Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
File: 06d20303-8537-47c7-bd75-8dea01488a0a.roa (raw, json)
Hash identifier: AyYeSUjKqDJun2jXSnu7QOK8dw/9X9uhwWT8qOF8AFA=
Subject key identifier: 4A:EC:47:D2:57:0A:69:7A:6E:07:DF:F9:41:F5:25:0A:FA:CB:6E:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59F2BB2F7991F727B885F67442F3A9613A07FEC8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f2:bb:2f:79:91:f7:27:b8:85:f6:74:42:f3:a9:61:3a:07:fe:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=d3452e02cc0b7bf1dc95d2cb3f2d6c0df13d0ec892f53830d373013beb449866, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fd:36:9f:cd:4a:6b:c7:e5:8e:27:40:6b:c7:
14:bf:cc:55:fa:bf:b9:e2:e0:47:51:94:ba:8b:c4:
ac:e2:3f:55:c2:66:63:3c:4f:d0:f6:be:2e:3f:f8:
a3:51:b4:4d:05:a8:0e:12:24:2d:a5:fa:0b:61:34:
31:92:97:d1:a9:0e:ec:e8:b1:25:af:2f:db:44:67:
47:ce:04:d1:39:3c:1e:c0:ed:43:26:00:28:36:6b:
e2:4a:8c:16:a5:b7:f8:77:38:94:31:58:2f:44:c7:
40:65:57:13:15:c8:15:f0:6b:67:7b:34:e7:3a:7d:
9a:79:38:27:6b:b1:98:64:a0:fc:3e:16:85:a5:eb:
47:8f:4e:69:42:74:c6:f0:33:39:38:98:e2:f1:6b:
ad:3c:2c:6f:a6:fa:b8:5e:1d:b7:ee:d2:a4:ae:1c:
0b:0d:d7:d6:84:19:cd:5e:99:b8:5e:fc:6f:f8:26:
64:b6:9c:b9:bf:5a:f8:9c:78:cb:58:3e:5c:ad:1f:
09:67:2a:92:e1:64:1e:38:e7:7a:a8:67:46:66:3f:
00:5b:23:06:c5:c2:44:b5:b5:e1:fe:50:29:3e:74:
26:e5:b7:5c:38:2f:2b:fc:a9:f1:98:12:e8:61:d4:
0e:ca:60:02:0a:b6:a6:00:dc:3e:44:7c:3a:d9:c6:
62:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:EC:47:D2:57:0A:69:7A:6E:07:DF:F9:41:F5:25:0A:FA:CB:6E:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/24
Signature Algorithm: sha256WithRSAEncryption
59:f4:05:5d:fe:59:7c:21:2a:a2:b0:42:b5:a6:47:6e:f6:8f:
51:37:27:eb:58:e1:eb:5b:c5:17:4e:16:0c:65:5f:dd:26:e8:
b8:39:b0:0f:77:6f:20:e6:e5:cf:60:51:79:fa:03:9d:2f:ac:
8d:05:58:78:58:90:2c:6d:93:df:94:97:4f:07:c4:14:11:0f:
1a:39:5c:ef:6b:1e:17:ba:97:95:f7:db:b3:db:b7:02:24:1c:
14:ee:af:5b:68:28:94:a7:05:87:0e:25:f8:ec:85:08:b6:ee:
0d:ee:23:3d:46:51:53:75:23:ec:7b:9d:79:71:93:cb:ea:4f:
18:d8:05:12:50:50:a4:c0:d8:c4:54:6c:0c:b6:ac:12:e4:9c:
03:99:ca:76:6c:5c:78:88:3d:9f:be:56:d4:b8:6e:52:38:ed:
45:5d:b9:18:e1:04:9d:67:37:b9:dd:f3:7e:a3:06:93:d7:10:
07:6b:9e:0b:50:d1:b1:5f:9d:bd:b5:4a:72:25:17:4c:b5:a9:
a2:57:68:d2:68:0c:72:62:44:2e:4c:37:59:80:20:83:84:21:
52:2c:2e:e4:18:c3:5c:6c:5a:a9:28:41:dd:b1:a7:79:9f:de:
6a:66:53:b8:13:22:86:9b:8e:4c:c0:5b:0d:00:67:a1:d4:fe:
e6:74:c6:71
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWfK7L3mR9ye4hfZ0QvOpYToH/sgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNDUyZTAyY2MwYjdiZjFkYzk1ZDJjYjNmMmQ2YzBkZjEzZDBlYzg5MmY1
MzgzMGQzNzMwMTNiZWI0NDk4NjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN79Np/NSmvH5Y4nQGvHFL/MVfq/ueLgR1GUuovErOI/VcJmYzxP0Pa+Lj/4
o1G0TQWoDhIkLaX6C2E0MZKX0akO7OixJa8v20RnR84E0Tk8HsDtQyYAKDZr4kqM
FqW3+Hc4lDFYL0THQGVXExXIFfBrZ3s05zp9mnk4J2uxmGSg/D4WhaXrR49OaUJ0
xvAzOTiY4vFrrTwsb6b6uF4dt+7SpK4cCw3X1oQZzV6ZuF78b/gmZLacub9a+Jx4
y1g+XK0fCWcqkuFkHjjneqhnRmY/AFsjBsXCRLW14f5QKT50JuW3XDgvK/yp8ZgS
6GHUDspgAgq2pgDcPkR8OtnGYt0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRK7EfS
Vwppem4H3/lB9SUK+stuajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZkMjAzMDMtODUzNy00N2M3LWJkNzUtOGRlYTAxNDg4YTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAWfQFXf5ZfCEqorBCtaZHbvaPUTcn61jh61vFF04W
DGVf3SbouDmwD3dvIOblz2BRefoDnS+sjQVYeFiQLG2T35SXTwfEFBEPGjlc72se
F7qXlffbs9u3AiQcFO6vW2golKcFhw4l+OyFCLbuDe4jPUZRU3Uj7HudeXGTy+pP
GNgFElBQpMDYxFRsDLasEuScA5nKdmxceIg9n75W1LhuUjjtRV25GOEEnWc3ud3z
fqMGk9cQB2ueC1DRsV+dvbVKciUXTLWpoldo0mgMcmJELkw3WYAgg4QhUiwu5BjD
XGxaqShB3bGneZ/eamZTuBMihpuOTMBbDQBnodT+5nTGcQ==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:26 2024 by rpki-client on console-ams.rpki-client.org