Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json)
Hash identifier: 8Xkd45o9SrZDD852ek0wXGvcD6kIi9dopSP+Xfo/f/U=
Subject key identifier: 37:49:11:30:C4:AF:DC:C5:09:61:8D:0C:1B:86:A5:FF:C1:8D:31:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 294F6DC51EB26AB12CA76DEA8066E0734F1E65E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
Signing time: Mon 17 Jun 2024 00:00:00 +0000
ROA not before: Mon 17 Jun 2024 00:00:00 +0000
ROA not after: Mon 22 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:4f:6d:c5:1e:b2:6a:b1:2c:a7:6d:ea:80:66:e0:73:4f:1e:65:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:00:00 2024 GMT
Not After : Jul 22 23:59:59 2024 GMT
Subject: serialNumber=b93265d914e61e086239d143d251a540d5fa28ea86d48c2d2e6b6759835c835d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:9b:80:7a:c1:0c:9d:c1:08:8c:38:af:f7:
f1:ef:3f:69:30:75:6f:84:da:2f:7f:72:9f:fa:96:
91:3b:64:71:8e:f4:a2:5e:d7:54:07:ae:39:ee:02:
81:c4:9d:a7:f8:e7:14:c6:45:f0:d2:d1:97:8a:86:
d6:37:92:7c:31:55:bb:95:65:2b:5d:e9:74:c3:e4:
d0:72:73:ea:bf:bb:27:f2:71:7f:41:ad:bb:27:12:
4c:17:01:c8:e2:34:47:d5:e4:05:22:62:d8:da:98:
d6:0b:a6:fd:05:99:37:70:2a:af:e8:0e:cc:d3:94:
e8:fb:ff:b0:68:f0:b1:27:65:b1:fc:c5:58:53:47:
35:70:aa:6d:9f:37:82:dd:e7:0e:3c:58:6d:84:61:
72:1e:90:9c:8a:37:a4:58:4c:8e:f3:8f:44:56:5c:
aa:c3:d9:43:90:9f:5a:e7:79:37:23:73:9d:c6:d4:
59:6a:d5:65:07:1c:01:e1:b7:75:87:d4:08:1d:05:
ac:6c:96:b2:07:b0:da:84:e5:d5:45:ba:79:94:f6:
d6:f9:53:5c:27:73:1a:12:aa:79:94:19:4e:33:9d:
c2:50:fc:73:0a:a4:96:4a:e4:44:45:53:04:2a:a3:
6d:41:02:31:da:fe:65:6f:47:ed:ef:2c:07:ff:a0:
56:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:49:11:30:C4:AF:DC:C5:09:61:8D:0C:1B:86:A5:FF:C1:8D:31:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:b0:99:0b:2f:c6:72:7a:22:db:60:31:5c:95:e4:13:6a:18:
d6:1e:d8:3c:50:9e:71:c4:f3:8b:a5:9c:ee:48:a0:df:1f:f0:
0d:85:da:bd:98:2e:18:dc:3f:d3:fe:60:95:1e:b0:1f:81:be:
e4:af:5c:0c:19:bf:38:23:af:dd:4c:b0:7a:87:2d:84:3b:ba:
d7:f1:b1:db:79:2e:73:12:bf:3f:51:44:a9:77:6d:62:1a:f1:
b5:0f:8f:23:16:de:de:cd:d4:74:1a:85:38:32:c7:88:f9:69:
ee:59:e8:04:11:d8:69:0b:d1:5b:4f:59:ad:a2:ba:d0:ad:4d:
46:28:94:43:fb:2b:cf:34:6b:8b:40:ba:a2:e7:09:da:92:9b:
07:fb:0d:ee:e4:84:dc:e7:6a:a1:c0:a9:f7:4b:17:19:a3:14:
7d:d6:71:6a:a9:4c:cc:e6:1e:44:ee:4a:87:84:96:69:7c:e1:
9b:0d:fe:69:f0:fd:ba:0a:61:c0:68:7a:32:23:c3:a7:d3:ac:
db:48:9e:64:17:0d:98:c8:fe:80:e7:b8:5d:83:07:c8:7d:3f:
be:a0:fa:d9:00:73:ed:a2:d0:6f:8d:dd:05:70:3f:82:cf:09:
15:63:e8:6d:7e:7c:05:5a:52:d6:eb:7f:9e:a5:ae:7e:f7:d2:
d2:29:d1:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKU9txR6yarEsp23qgGbgc08eZekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTcwMDAwMDBaFw0yNDA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MzI2NWQ5MTRlNjFlMDg2MjM5ZDE0M2QyNTFhNTQwZDVmYTI4ZWE4NmQ0
OGMyZDJlNmI2NzU5ODM1YzgzNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdNm4B6wQydwQiMOK/38e8/aTB1b4TaL39yn/qWkTtkcY70ol7XVAeuOe4C
gcSdp/jnFMZF8NLRl4qG1jeSfDFVu5VlK13pdMPk0HJz6r+7J/Jxf0GtuycSTBcB
yOI0R9XkBSJi2NqY1gum/QWZN3Aqr+gOzNOU6Pv/sGjwsSdlsfzFWFNHNXCqbZ83
gt3nDjxYbYRhch6QnIo3pFhMjvOPRFZcqsPZQ5CfWud5NyNzncbUWWrVZQccAeG3
dYfUCB0FrGyWsgew2oTl1UW6eZT21vlTXCdzGhKqeZQZTjOdwlD8cwqklkrkREVT
BCqjbUECMdr+ZW9H7e8sB/+gVvcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ3SREw
xK/cxQlhjQwbhqX/wY0x1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQCysJkLL8ZyeiLbYDFcleQTahjWHtg8UJ5xxPOLpZzu
SKDfH/ANhdq9mC4Y3D/T/mCVHrAfgb7kr1wMGb84I6/dTLB6hy2EO7rX8bHbeS5z
Er8/UUSpd21iGvG1D48jFt7ezdR0GoU4MseI+WnuWegEEdhpC9FbT1mtorrQrU1G
KJRD+yvPNGuLQLqi5wnakpsH+w3u5ITc52qhwKn3SxcZoxR91nFqqUzM5h5E7kqH
hJZpfOGbDf5p8P26CmHAaHoyI8On06zbSJ5kFw2YyP6A57hdgwfIfT++oPrZAHPt
otBvjd0FcD+CzwkVY+htfnwFWlLW63+epa5+99LSKdEP
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:44:41 2024 by rpki-client on console-fra.rpki-client.org