fc:71:63:5b:7e:ad:9e:63:5f:73:68:17:7a:b6:6d:
ee:c5:cd:3e:80:95:f2:4b:b0:52:81:01:b6:08:48:74:97:99:
53:44:b2:0f:32:ee:fe:15:5b:d3:fb:a5:71:5b:17:77:cd:33:
2d:be:a9:aa:78:b5:55:a5:2d:23:c0:5f:d3:76:77:11:8f:ba:
69:54:17:39:15:2a:f7:70:1e:03:06:fc:d0:97:3e:e3:e6:63:
69:0d:c2:cd:64:f9:5e:48:9a:6e:46:fd:f5:6b:a0:1c:f5:55:
0a:db:7c:43:70:16:22:66:be:d1:de:59:08:91:cf:28:1c:13:
2a:ba:ee:55:1a:93:ed:49:78:ec:43:c1:36:e0:b0:ac:9e:da:
9c:1c:af:5f:48:51:0f:66:82:81:df:4d:90:42:5f:6d:0e:1c:
4f:c2:a6:11:b0:00:c5:2a:95:71:a1:73:de:21:71:75:6c:ae:
d7:0d:b9:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIYNmNtwpR2KJ8I7QiJEBZw8Y/IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhNDgyMGYyNzdmOTZhZmEyNWEwMDUwNThhNWYwYzdkMWY5ZTllYzM2OTM3
ZTVhNjdiOGVmNDQ0NmFkMzRkNGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhTgNXNWJFOq5dxtkyTpns2Gi4pdckHITJkvtxbXBZfOHU8STR4T1TeJDi0
QxsrdI3IeJftL8PkQzflOeskqAIhBpO6OM8lgrvW/HB+AaZO/lVviRQVzFu3PXCK
cwyWye/oGpyLt9eHIZwdmB+U17tK0sUu0AKKTDQEOYmK+XoYqCylnmf10EoLU0Pa
jk1MxLHjBXpgGVD/MRRr4SyK5Bh4Yk9Mm+DT3J1/3+c8GWY6psnBsuK1nQvlWBWk
UByh3c4oslU/h66lxtTzinhh0XwKvZzTmCzgoiLFQ0LcQH7WQTrlFJOXrqmo+EzD
dtgKLcg5Uuj0EerhFOvOc0LNWDkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRAuhnb
lJy5Be9Y//WWUM9SCcxFhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTg4ZWFiZWEtZjU5NC00ZjVjLThiZTctMTQzODJkZThjMzZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAzp3iqfm7YdWvxqXTxW7U5Z1Q1+MM3zWHJAPGIeAh
hzW31aagpsYsxWyh0/gje6RDDx14TnPbp0P+luvBAnawNxDpwYHafayCNFLi/HFj
W36tnmNfc2gXerZt7sXNPoCV8kuwUoEBtghIdJeZU0SyDzLu/hVb0/ulcVsXd80z
Lb6pqni1VaUtI8Bf03Z3EY+6aVQXORUq93AeAwb80Jc+4+ZjaQ3CzWT5Xkiabkb9
9WugHPVVCtt8Q3AWIma+0d5ZCJHPKBwTKrruVRqT7Ul47EPBNuCwrJ7anByvX0hR
D2aCgd9NkEJfbQ4cT8KmEbAAxSqVcaFz3iFxdWyu1w25/Q==
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org