Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
File: 05585ded-caa9-4870-9b97-23218aa79783.roa (raw, json)
Hash identifier: jtGL+L8Qbt+UsUddmrk0XctB1po8Zj/tGfR6/ZEwioM=
Subject key identifier: 72:C7:33:2D:AC:59:32:D4:61:E8:0C:E7:BF:07:C8:EE:3E:F3:9B:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54ED79FF3CC1436B6474F34477AB73AC340EAE8D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
Signing time: Mon 08 Apr 2024 00:00:00 +0000
ROA not before: Mon 08 Apr 2024 00:00:00 +0000
ROA not after: Mon 13 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ed:79:ff:3c:c1:43:6b:64:74:f3:44:77:ab:73:ac:34:0e:ae:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 8 00:00:00 2024 GMT
Not After : May 13 23:59:59 2024 GMT
Subject: serialNumber=32f68acc9ea5fbc428f0d175962033a875a4d185b4f4398977a9b8b0cee6cce0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8c:8a:18:1d:0d:45:0e:e0:69:3b:35:d7:f2:
30:24:26:0a:8d:01:b0:eb:b2:f6:14:66:e9:e3:90:
d3:04:f0:30:46:5e:f1:c6:da:d6:96:44:a2:e4:4a:
89:b2:9e:42:92:6f:e6:64:33:9b:26:d3:49:19:ab:
b5:6b:35:62:ca:ae:3c:da:6d:8d:58:9e:f0:c7:6b:
7a:ef:4c:33:57:95:13:f1:8c:35:7b:47:19:7a:ed:
a6:a3:cd:53:1f:b3:66:07:e6:47:67:a7:25:83:4e:
b7:f4:ff:00:e1:fc:db:44:bb:e8:ce:e8:6d:51:b4:
47:60:ae:a1:a9:b8:5c:29:cd:cf:f6:7c:bf:f9:b8:
23:aa:01:06:83:ce:d8:ec:35:6f:1f:bc:2a:48:7b:
3e:7b:1e:69:c2:2f:57:9a:bf:9d:5d:2a:79:cc:f6:
32:67:35:5d:d8:46:5f:f7:b4:51:b2:1e:92:22:4d:
4c:3e:d4:34:62:7c:c1:b2:f0:72:74:a9:5c:cb:f6:
ca:b9:09:9f:d8:bc:eb:ed:92:65:62:78:c1:76:d5:
12:3c:4c:33:1e:d2:a4:10:7d:67:ff:23:b4:18:fc:
9c:d5:b6:0c:83:b9:65:3b:67:1b:ca:c0:d1:37:1e:
37:24:01:72:99:67:2e:82:78:1f:c2:2f:6b:85:86:
e6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C7:33:2D:AC:59:32:D4:61:E8:0C:E7:BF:07:C8:EE:3E:F3:9B:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
74:82:4f:30:d6:d1:cd:eb:1b:69:1e:78:c6:c2:1b:e8:0d:2b:
f7:75:8b:d3:10:d1:08:88:e7:0f:1f:c0:ab:f9:1b:bd:cd:06:
4d:f9:d9:12:4c:ee:4d:70:24:12:52:6e:cd:62:9c:6e:69:3f:
05:17:d5:bf:fc:58:15:a8:08:45:2b:d0:9a:61:34:f0:d4:fb:
79:1c:4e:49:d5:09:ec:3d:5e:cd:16:0f:0c:7c:e8:d3:f4:b2:
53:bf:d4:ac:7e:35:cb:19:75:a7:90:19:a6:29:03:d5:01:a1:
4e:c3:1e:b0:45:31:4b:22:e9:67:9c:a1:d2:c8:b4:66:66:16:
e2:e1:b4:80:96:4f:c3:ea:8a:81:06:c1:d5:d1:78:75:26:3b:
2f:c7:2b:5f:88:48:bf:3c:05:75:ca:eb:6f:d9:14:6f:f8:dd:
94:68:b7:63:31:7f:5b:59:39:01:6c:cd:a1:e3:df:67:bb:73:
2d:26:0a:3a:3a:db:d6:32:45:a8:e7:9f:b6:db:a6:bf:53:52:
6e:eb:8a:02:73:0b:04:1c:3e:ee:31:85:0c:6a:fd:8b:d6:b8:
50:bc:73:ab:9a:57:cd:9c:4a:bd:85:7b:3f:60:37:d1:7a:51:
f3:e7:ac:cd:3f:50:fe:0a:49:06:67:ac:e3:ef:db:8a:4d:ba:
72:f8:72:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVO15/zzBQ2tkdPNEd6tzrDQOro0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDgwMDAwMDBaFw0yNDA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyZjY4YWNjOWVhNWZiYzQyOGYwZDE3NTk2MjAzM2E4NzVhNGQxODViNGY0
Mzk4OTc3YTliOGIwY2VlNmNjZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+MihgdDUUO4Gk7NdfyMCQmCo0BsOuy9hRm6eOQ0wTwMEZe8cba1pZEouRK
ibKeQpJv5mQzmybTSRmrtWs1YsquPNptjVie8Mdreu9MM1eVE/GMNXtHGXrtpqPN
Ux+zZgfmR2enJYNOt/T/AOH820S76M7obVG0R2Cuoam4XCnNz/Z8v/m4I6oBBoPO
2Ow1bx+8Kkh7PnseacIvV5q/nV0qecz2Mmc1XdhGX/e0UbIekiJNTD7UNGJ8wbLw
cnSpXMv2yrkJn9i86+2SZWJ4wXbVEjxMMx7SpBB9Z/8jtBj8nNW2DIO5ZTtnG8rA
0TceNyQBcplnLoJ4H8Iva4WG5lsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRyxzMt
rFky1GHoDOe/B8juPvObJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDU1ODVkZWQtY2FhOS00ODcwLTliOTctMjMyMThhYTc5NzgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAdIJPMNbRzesbaR54xsIb6A0r93WL0xDRCIjnDx/A
q/kbvc0GTfnZEkzuTXAkElJuzWKcbmk/BRfVv/xYFagIRSvQmmE08NT7eRxOSdUJ
7D1ezRYPDHzo0/SyU7/UrH41yxl1p5AZpikD1QGhTsMesEUxSyLpZ5yh0si0ZmYW
4uG0gJZPw+qKgQbB1dF4dSY7L8crX4hIvzwFdcrrb9kUb/jdlGi3YzF/W1k5AWzN
oePfZ7tzLSYKOjrb1jJFqOefttumv1NSbuuKAnMLBBw+7jGFDGr9i9a4ULxzq5pX
zZxKvYV7P2A30XpR8+eszT9Q/gpJBmes4+/bik26cvhyaw==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:14 2024 by rpki-client on console-ams.rpki-client.org