Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
File: bd71a746-3cc9-4570-bf5d-cc70358205b8.roa (raw, json)
Hash identifier: JJU3iHK5KR4BUSJzy64Odxlt3YbSGWhd8ZemOqn5SAI=
Subject key identifier: 4A:D5:FF:CD:74:A4:E5:A0:7D:5E:E0:A9:AE:AD:83:65:0C:F9:CB:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ED10767DA86FA5030201C6423C31D408AC8C3AE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:d1:07:67:da:86:fa:50:30:20:1c:64:23:c3:1d:40:8a:c8:c3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=00e12df0ee0d946768bb5dcfb6ac07224adc91b2090a454ea40ee53b3ee31d92, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b1:8a:e1:1d:ac:c5:58:4e:d0:2a:29:29:5c:
ca:a7:c4:fd:e4:59:80:d8:05:67:90:3c:9b:6a:ce:
e2:27:f4:e2:b1:5a:0a:ba:34:e8:8b:bf:cf:1f:63:
0b:93:cf:51:b8:fa:e5:91:93:39:14:99:71:a3:90:
79:9b:89:35:e1:38:c9:4d:bd:95:56:6e:09:b7:a1:
ed:dd:1a:78:c2:4d:3f:b4:5f:44:ad:9b:2f:f4:99:
c4:87:5c:77:1a:7c:82:91:94:63:0f:4b:81:c5:a6:
b3:24:cb:71:35:33:e4:a0:27:47:f1:03:83:41:fd:
22:e2:45:74:f7:43:c2:92:2e:4a:4c:a6:8f:e6:fc:
fe:a4:42:8a:03:b7:18:7b:a0:e8:8a:69:0b:03:84:
52:70:a7:d7:e1:49:90:75:b1:e2:d7:02:e1:00:b2:
b7:6c:10:9d:64:7e:7c:ba:5b:ae:21:01:1c:96:c5:
e0:67:ab:ee:3a:40:26:e7:54:fc:b1:1b:93:d2:9a:
ff:54:be:90:b8:b0:81:e0:0f:e4:63:b0:d2:8e:89:
4b:40:9a:26:10:41:64:88:78:b9:cd:8e:43:d2:35:
32:88:eb:2b:16:e3:24:dd:f7:45:65:0e:88:50:7c:
58:59:fa:07:c7:e4:e6:5d:32:0b:95:df:7e:27:3c:
37:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D5:FF:CD:74:A4:E5:A0:7D:5E:E0:A9:AE:AD:83:65:0C:F9:CB:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
48:91:9f:9d:b2:ee:04:1e:9f:7a:c4:55:32:18:f6:61:00:60:
86:2a:e8:66:73:bf:94:68:5a:cc:91:2c:72:65:1f:10:e2:dc:
53:4d:67:58:86:bf:bd:5f:ed:d8:08:e5:17:48:a0:72:48:d4:
fb:b0:1d:f9:43:e8:0e:e2:ef:01:c9:e1:bf:db:f2:32:10:fd:
5f:8a:22:15:20:70:89:f4:68:96:2b:96:4e:f8:7f:68:87:ef:
98:5c:98:37:91:df:ff:12:3f:9d:23:b1:6b:7f:f4:dd:6e:f3:
1d:e6:f0:8d:f9:5b:14:c2:f5:9c:3a:80:01:6c:26:50:37:f7:
0b:57:17:b0:45:d6:9a:ed:e8:0c:b3:b2:f9:8b:ed:c0:2c:82:
24:73:f7:7c:9e:84:a4:cc:7a:02:16:2a:27:d9:a3:b3:5e:88:
52:0f:8c:4d:b3:08:de:48:b6:3b:4d:5f:35:b4:6c:f6:16:0e:
58:25:5b:29:7a:c8:e1:5c:37:d0:45:42:5a:23:97:0c:d0:90:
13:d9:03:f7:cf:82:2d:fd:55:3e:09:f0:68:38:d4:c4:c0:3d:
47:a6:6b:7c:9d:53:a6:4f:12:29:99:f1:9a:97:0f:7b:d8:0f:
b1:07:18:06:d8:98:ef:af:b9:9f:15:62:79:d4:c7:89:e2:42:
93:69:f8:ca
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUftEHZ9qG+lAwIBxkI8MdQIrIw64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwZTEyZGYwZWUwZDk0Njc2OGJiNWRjZmI2YWMwNzIyNGFkYzkxYjIwOTBh
NDU0ZWE0MGVlNTNiM2VlMzFkOTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMexiuEdrMVYTtAqKSlcyqfE/eRZgNgFZ5A8m2rO4if04rFaCro06Iu/zx9j
C5PPUbj65ZGTORSZcaOQeZuJNeE4yU29lVZuCbeh7d0aeMJNP7RfRK2bL/SZxIdc
dxp8gpGUYw9LgcWmsyTLcTUz5KAnR/EDg0H9IuJFdPdDwpIuSkymj+b8/qRCigO3
GHug6IppCwOEUnCn1+FJkHWx4tcC4QCyt2wQnWR+fLpbriEBHJbF4Ger7jpAJudU
/LEbk9Ka/1S+kLiwgeAP5GOw0o6JS0CaJhBBZIh4uc2OQ9I1MojrKxbjJN33RWUO
iFB8WFn6B8fk5l0yC5Xffic8N1cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRK1f/N
dKTloH1e4KmurYNlDPnLczAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmQ3MWE3NDYtM2NjOS00NTcwLWJmNWQtY2M3MDM1ODIwNWI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEASJGfnbLuBB6fesRVMhj2YQBghiroZnO/lGhazJEs
cmUfEOLcU01nWIa/vV/t2AjlF0igckjU+7Ad+UPoDuLvAcnhv9vyMhD9X4oiFSBw
ifRoliuWTvh/aIfvmFyYN5Hf/xI/nSOxa3/03W7zHebwjflbFML1nDqAAWwmUDf3
C1cXsEXWmu3oDLOy+YvtwCyCJHP3fJ6EpMx6AhYqJ9mjs16IUg+MTbMI3ki2O01f
NbRs9hYOWCVbKXrI4Vw30EVCWiOXDNCQE9kD98+CLf1VPgnwaDjUxMA9R6ZrfJ1T
pk8SKZnxmpcPe9gPsQcYBtiY76+5nxViedTHieJCk2n4yg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org