Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
File: 2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa (raw, json)
Hash identifier: +JEgShWhFEA8F4jTcVp9w2mexwZklMh2+0XfAI0gXDk=
Subject key identifier: 51:1C:38:67:BD:7C:E1:D1:E0:4A:B9:D0:D8:B4:D7:B8:B6:7A:91:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66C3F4D9F4369CE7D7699746DC673E03E98DF17F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:c3:f4:d9:f4:36:9c:e7:d7:69:97:46:dc:67:3e:03:e9:8d:f1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=136b37ef5f61c90e84958ac6a1472ea8262a16df5e0856fb841b82df4b91e45d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9a:3b:f9:6c:03:b4:15:60:51:d7:ff:c6:dc:
bc:e4:45:ad:1f:2e:5c:9a:b3:f0:fb:fd:36:17:7e:
b6:6c:ae:ab:4c:9d:db:77:1e:9f:23:62:37:93:3e:
62:2d:32:da:31:0a:c9:ed:e3:1b:83:de:a7:77:c0:
9d:6f:11:6c:69:58:1d:7b:9a:d1:84:02:53:7a:2d:
1a:12:d9:70:e7:02:9b:ad:84:7b:b6:be:6f:3f:79:
07:0f:49:85:06:62:92:cf:92:03:47:6a:5d:57:4c:
ca:b0:43:40:6a:8e:b7:80:a5:8b:c2:52:b4:8b:c3:
59:42:58:54:6e:1d:1f:dc:bb:a0:b9:15:3e:7a:c8:
e4:a0:09:9a:57:99:5e:a4:0e:f4:ed:fd:28:ee:12:
96:06:87:ff:30:21:67:37:b3:4f:09:be:0d:62:99:
ab:8e:99:3c:89:8a:66:fd:55:18:5f:a2:62:3f:43:
f9:15:0a:24:f2:31:61:8f:2b:24:75:9d:bd:ac:c8:
8c:34:e1:f8:b0:2c:33:a9:f1:e1:33:f2:c8:95:f3:
a9:98:99:aa:07:00:d5:c2:85:b2:c3:59:66:4b:98:
e9:89:1c:27:d7:32:a3:16:2b:53:cc:11:3e:44:e3:
bd:53:3c:34:9a:6f:24:ed:50:51:45:34:e8:55:f8:
fd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1C:38:67:BD:7C:E1:D1:E0:4A:B9:D0:D8:B4:D7:B8:B6:7A:91:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e4c2934-9e54-49b6-bb41-7c76b504d78c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
58:c8:c6:8b:18:4f:5a:69:8e:c3:7b:9e:72:8c:b9:c6:2a:79:
d9:ad:48:c8:24:48:7f:4a:2d:5e:4f:d2:05:df:40:0d:5d:89:
27:2b:bf:58:be:6c:c6:1f:0d:62:f9:8b:5c:0b:36:c6:58:2a:
c0:4b:46:5f:4f:a5:2b:a5:3b:e9:6a:6d:2b:ce:db:6c:01:ac:
df:dc:3a:46:00:e1:d7:17:81:2f:fe:1d:81:c9:ba:c1:f8:82:
37:15:dc:73:6f:4f:76:5c:33:ce:b8:ca:8e:53:ca:e5:34:6d:
37:a9:b4:1c:ba:88:b8:40:d4:08:a1:4e:9c:86:70:24:36:91:
09:cf:65:a0:8f:04:7b:35:83:2f:1c:b5:a2:20:fd:cc:5b:5d:
9f:75:08:c4:e6:e8:d6:fe:09:88:21:05:ac:12:93:8a:22:83:
04:57:cf:1e:41:04:fe:d2:02:2f:3d:f2:bf:d0:63:b9:d1:de:
39:f0:d9:34:fb:c8:14:7f:eb:53:b1:ed:dc:93:f7:94:c8:30:
44:dc:06:75:36:1c:5c:7d:90:95:e5:e8:26:1d:86:cb:1b:95:
4f:db:4d:02:de:82:52:9d:da:3c:71:99:ac:dc:53:4d:5c:a2:
ca:79:16:8e:c6:88:11:a7:e2:6f:b3:ac:48:fb:ae:aa:e6:69:
7e:7b:ca:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZsP02fQ2nOfXaZdG3Gc+A+mN8X8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNmIzN2VmNWY2MWM5MGU4NDk1OGFjNmExNDcyZWE4MjYyYTE2ZGY1ZTA4
NTZmYjg0MWI4MmRmNGI5MWU0NWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGaO/lsA7QVYFHX/8bcvORFrR8uXJqz8Pv9Nhd+tmyuq0yd23cenyNiN5M+
Yi0y2jEKye3jG4Pep3fAnW8RbGlYHXua0YQCU3otGhLZcOcCm62Ee7a+bz95Bw9J
hQZiks+SA0dqXVdMyrBDQGqOt4Cli8JStIvDWUJYVG4dH9y7oLkVPnrI5KAJmleZ
XqQO9O39KO4SlgaH/zAhZzezTwm+DWKZq46ZPImKZv1VGF+iYj9D+RUKJPIxYY8r
JHWdvazIjDTh+LAsM6nx4TPyyJXzqZiZqgcA1cKFssNZZkuY6YkcJ9cyoxYrU8wR
PkTjvVM8NJpvJO1QUUU06FX4/WMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRRHDhn
vXzh0eBKudDYtNe4tnqRUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmU0YzI5MzQtOWU1NC00OWI2LWJiNDEtN2M3NmI1MDRkNzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAWMjGixhPWmmOw3uecoy5xip52a1IyCRIf0ot
Xk/SBd9ADV2JJyu/WL5sxh8NYvmLXAs2xlgqwEtGX0+lK6U76WptK87bbAGs39w6
RgDh1xeBL/4dgcm6wfiCNxXcc29PdlwzzrjKjlPK5TRtN6m0HLqIuEDUCKFOnIZw
JDaRCc9loI8EezWDLxy1oiD9zFtdn3UIxObo1v4JiCEFrBKTiiKDBFfPHkEE/tIC
Lz3yv9BjudHeOfDZNPvIFH/rU7Ht3JP3lMgwRNwGdTYcXH2QleXoJh2GyxuVT9tN
At6CUp3aPHGZrNxTTVyiynkWjsaIEafib7OsSPuuquZpfnvK1w==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org