Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
File: baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa (raw, json)
Hash identifier: 77NkotK15QizEjLHxNw2xqgCwVdXVMhrWK73RXz/Euo=
Subject key identifier: 35:89:A3:12:71:7E:7C:AA:76:28:46:75:99:BF:FC:DD:10:61:C5:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E72B25E278D7B01AC272C6C518950FD43072BF4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:72:b2:5e:27:8d:7b:01:ac:27:2c:6c:51:89:50:fd:43:07:2b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=992dcf25c4eb90d6c8d2b70601bbc09a3e6e3f53711efae6493f9a7658843751, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b8:42:7e:aa:2e:99:4f:ce:87:56:e2:c6:92:
eb:3f:27:b9:c5:db:83:12:18:a3:0c:10:d9:b9:7b:
0c:81:4b:9a:31:57:d3:8f:e1:47:6f:d4:3f:da:eb:
76:bf:23:49:ea:80:51:f0:41:94:36:f0:b3:4a:f1:
67:fa:53:ec:67:63:86:4a:14:6e:9e:32:2a:9c:9b:
33:34:1d:cc:63:27:e8:77:84:26:c8:b5:93:93:90:
4a:21:4a:f3:26:ce:0f:c5:77:97:e3:27:c9:1c:82:
16:ad:0a:5a:98:2d:40:f8:45:35:03:9c:15:67:a3:
e6:4a:a7:97:9d:11:b7:23:0b:93:43:ee:41:4a:6b:
03:2a:d8:ef:50:c6:8d:a1:bc:6b:ab:a0:3f:42:89:
33:bb:9a:0c:78:97:05:b9:ac:ed:7e:99:39:2e:69:
a6:5f:68:68:fb:d2:35:bd:bd:18:ad:16:18:b4:f6:
f4:2d:9c:d7:7b:79:34:06:d9:a9:15:93:12:71:82:
fb:89:bc:cf:fa:ec:58:cf:5e:2f:ec:0e:1d:e6:22:
e5:f8:2d:95:08:78:7a:27:15:be:62:b9:c2:e5:bf:
5e:e8:62:ab:ce:be:01:36:3a:f6:df:2a:6f:85:f1:
53:b7:86:8b:f7:c5:50:7d:12:c7:6a:27:a8:e9:fd:
b7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:89:A3:12:71:7E:7C:AA:76:28:46:75:99:BF:FC:DD:10:61:C5:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/baaac50b-ec4c-4064-ae5f-9d0c16806d61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5c:46:a7:63:ee:04:53:43:2d:21:12:43:01:87:cd:67:c5:18:
24:cb:d4:07:20:65:b8:5a:14:73:97:36:98:2a:9c:45:fd:56:
ad:a9:0b:f9:43:52:ce:56:49:a9:8c:63:5c:f5:8c:99:f3:76:
42:5d:0b:ba:e0:49:25:da:3f:5d:db:94:c8:e9:48:1a:c0:39:
43:2c:70:46:40:92:e4:dd:63:e4:7e:3d:62:f1:eb:92:db:f4:
e9:59:6c:2a:18:41:8c:08:8b:b2:83:1d:c2:98:4b:f4:8f:cf:
a5:5d:e1:0a:49:94:37:a2:1d:48:8d:a9:50:83:21:d1:72:d3:
88:eb:c4:12:37:65:28:87:3c:d5:a2:cb:ca:22:16:ac:12:77:
d0:1d:f8:60:fb:11:d0:f9:d7:2f:3a:5a:44:23:3d:2a:bb:b1:
87:07:ac:af:0b:5d:ea:56:bb:8c:b8:2e:2d:21:a9:a7:ac:3e:
2b:0e:43:cf:3b:0c:51:61:18:28:81:8c:40:32:3a:3c:ca:c6:
28:bc:79:1f:e0:24:62:b5:d9:93:ee:fe:14:30:fb:20:8d:93:
4c:03:7d:62:0a:67:7b:51:07:75:eb:0a:6a:3c:99:d0:86:d6:
fa:48:7a:7c:42:e9:fd:80:8b:ab:21:a8:31:29:3b:7d:7e:8a:
09:8e:53:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfnKyXieNewGsJyxsUYlQ/UMHK/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5MmRjZjI1YzRlYjkwZDZjOGQyYjcwNjAxYmJjMDlhM2U2ZTNmNTM3MTFl
ZmFlNjQ5M2Y5YTc2NTg4NDM3NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALu4Qn6qLplPzodW4saS6z8nucXbgxIYowwQ2bl7DIFLmjFX04/hR2/UP9rr
dr8jSeqAUfBBlDbws0rxZ/pT7GdjhkoUbp4yKpybMzQdzGMn6HeEJsi1k5OQSiFK
8ybOD8V3l+MnyRyCFq0KWpgtQPhFNQOcFWej5kqnl50RtyMLk0PuQUprAyrY71DG
jaG8a6ugP0KJM7uaDHiXBbms7X6ZOS5ppl9oaPvSNb29GK0WGLT29C2c13t5NAbZ
qRWTEnGC+4m8z/rsWM9eL+wOHeYi5fgtlQh4eicVvmK5wuW/Xuhiq86+ATY69t8q
b4XxU7eGi/fFUH0Sx2onqOn9tz0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ1iaMS
cX58qnYoRnWZv/zdEGHFmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFhYWM1MGItZWM0Yy00MDY0LWFlNWYtOWQwYzE2ODA2ZDYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQBcRqdj7gRTQy0hEkMBh81nxRgky9QHIGW4WhRzlzaY
KpxF/VatqQv5Q1LOVkmpjGNc9YyZ83ZCXQu64Ekl2j9d25TI6UgawDlDLHBGQJLk
3WPkfj1i8euS2/TpWWwqGEGMCIuygx3CmEv0j8+lXeEKSZQ3oh1IjalQgyHRctOI
68QSN2UohzzVosvKIhasEnfQHfhg+xHQ+dcvOlpEIz0qu7GHB6yvC13qVruMuC4t
IamnrD4rDkPPOwxRYRgogYxAMjo8ysYovHkf4CRitdmT7v4UMPsgjZNMA31iCmd7
UQd16wpqPJnQhtb6SHp8Qun9gIurIagxKTt9fooJjlOj
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org