Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
File: e07d74df-535d-4244-b607-95997aa421a3.roa (raw, json)
Hash identifier: QX3l0gKUkrpHBSklpA8GacY2mRzCSXNmCum3/nKEEt4=
Subject key identifier: BC:24:F9:F9:3A:DE:85:CC:DE:E6:30:C3:11:72:8E:82:9E:54:A7:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E9C163A06A45D6AC3EE9E5AEE7F80A3E0896406
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:9c:16:3a:06:a4:5d:6a:c3:ee:9e:5a:ee:7f:80:a3:e0:89:64:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=bee1ada813def784cd6411bcd21632500b67d26de586f39d9a5ef7bbf2b3634a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:88:82:8c:1a:74:13:da:24:d8:15:d5:70:10:
79:d9:02:8e:39:43:09:87:95:ac:70:00:7e:cd:07:
2d:5c:0c:76:0f:29:50:ba:22:0f:98:8d:1c:20:6e:
09:e4:5f:2b:7d:a8:83:10:05:a0:0c:ef:a2:5c:b3:
46:03:d9:f5:d7:f1:db:0a:01:06:8a:a2:52:c1:0f:
25:c8:94:9a:1c:99:e2:1a:bd:6f:45:ff:06:f8:3e:
dc:b4:b8:38:13:d5:eb:10:3e:11:1c:50:25:73:d9:
18:c5:87:61:2f:8d:a6:1d:aa:3e:f9:a2:b6:e4:8e:
f6:98:70:e7:d1:3c:ba:66:12:5d:72:18:20:63:38:
a6:97:75:db:d2:e0:16:b0:d4:48:b5:b4:4f:05:3d:
9a:5b:6a:b4:4a:d5:ab:fa:8c:3b:10:c7:b5:48:fd:
80:6e:c7:39:f1:c5:af:5b:28:3a:87:6e:a1:44:1d:
14:bc:d9:82:e0:46:b4:03:1c:46:74:3d:fa:22:d8:
81:4d:0c:7c:44:00:54:1c:a4:f3:57:77:d3:88:32:
85:62:f7:19:ce:52:74:b7:ec:99:8b:3a:f9:29:87:
e6:4a:9d:dc:de:8d:ec:40:cc:4c:5b:f0:2a:cd:6a:
e1:14:8f:6f:97:d3:2e:6b:4d:56:40:d1:fc:4b:cf:
14:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:24:F9:F9:3A:DE:85:CC:DE:E6:30:C3:11:72:8E:82:9E:54:A7:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
03:8f:48:5f:95:7f:cb:b0:00:fa:56:2f:36:ef:3b:38:c8:44:
f9:00:e3:7d:54:e2:cf:0a:91:76:ca:8f:7a:13:46:71:06:48:
3a:22:36:e3:1e:16:b4:a9:a5:db:83:a7:70:b7:cd:61:52:ca:
d2:49:a2:c2:0c:fe:1f:c1:8b:90:77:aa:20:cb:44:e5:fb:9a:
60:4a:f2:b3:e2:49:d6:cb:78:92:f1:20:b7:09:2a:c9:6b:01:
48:4f:9b:49:5e:6a:90:ed:25:fe:c9:26:e4:bd:4b:13:0f:c9:
c9:a7:a0:5a:62:a3:f0:57:20:02:01:f2:f4:7a:1a:be:e7:85:
78:74:bb:24:51:ea:19:4f:81:4d:1f:1f:9c:5a:f5:27:0c:44:
70:76:a7:b7:9b:27:c6:b7:d6:af:a8:db:50:0f:f3:d2:d3:b1:
7a:fe:40:fc:a0:0e:60:0c:cd:89:6c:e6:ff:b8:f1:73:bc:02:
7c:f3:fe:fe:e4:81:b5:2e:54:18:80:db:ba:90:28:a2:cb:2b:
3a:71:e9:cc:55:4c:ea:9b:95:16:db:aa:7c:ba:e6:6f:c4:75:
6c:53:ed:af:a5:07:a8:43:4e:d8:78:30:e9:1b:4a:ad:5d:08:
1b:0d:64:ad:31:10:76:3e:7b:1c:32:f8:47:b7:35:16:a8:95:
9d:aa:b4:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfpwWOgakXWrD7p5a7n+Ao+CJZAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlZTFhZGE4MTNkZWY3ODRjZDY0MTFiY2QyMTYzMjUwMGI2N2QyNmRlNTg2
ZjM5ZDlhNWVmN2JiZjJiMzYzNGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaIgowadBPaJNgV1XAQedkCjjlDCYeVrHAAfs0HLVwMdg8pULoiD5iNHCBu
CeRfK32ogxAFoAzvolyzRgPZ9dfx2woBBoqiUsEPJciUmhyZ4hq9b0X/Bvg+3LS4
OBPV6xA+ERxQJXPZGMWHYS+Nph2qPvmituSO9phw59E8umYSXXIYIGM4ppd129Lg
FrDUSLW0TwU9mltqtErVq/qMOxDHtUj9gG7HOfHFr1soOoduoUQdFLzZguBGtAMc
RnQ9+iLYgU0MfEQAVByk81d304gyhWL3Gc5SdLfsmYs6+SmH5kqd3N6N7EDMTFvw
Ks1q4RSPb5fTLmtNVkDR/EvPFM8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8JPn5
Ot6FzN7mMMMRco6CnlSniDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTA3ZDc0ZGYtNTM1ZC00MjQ0LWI2MDctOTU5OTdhYTQyMWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAA49IX5V/y7AA+lYvNu87OMhE+QDjfVTizwqRdsqP
ehNGcQZIOiI24x4WtKml24OncLfNYVLK0kmiwgz+H8GLkHeqIMtE5fuaYErys+JJ
1st4kvEgtwkqyWsBSE+bSV5qkO0l/skm5L1LEw/JyaegWmKj8FcgAgHy9HoavueF
eHS7JFHqGU+BTR8fnFr1JwxEcHant5snxrfWr6jbUA/z0tOxev5A/KAOYAzNiWzm
/7jxc7wCfPP+/uSBtS5UGIDbupAoossrOnHpzFVM6puVFtuqfLrmb8R1bFPtr6UH
qENO2Hgw6RtKrV0IGw1krTEQdj57HDL4R7c1FqiVnaq0vA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org