Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
File: 2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa (raw, json)
Hash identifier: koaxkgM1xnNGmg1H3oQnJcVGU1Vmds3wk1/zlKOtwXc=
Subject key identifier: 72:64:81:F7:23:66:62:DA:90:08:FF:74:86:C9:AF:31:CD:34:20:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7826222E94F3C553499655F90E0828AF9E33E706
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:26:22:2e:94:f3:c5:53:49:96:55:f9:0e:08:28:af:9e:33:e7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=9af5edd76a91c63c2017b5788e173a2e3424833ae02a269651ed02f497024fd2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:74:57:27:d2:be:ff:e0:90:94:3e:30:4b:ef:
a1:3a:f2:0c:9f:47:59:7e:01:ab:93:ca:03:dc:3f:
f0:51:1b:98:ab:fd:e3:99:92:fe:43:67:f2:58:e1:
af:b6:fb:5b:98:78:0b:c5:f9:6f:d0:2c:75:36:21:
60:22:3b:fb:ca:39:ba:83:d2:68:40:25:3a:f2:dc:
f3:28:6d:17:ee:0d:97:5f:c0:71:c9:a5:c6:de:c2:
2d:45:5e:bf:2c:50:30:bf:4d:32:a4:37:50:a6:14:
a8:93:dc:16:bc:d2:32:e8:11:47:4a:18:99:43:3c:
11:25:77:e9:b4:a9:1b:22:02:8f:2e:35:64:c9:42:
84:15:7a:d3:6a:26:2f:01:6c:b4:9f:48:86:e4:6a:
5f:5f:51:f9:dc:16:2b:21:d4:7f:b3:0d:6b:96:63:
d3:55:63:56:89:e1:a0:a4:97:bc:b0:5a:bc:c0:39:
ac:6a:81:2a:cc:75:3d:91:3d:ca:a2:1f:ab:9d:9c:
54:26:d4:2d:d6:2e:f2:f5:06:0b:08:e1:3c:b7:ac:
89:db:3a:d5:70:96:c9:58:6d:64:bf:9c:93:2d:d2:
14:9c:05:75:8d:b0:18:7b:e0:1e:9a:6e:44:1e:15:
77:58:d8:e5:49:65:90:16:9d:1f:65:08:6d:4b:b6:
c3:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:64:81:F7:23:66:62:DA:90:08:FF:74:86:C9:AF:31:CD:34:20:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:97:79:8e:ae:ee:54:b4:88:5d:c7:91:d7:ba:c8:46:6e:4a:
b3:97:a7:7c:3f:89:6c:bd:76:98:36:f1:c1:96:4a:94:73:0f:
c8:91:b8:bb:a8:56:41:b5:b3:5b:e1:a6:10:aa:58:6a:b4:0d:
f1:ee:22:b0:a9:5d:54:34:c9:33:ba:90:a6:a2:7a:a0:89:1f:
bd:fb:0e:cb:88:23:91:ff:79:b0:a8:eb:d1:b6:a7:80:db:ad:
10:04:1f:74:17:84:68:b3:54:0b:e5:15:86:73:f3:4f:73:76:
c1:7b:b9:03:fa:7a:bf:98:a9:72:b1:73:58:dd:4d:1e:17:5b:
9d:9e:15:ce:f4:1c:00:a0:f5:cc:88:38:ec:bc:1a:ed:42:3f:
7a:5f:85:fc:4d:9e:ee:aa:f7:e7:67:c9:dd:e2:3b:cb:c0:8f:
86:49:c3:ec:73:e6:13:ff:ad:0d:ec:82:99:fa:eb:cb:43:49:
6e:0f:82:52:78:f9:c7:7d:d5:6a:9a:e1:96:10:af:94:1f:b0:
77:a4:d1:d2:93:d0:5b:f4:c2:e4:a8:03:48:92:72:b4:5c:ea:
d0:e1:4a:9f:ca:8f:b5:ec:e8:35:19:7f:03:c9:00:da:86:30:
52:a8:88:6f:50:bb:4d:29:3b:fe:d5:de:f8:80:8b:ba:74:ae:
03:20:6d:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeCYiLpTzxVNJllX5Dggor54z5wYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZjVlZGQ3NmE5MWM2M2MyMDE3YjU3ODhlMTczYTJlMzQyNDgzM2FlMDJh
MjY5NjUxZWQwMmY0OTcwMjRmZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR0VyfSvv/gkJQ+MEvvoTryDJ9HWX4Bq5PKA9w/8FEbmKv945mS/kNn8ljh
r7b7W5h4C8X5b9AsdTYhYCI7+8o5uoPSaEAlOvLc8yhtF+4Nl1/Accmlxt7CLUVe
vyxQML9NMqQ3UKYUqJPcFrzSMugRR0oYmUM8ESV36bSpGyICjy41ZMlChBV602om
LwFstJ9IhuRqX19R+dwWKyHUf7MNa5Zj01VjVonhoKSXvLBavMA5rGqBKsx1PZE9
yqIfq52cVCbULdYu8vUGCwjhPLesids61XCWyVhtZL+cky3SFJwFdY2wGHvgHppu
RB4Vd1jY5UllkBadH2UIbUu2wzsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRyZIH3
I2Zi2pAI/3SGya8xzTQgFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmUxMzcwYTYtOGRhNC00YjQ2LWE5ZTAtZjBmNmRjODdkOWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQBcl3mOru5UtIhdx5HXushGbkqzl6d8P4lsvXaYNvHB
lkqUcw/Ikbi7qFZBtbNb4aYQqlhqtA3x7iKwqV1UNMkzupCmonqgiR+9+w7LiCOR
/3mwqOvRtqeA260QBB90F4Ros1QL5RWGc/NPc3bBe7kD+nq/mKlysXNY3U0eF1ud
nhXO9BwAoPXMiDjsvBrtQj96X4X8TZ7uqvfnZ8nd4jvLwI+GScPsc+YT/60N7IKZ
+uvLQ0luD4JSePnHfdVqmuGWEK+UH7B3pNHSk9Bb9MLkqANIknK0XOrQ4Uqfyo+1
7Og1GX8DyQDahjBSqIhvULtNKTv+1d74gIu6dK4DIG3x
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org