Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: hW5OyYvPGwsi+pftKxjID7Fk9lZs+guuns6pS4rsO6I=
Subject key identifier: 11:AC:FA:98:9B:D0:3F:8F:9C:3B:3C:0A:6C:A9:1C:D1:C2:DE:23:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41DD34A3F16FE1643867F1AF809FA1872C33B7C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:dd:34:a3:f1:6f:e1:64:38:67:f1:af:80:9f:a1:87:2c:33:b7:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=b592988d4c345b285269373a2edec7e47302e0d46742344bb723eb276b1de210, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:66:b3:24:29:88:ef:7f:7f:a1:0f:3f:7b:87:
86:25:25:51:43:c4:3d:42:1c:a6:97:0f:0a:08:85:
b5:f5:68:a1:81:df:8c:e3:06:57:63:4f:70:b9:a7:
2a:a4:37:0d:cd:65:6d:d3:22:f7:a6:3b:c2:30:d5:
fa:4e:0c:48:13:76:37:8a:d0:b8:5f:39:5f:e0:02:
6c:ed:a1:a7:bb:71:3d:79:ea:11:07:85:09:c3:8d:
5b:8e:ef:61:e3:a7:96:48:81:38:be:a8:41:05:47:
72:41:52:72:a4:de:61:54:42:c9:76:dc:45:fc:55:
5d:a2:71:45:7a:49:34:c7:2e:8b:69:96:d6:3e:1f:
7d:c8:ec:a4:20:08:b0:a7:dd:39:c8:0e:8b:c0:e4:
58:62:85:c3:18:c0:53:9a:c2:f2:bb:01:3e:94:d8:
15:ad:2e:97:dd:28:d8:91:47:f3:8b:fd:19:31:74:
a2:ae:2c:fb:d0:0c:7b:65:a8:e1:af:25:94:e4:99:
47:f4:51:e1:38:e9:73:9a:2b:f3:3b:41:ab:0f:e3:
64:81:e1:94:a9:8a:c7:b4:d5:c9:cd:2c:e5:33:2b:
90:bb:00:28:49:5e:be:9e:68:ed:86:33:ae:9c:6f:
18:81:20:1f:dc:cd:fb:db:95:f5:7c:40:fc:d4:f1:
51:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AC:FA:98:9B:D0:3F:8F:9C:3B:3C:0A:6C:A9:1C:D1:C2:DE:23:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:41:d7:d4:87:56:68:39:66:e6:ef:1b:15:08:2f:91:e3:f5:
7b:c8:a9:55:98:d1:60:d2:3c:4b:a6:35:28:c2:2f:77:fb:27:
58:66:2e:c2:b7:f0:38:8c:87:a1:54:d5:91:66:0f:8e:e3:27:
27:ad:54:1f:9a:31:86:e4:02:ab:0f:33:ea:48:fe:e1:69:c3:
b8:be:95:a3:b5:b3:65:15:62:de:54:b5:91:0d:bd:09:c7:fa:
ae:db:6d:53:49:2b:5f:bf:6f:30:5b:42:e7:c1:08:f7:89:b2:
8e:84:07:85:2c:b3:5c:1b:f9:c9:36:1a:92:50:75:47:c9:fc:
80:d0:ea:7d:01:00:37:76:98:b2:06:b0:80:77:89:57:75:47:
91:3e:6d:4f:a8:78:d3:49:e9:f5:a3:87:e6:02:b6:c1:e7:9e:
39:00:5b:ba:b1:82:ca:75:b2:96:1c:dc:04:3d:13:f3:b3:35:
11:2f:b0:38:a2:4a:db:30:4c:8b:23:cf:4f:b6:ee:c3:94:c9:
b4:3a:84:85:bb:e2:ba:d5:c6:61:8d:38:05:27:89:b1:f1:ac:
30:7f:29:46:10:9e:79:a6:93:69:8e:7e:b4:ce:9d:96:c7:01:
ed:b5:2c:09:2b:74:1b:08:56:83:aa:00:6a:ea:7c:e4:d2:4a:
93:f2:42:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQd00o/Fv4WQ4Z/GvgJ+hhywzt8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1OTI5ODhkNGMzNDViMjg1MjY5MzczYTJlZGVjN2U0NzMwMmUwZDQ2NzQy
MzQ0YmI3MjNlYjI3NmIxZGUyMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5msyQpiO9/f6EPP3uHhiUlUUPEPUIcppcPCgiFtfVooYHfjOMGV2NPcLmn
KqQ3Dc1lbdMi96Y7wjDV+k4MSBN2N4rQuF85X+ACbO2hp7txPXnqEQeFCcONW47v
YeOnlkiBOL6oQQVHckFScqTeYVRCyXbcRfxVXaJxRXpJNMcui2mW1j4ffcjspCAI
sKfdOcgOi8DkWGKFwxjAU5rC8rsBPpTYFa0ul90o2JFH84v9GTF0oq4s+9AMe2Wo
4a8llOSZR/RR4Tjpc5or8ztBqw/jZIHhlKmKx7TVyc0s5TMrkLsAKElevp5o7YYz
rpxvGIEgH9zN+9uV9XxA/NTxUf8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQRrPqY
m9A/j5w7PApsqRzRwt4j/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQAbQdfUh1ZoOWbm7xsVCC+R4/V7yKlVmNFg0jxLpjUo
wi93+ydYZi7Ct/A4jIehVNWRZg+O4ycnrVQfmjGG5AKrDzPqSP7hacO4vpWjtbNl
FWLeVLWRDb0Jx/qu221TSStfv28wW0LnwQj3ibKOhAeFLLNcG/nJNhqSUHVHyfyA
0Op9AQA3dpiyBrCAd4lXdUeRPm1PqHjTSen1o4fmArbB5545AFu6sYLKdbKWHNwE
PRPzszURL7A4okrbMEyLI89Ptu7DlMm0OoSFu+K61cZhjTgFJ4mx8awwfylGEJ55
ppNpjn60zp2WxwHttSwJK3QbCFaDqgBq6nzk0kqT8kIx
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org