Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: +rGcT3+u0W6677OcKMG300nsKGxWrH+SOrWIPFnRXqc=
Subject key identifier: 72:6A:C4:60:05:F4:B6:01:2A:8A:42:51:8A:D6:9D:50:EA:D0:BD:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37972697251FAF6F1E8AD4862A002B65D550AEE8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:97:26:97:25:1f:af:6f:1e:8a:d4:86:2a:00:2b:65:d5:50:ae:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f00132989027d3c982ce99cab5d4bff19b4fc437f4d6ddb19bff06c060d40627, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6c:25:49:8d:d4:1b:f3:99:87:91:dc:49:ee:
54:8c:ea:c5:b5:11:eb:e4:7b:79:ce:09:3b:f8:6c:
f9:4d:9b:7e:76:e5:76:4c:96:9b:af:72:77:29:5e:
d0:47:0d:05:9f:c4:76:91:2a:77:b3:01:4e:e2:ff:
de:57:79:2b:26:6b:7f:20:b1:01:99:7c:e3:96:50:
00:05:15:d1:3b:4f:84:e2:7d:fc:64:80:13:4b:b5:
f0:cc:4a:a2:7c:6a:a2:2e:05:cb:57:95:b5:80:a2:
65:78:16:5b:cf:45:f9:db:1e:4f:c3:41:99:e5:89:
8a:07:0b:56:d5:77:ee:af:c0:db:72:f7:32:a8:26:
9c:b5:42:c6:ed:b7:5d:82:7e:eb:fe:64:e7:f0:24:
77:91:8d:f3:3c:c1:b8:04:23:18:f1:f5:0f:0a:a1:
a5:16:3a:f8:29:52:29:ff:e9:9b:59:6e:2e:10:f2:
74:be:72:34:4e:5a:1b:47:30:af:b2:08:44:26:96:
ae:c3:e0:8b:63:25:e5:d3:fc:d3:9c:ea:72:ff:f0:
b5:e2:8a:72:89:d2:a8:31:18:16:02:6e:3d:7d:0c:
a0:ac:2e:2f:a5:08:a5:6b:16:2b:a1:90:b2:4c:11:
e1:26:13:09:d2:69:e5:da:07:9e:72:f0:a2:89:11:
db:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6A:C4:60:05:F4:B6:01:2A:8A:42:51:8A:D6:9D:50:EA:D0:BD:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:0e:a4:d5:8b:eb:59:63:2e:82:f0:ef:de:96:c1:e4:e2:3b:
cf:67:06:a3:d3:79:80:b7:1f:a4:69:52:b5:fb:ca:ab:a9:a3:
6e:c4:94:f1:76:85:d7:f8:22:58:06:92:04:c1:e2:b0:b2:a3:
58:3f:70:ef:5c:64:e1:e5:48:98:be:7a:1e:ac:d5:bd:cf:95:
c9:c0:54:51:63:39:f5:7a:86:be:00:7b:1b:7b:5b:de:3c:26:
60:35:2e:7b:67:1d:2b:c9:c6:d4:13:93:f6:c6:62:70:d7:57:
81:35:1f:71:02:ea:bb:16:eb:ad:2b:41:9e:1e:a4:ba:4c:43:
3f:34:2c:8f:12:89:f9:27:0a:bf:da:ee:9f:b5:7d:40:7d:d9:
af:59:c9:c9:d6:ae:6f:2c:17:9e:98:0a:ac:eb:04:4d:cd:6d:
38:ae:e4:8c:ac:2f:fb:ba:7e:22:be:6b:30:40:54:a8:b2:4a:
5c:13:a2:32:83:aa:6a:3d:84:9a:1a:8b:e4:33:b3:00:bb:66:
e9:07:c6:e3:61:6f:a5:79:76:e7:a1:65:0b:41:13:c5:14:18:
cd:2f:6a:63:5a:35:6d:f7:18:6c:c9:5c:c3:8d:98:27:31:1b:
72:41:a2:55:b1:4f:88:ea:47:e6:ee:13:66:3b:46:7d:4c:75:
6a:d0:c1:c4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN5cmlyUfr28eitSGKgArZdVQrugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwMDEzMjk4OTAyN2QzYzk4MmNlOTljYWI1ZDRiZmYxOWI0ZmM0MzdmNGQ2
ZGRiMTliZmYwNmMwNjBkNDA2MjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxsJUmN1BvzmYeR3EnuVIzqxbUR6+R7ec4JO/hs+U2bfnbldkyWm69ydyle
0EcNBZ/EdpEqd7MBTuL/3ld5KyZrfyCxAZl845ZQAAUV0TtPhOJ9/GSAE0u18MxK
onxqoi4Fy1eVtYCiZXgWW89F+dseT8NBmeWJigcLVtV37q/A23L3MqgmnLVCxu23
XYJ+6/5k5/Akd5GN8zzBuAQjGPH1DwqhpRY6+ClSKf/pm1luLhDydL5yNE5aG0cw
r7IIRCaWrsPgi2Ml5dP805zqcv/wteKKconSqDEYFgJuPX0MoKwuL6UIpWsWK6GQ
skwR4SYTCdJp5doHnnLwookR2/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRyasRg
BfS2ASqKQlGK1p1Q6tC93TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQBXDqTVi+tZYy6C8O/elsHk4jvPZwaj03mAtx+kaVK1
+8qrqaNuxJTxdoXX+CJYBpIEweKwsqNYP3DvXGTh5UiYvnoerNW9z5XJwFRRYzn1
eoa+AHsbe1vePCZgNS57Zx0rycbUE5P2xmJw11eBNR9xAuq7FuutK0GeHqS6TEM/
NCyPEon5Jwq/2u6ftX1AfdmvWcnJ1q5vLBeemAqs6wRNzW04ruSMrC/7un4ivmsw
QFSoskpcE6Iyg6pqPYSaGovkM7MAu2bpB8bjYW+leXbnoWULQRPFFBjNL2pjWjVt
9xhsyVzDjZgnMRtyQaJVsU+I6kfm7hNmO0Z9THVq0MHE
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org