Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: WsjY+jRWhebpBiEo1Y2gJ5nqOyvj+uGbc0FWTSJJTHs=
Subject key identifier: 5A:EE:D8:CA:87:70:F5:AE:5F:1B:24:57:8B:51:71:62:44:44:62:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D4FD5C2B483BFE99836E9F16EAC13F7E9A8BBA5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:4f:d5:c2:b4:83:bf:e9:98:36:e9:f1:6e:ac:13:f7:e9:a8:bb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=74359b947b89e31f222aac6be77de4eff3603544d9d648bb39e6069fa2f17b98, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f8:d4:9c:1b:f7:2d:45:d7:65:8a:93:56:0e:
0e:fb:ea:c2:76:3f:8e:41:1c:05:9b:8c:34:c9:ad:
48:e7:d4:12:89:a6:c3:00:9b:46:19:21:5d:c3:c6:
32:bc:f1:17:9c:d0:98:2d:55:32:03:33:6f:be:8e:
34:83:6e:a9:0f:61:6c:48:1a:2c:2e:41:03:a0:cf:
f8:84:48:92:42:71:63:69:03:22:1b:46:41:91:e8:
49:ce:b0:8f:93:6c:24:1a:c2:e3:a3:f0:25:08:2e:
2e:59:29:d7:f4:2c:7b:ae:c8:dd:a6:40:0f:25:68:
23:7b:39:d3:d9:c4:a8:94:0b:66:9c:91:d0:44:ba:
97:63:84:94:9e:24:4c:ef:0d:95:9e:7d:2e:3a:3b:
d7:97:2f:9f:0b:27:f7:c5:bb:97:27:1c:7c:07:c3:
51:12:4e:d0:55:e1:a9:57:60:66:70:05:e1:4c:f5:
44:f2:4e:75:25:e1:6f:e5:89:d3:56:97:25:fd:ab:
25:b4:1c:88:12:c4:36:aa:34:2e:f1:f8:56:f0:79:
5e:d3:08:e1:f4:b0:cc:8c:13:86:da:05:54:c1:cf:
a0:7c:d9:cc:9c:16:2b:4c:68:a1:87:22:1d:9d:8b:
e1:53:f3:8e:69:3b:af:44:2b:1d:62:46:08:e6:2f:
fe:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:EE:D8:CA:87:70:F5:AE:5F:1B:24:57:8B:51:71:62:44:44:62:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:17:ee:73:83:55:b5:b8:79:cb:b2:84:76:65:e2:a0:0a:1e:
92:21:0b:13:63:15:77:12:57:c8:15:20:e4:02:7b:a9:dc:c3:
05:59:e1:af:50:2d:13:ee:b6:17:cf:be:73:88:0a:6a:3a:c2:
80:a0:9d:c4:16:c7:90:cc:c3:5a:5c:9e:bd:b9:62:eb:43:e8:
bd:74:44:7b:41:e8:80:ea:e0:25:bb:5c:ee:e2:4d:3a:e7:76:
4d:31:3b:93:31:20:ec:ac:f1:20:86:dd:81:97:61:bf:19:c9:
96:6b:0a:41:f4:c3:67:03:d1:9c:be:c3:a4:b7:ff:e1:ef:bb:
df:8d:7c:63:fe:d3:02:56:19:b6:bb:d1:0b:8c:0b:4d:74:7a:
e7:12:ec:6e:97:a5:f8:74:3c:88:b1:6c:97:1f:be:e1:99:aa:
8a:e6:16:50:67:fe:ed:d2:b5:f8:d3:86:8c:c8:a6:b0:4b:58:
cc:69:8a:7f:35:de:29:7f:91:da:7c:83:20:97:a6:09:d6:43:
50:cb:18:8d:d6:2c:e4:d9:0c:8d:97:cd:e7:f2:6e:ca:c5:cb:
43:14:dd:fb:69:0b:14:fb:81:90:6a:b1:85:72:ea:bd:87:d8:
a7:df:87:68:ce:5b:bc:4e:b1:29:14:06:c6:b5:21:0b:fb:4d:
96:45:c5:21
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDU/VwrSDv+mYNunxbqwT9+mou6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0MzU5Yjk0N2I4OWUzMWYyMjJhYWM2YmU3N2RlNGVmZjM2MDM1NDRkOWQ2
NDhiYjM5ZTYwNjlmYTJmMTdiOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMH41Jwb9y1F12WKk1YODvvqwnY/jkEcBZuMNMmtSOfUEommwwCbRhkhXcPG
MrzxF5zQmC1VMgMzb76ONINuqQ9hbEgaLC5BA6DP+IRIkkJxY2kDIhtGQZHoSc6w
j5NsJBrC46PwJQguLlkp1/Qse67I3aZADyVoI3s509nEqJQLZpyR0ES6l2OElJ4k
TO8NlZ59Ljo715cvnwsn98W7lyccfAfDURJO0FXhqVdgZnAF4Uz1RPJOdSXhb+WJ
01aXJf2rJbQciBLENqo0LvH4VvB5XtMI4fSwzIwThtoFVMHPoHzZzJwWK0xooYci
HZ2L4VPzjmk7r0QrHWJGCOYv/jsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRa7tjK
h3D1rl8bJFeLUXFiRERiNjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAfRfuc4NVtbh5y7KEdmXioAoekiELE2MVdxJXyBUg
5AJ7qdzDBVnhr1AtE+62F8++c4gKajrCgKCdxBbHkMzDWlyevbli60PovXREe0Ho
gOrgJbtc7uJNOud2TTE7kzEg7KzxIIbdgZdhvxnJlmsKQfTDZwPRnL7DpLf/4e+7
3418Y/7TAlYZtrvRC4wLTXR65xLsbpel+HQ8iLFslx++4ZmqiuYWUGf+7dK1+NOG
jMimsEtYzGmKfzXeKX+R2nyDIJemCdZDUMsYjdYs5NkMjZfN5/JuysXLQxTd+2kL
FPuBkGqxhXLqvYfYp9+HaM5bvE6xKRQGxrUhC/tNlkXFIQ==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org