Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: aDa3jYv0M45lB5hHxqVUvwdr02ptnQ4Hf7KYEyJOe08=
Subject key identifier: 21:64:8C:96:7D:0B:C3:7C:42:65:55:C1:D2:66:33:57:A3:A4:37:22
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 312CE5ED8D081319E6C83C6A757B7B14B6306073
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:2c:e5:ed:8d:08:13:19:e6:c8:3c:6a:75:7b:7b:14:b6:30:60:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=acb3e1cf8d0c8300f8b5cf9cfab7c5bdafcd799b56138979ba0f650fe6282db5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:48:4b:f0:6b:45:73:a4:70:01:95:37:af:
c9:c8:66:4f:fe:7d:65:5f:ba:4b:24:3f:bb:86:db:
83:4b:30:5e:91:cd:de:58:69:e5:1e:9b:c9:61:8a:
0e:65:cd:41:30:a2:57:8a:fd:3c:5f:81:81:31:75:
7d:4b:f5:9a:e8:9d:49:f5:09:8a:3b:93:37:bd:db:
7f:1c:6d:51:8f:f9:46:15:6c:ef:de:be:e5:a7:37:
50:98:98:bd:db:1f:5c:be:62:68:e4:d3:72:c1:62:
c7:9b:20:15:24:9e:ea:34:5a:3e:6b:6c:b4:21:92:
6f:cd:13:b4:ec:6e:ca:ec:fe:be:ab:37:b8:56:b9:
51:ba:90:9b:1a:7f:83:58:06:0f:a4:1a:3d:fc:a5:
5a:90:d2:b0:21:2a:a9:09:f1:cc:bb:77:9e:4a:14:
36:da:b2:72:b8:3c:87:bb:22:89:ec:b6:d4:b4:b7:
8f:3f:18:ac:c5:80:6d:8c:a1:78:9e:e8:cf:18:de:
ec:4b:25:0e:e5:19:6e:e0:81:e8:9b:69:2d:76:c4:
dd:95:39:c4:d4:ee:9d:84:b6:d0:17:f5:ca:1f:fb:
2e:df:82:2a:a6:b4:d6:07:e3:fd:3d:55:63:21:f5:
bb:92:49:57:ef:8e:25:19:43:ac:88:84:7a:98:8e:
89:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:64:8C:96:7D:0B:C3:7C:42:65:55:C1:D2:66:33:57:A3:A4:37:22
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:bb:de:14:65:bc:37:d5:be:c1:cf:97:28:28:b4:39:43:7b:
37:e7:8b:aa:1b:f4:54:0a:ca:23:5f:21:ef:50:3d:29:56:0b:
ed:c9:1e:04:f9:f8:6c:00:5b:4e:96:1f:e3:a6:cd:40:ef:19:
48:e9:b6:d4:f7:7d:6a:ab:85:06:b6:3a:ac:fb:c6:1b:59:09:
28:32:1b:ff:4c:e4:a7:13:05:6c:c6:1b:d9:b8:52:e4:9e:46:
76:0c:7e:da:8c:5c:7f:b3:54:d7:b8:31:0f:e5:fe:3f:9d:00:
25:ae:19:3d:31:cb:d8:27:f2:bf:31:e5:4f:26:5c:ff:95:1a:
88:b7:cd:5d:23:9e:43:66:fb:4a:0b:1e:c5:29:c1:15:65:8a:
1a:8d:d6:62:a7:81:12:92:71:e1:a3:9a:57:bd:ac:15:0b:4e:
7a:99:c8:c9:20:a9:ae:ae:70:ba:eb:8c:67:1a:f1:cd:3a:a7:
0d:e4:e9:ea:3a:61:6d:42:98:91:ab:b8:82:96:ea:7e:51:aa:
3a:91:a6:42:0a:3b:fe:fb:e1:43:be:b7:da:e8:ad:56:b7:97:
4f:75:e3:c1:e8:3d:60:37:3a:d4:05:cb:3b:73:5f:ea:94:a6:
ae:d0:a8:37:61:f1:98:71:79:4e:b1:1b:ac:a1:43:c3:03:6c:
24:ba:c5:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMSzl7Y0IExnmyDxqdXt7FLYwYHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjYjNlMWNmOGQwYzgzMDBmOGI1Y2Y5Y2ZhYjdjNWJkYWZjZDc5OWI1NjEz
ODk3OWJhMGY2NTBmZTYyODJkYjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn0SEvwa0VzpHABlTevychmT/59ZV+6SyQ/u4bbg0swXpHN3lhp5R6byWGK
DmXNQTCiV4r9PF+BgTF1fUv1muidSfUJijuTN73bfxxtUY/5RhVs796+5ac3UJiY
vdsfXL5iaOTTcsFix5sgFSSe6jRaPmtstCGSb80TtOxuyuz+vqs3uFa5UbqQmxp/
g1gGD6QaPfylWpDSsCEqqQnxzLt3nkoUNtqycrg8h7siiey21LS3jz8YrMWAbYyh
eJ7ozxje7EslDuUZbuCB6JtpLXbE3ZU5xNTunYS20Bf1yh/7Lt+CKqa01gfj/T1V
YyH1u5JJV++OJRlDrIiEepiOiV8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQhZIyW
fQvDfEJlVcHSZjNXo6Q3IjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQCTu94UZbw31b7Bz5coKLQ5Q3s354uqG/RUCsojXyHv
UD0pVgvtyR4E+fhsAFtOlh/jps1A7xlI6bbU931qq4UGtjqs+8YbWQkoMhv/TOSn
EwVsxhvZuFLknkZ2DH7ajFx/s1TXuDEP5f4/nQAlrhk9McvYJ/K/MeVPJlz/lRqI
t81dI55DZvtKCx7FKcEVZYoajdZip4ESknHho5pXvawVC056mcjJIKmurnC664xn
GvHNOqcN5OnqOmFtQpiRq7iClup+Uao6kaZCCjv+++FDvrfa6K1Wt5dPdePB6D1g
NzrUBcs7c1/qlKau0Kg3YfGYcXlOsRusoUPDA2wkusXF
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org