Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: pBRsi30463LI2FGPQQJhC4cPuahH1570Q38+G7VwABI=
Subject key identifier: D7:9D:65:B6:D5:D3:0C:F4:4F:B5:AC:E9:2C:1B:81:9A:8B:88:B3:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A702E25410DC9BA16567C49E38F12BDBBFA2863
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Tue 28 May 2024 00:00:00 +0000
ROA not before: Tue 28 May 2024 00:00:00 +0000
ROA not after: Tue 02 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:70:2e:25:41:0d:c9:ba:16:56:7c:49:e3:8f:12:bd:bb:fa:28:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 28 00:00:00 2024 GMT
Not After : Jul 2 23:59:59 2024 GMT
Subject: serialNumber=cb734e455d7e2bd0dec3499d09d947cada007995176e865e86dc9a1876441001, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a5:78:7f:79:85:20:d9:73:c1:8b:6e:90:91:
80:26:0b:3a:93:19:89:56:0a:5d:c5:21:68:18:f2:
0c:34:df:35:0f:35:bf:99:1c:21:8e:86:b1:c3:ee:
54:c7:aa:d8:86:53:7c:96:15:2c:cd:c1:41:fe:f0:
8b:47:18:b2:ce:5b:3a:39:fd:eb:95:ec:c9:b4:ef:
34:12:01:5e:64:1b:9f:b3:fb:e9:07:3c:61:9a:c2:
c2:2e:a2:71:dd:43:46:72:9b:d0:13:8e:9d:7e:18:
d1:d4:6d:37:dc:78:c3:0c:e5:fb:ba:b9:d2:3f:ac:
af:dd:f8:84:b9:54:3c:5c:24:1c:6b:b1:8d:28:24:
a8:b4:6b:51:40:d4:8c:26:50:af:99:67:a8:ca:d6:
4d:64:38:ac:28:dd:6f:54:c9:2c:68:f5:e1:17:51:
09:d8:95:fa:8c:17:94:92:2d:66:63:7c:d8:ce:8c:
d1:eb:5f:34:9d:9f:78:7e:f6:9b:d7:3f:ad:3a:ab:
b5:15:7e:e9:81:6b:b6:0c:53:b6:19:6a:87:74:d4:
c3:9f:f6:9a:a6:8e:bf:d2:d9:43:c0:1f:c6:8b:58:
8a:ed:81:db:fd:32:01:81:7d:14:46:fa:8f:21:3f:
85:04:3b:34:dc:99:de:44:a2:93:1c:37:ee:1b:66:
b0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9D:65:B6:D5:D3:0C:F4:4F:B5:AC:E9:2C:1B:81:9A:8B:88:B3:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
44:72:3f:96:cc:64:e7:11:83:02:17:31:5a:b6:3d:f0:12:ba:
2b:55:54:1f:6e:6b:c1:db:dc:65:f9:56:5a:15:ff:7e:29:0d:
44:40:b7:a3:74:a1:00:d8:ba:ee:09:f1:3b:ea:3a:fd:e0:a5:
25:ce:33:89:62:9f:94:45:b4:8d:d9:84:15:b5:9e:b5:d0:06:
3b:63:13:95:00:c5:d7:c0:65:de:ea:84:e3:fb:9e:a7:4d:ba:
df:eb:3d:0e:57:d4:0b:89:3e:9f:0b:3b:5a:97:bb:8f:40:83:
41:12:ca:19:4a:e7:7d:0b:f7:7f:44:7e:63:16:7f:c6:ef:4b:
14:a5:5b:96:4d:28:0f:18:00:eb:c5:47:29:37:a2:55:6c:61:
c9:02:57:45:b1:1b:35:ac:e6:bb:0b:a2:7b:8f:b5:56:9d:21:
fc:b9:8c:e1:e0:df:5f:89:5f:ff:35:c8:8b:e4:19:ff:75:6f:
9a:7a:f7:b0:e2:8b:3c:af:c2:98:77:de:29:5f:b4:8f:c9:49:
de:f2:2a:67:f0:52:97:69:a0:a2:9c:a0:b5:da:e2:57:da:86:
99:f9:04:18:4d:56:2f:c0:db:47:71:d8:be:b8:4c:0f:8a:82:
f9:00:a9:c4:39:fc:e1:db:8b:68:0d:19:f3:ce:d1:42:04:c4:
7c:fe:aa:57
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOnAuJUENyboWVnxJ448Svbv6KGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjgwMDAwMDBaFw0yNDA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNzM0ZTQ1NWQ3ZTJiZDBkZWMzNDk5ZDA5ZDk0N2NhZGEwMDc5OTUxNzZl
ODY1ZTg2ZGM5YTE4NzY0NDEwMDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuleH95hSDZc8GLbpCRgCYLOpMZiVYKXcUhaBjyDDTfNQ81v5kcIY6GscPu
VMeq2IZTfJYVLM3BQf7wi0cYss5bOjn965XsybTvNBIBXmQbn7P76Qc8YZrCwi6i
cd1DRnKb0BOOnX4Y0dRtN9x4wwzl+7q50j+sr934hLlUPFwkHGuxjSgkqLRrUUDU
jCZQr5lnqMrWTWQ4rCjdb1TJLGj14RdRCdiV+owXlJItZmN82M6M0etfNJ2feH72
m9c/rTqrtRV+6YFrtgxTthlqh3TUw5/2mqaOv9LZQ8AfxotYiu2B2/0yAYF9FEb6
jyE/hQQ7NNyZ3kSikxw37htmsN0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTXnWW2
1dMM9E+1rOksG4Gai4izJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEARHI/lsxk5xGDAhcxWrY98BK6K1VUH25rwdvcZflW
WhX/fikNREC3o3ShANi67gnxO+o6/eClJc4ziWKflEW0jdmEFbWetdAGO2MTlQDF
18Bl3uqE4/uep0263+s9DlfUC4k+nws7Wpe7j0CDQRLKGUrnfQv3f0R+YxZ/xu9L
FKVblk0oDxgA68VHKTeiVWxhyQJXRbEbNazmuwuie4+1Vp0h/LmM4eDfX4lf/zXI
i+QZ/3Vvmnr3sOKLPK/CmHfeKV+0j8lJ3vIqZ/BSl2mgopygtdriV9qGmfkEGE1W
L8DbR3HYvrhMD4qC+QCpxDn84duLaA0Z887RQgTEfP6qVw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org