Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
File: 3558ad32-215e-47a4-9f5b-477ec71e940f.roa (raw, json)
Hash identifier: 2BY/b/v/OicPcr/bS81MQq4ecXKXL2SyV8QZAz0HuUA=
Subject key identifier: 82:85:DD:4E:F3:D2:EF:C7:BC:12:CC:07:3A:03:5C:EA:EE:A6:D6:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79691ED984E5BC122D49F8CE95BF0A6CBB0B7B9E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:69:1e:d9:84:e5:bc:12:2d:49:f8:ce:95:bf:0a:6c:bb:0b:7b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=d4918b2c01acf92fb229786f08589fc2f71b6268aa15284ea8c01ccfef94ef52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5f:0e:a2:ad:37:d7:eb:ba:7b:57:1d:06:c9:
59:94:74:99:09:6a:a9:b9:5c:16:66:75:a5:1c:fd:
31:db:6a:c2:8c:e6:ea:ce:09:93:f6:35:3a:a6:ca:
a1:23:4f:c2:1e:97:e2:c7:2c:76:d9:7d:1b:a9:47:
29:01:61:2e:0e:5a:1b:7e:58:7e:b2:e8:3b:33:51:
4c:7d:fe:b6:70:48:21:52:5a:52:8e:2e:f2:97:0c:
48:8d:74:4a:59:f4:5e:df:a4:06:3f:75:6e:66:1f:
20:ff:d3:3c:a6:c8:05:ea:71:08:21:bc:e3:79:db:
e3:ae:99:5c:a1:93:ac:a6:12:08:53:ec:8f:41:e2:
bb:51:cc:19:eb:83:bb:59:da:f0:d2:a3:44:c3:fe:
5b:ba:81:ac:08:30:cf:2c:62:45:e6:74:67:ae:82:
de:30:63:4e:83:89:f1:56:c6:a0:7e:49:9e:5d:57:
29:5e:21:d8:ca:f2:0d:b9:2b:81:d7:c7:d1:93:30:
2f:e2:eb:59:0d:9a:79:0e:0c:e5:6c:62:cb:e0:60:
4f:16:81:29:ab:b2:34:a8:a8:d9:ca:58:97:b2:31:
93:37:a2:c6:88:59:a8:22:7d:1a:b7:67:0f:ca:11:
c0:38:27:78:2f:b4:8f:6e:8d:56:99:85:19:24:42:
46:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:85:DD:4E:F3:D2:EF:C7:BC:12:CC:07:3A:03:5C:EA:EE:A6:D6:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:3::/48
Signature Algorithm: sha256WithRSAEncryption
4a:ee:9c:96:ec:59:b3:07:48:9e:3d:1e:cf:12:12:25:bc:85:
60:ef:99:e2:10:75:8d:97:e1:f1:63:14:6d:3a:51:8c:0a:c6:
a4:66:9f:3b:de:73:71:2e:26:71:51:b2:20:9f:91:cd:8f:24:
90:a5:6b:45:aa:ec:70:81:a6:27:9f:7e:9f:6e:e9:f4:c8:67:
12:ad:fa:5e:82:df:8c:54:fb:6e:a1:d0:93:71:7a:3a:d9:f5:
7c:27:e9:12:78:9b:36:db:c8:9f:bd:34:72:4a:09:49:cf:e3:
7b:32:88:89:40:d5:d6:7a:7a:ae:7e:cb:5a:c6:10:4c:7a:ea:
22:17:b5:12:d5:66:cd:42:59:86:88:b4:e4:b2:71:84:2a:3b:
9e:f3:d4:28:c4:2d:e0:fb:02:9c:fe:55:a5:b5:95:c1:21:97:
22:7f:1b:98:2d:21:e1:61:b6:b1:90:c1:a1:68:d4:52:78:ee:
3f:19:37:76:51:a8:83:c4:35:41:2b:12:0a:54:25:9e:37:89:
40:ce:2f:1b:0b:4b:94:62:fb:86:84:99:04:40:4d:9d:98:c1:
1b:c2:15:6b:22:f2:52:7d:bd:11:cd:2f:18:df:c9:ae:12:be:
4f:a1:a5:0d:51:94:56:02:45:7b:3c:fb:64:30:61:02:91:02:
bd:e4:03:ff
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeWke2YTlvBItSfjOlb8KbLsLe54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0OTE4YjJjMDFhY2Y5MmZiMjI5Nzg2ZjA4NTg5ZmMyZjcxYjYyNjhhYTE1
Mjg0ZWE4YzAxY2NmZWY5NGVmNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1fDqKtN9fruntXHQbJWZR0mQlqqblcFmZ1pRz9Mdtqwozm6s4Jk/Y1OqbK
oSNPwh6X4scsdtl9G6lHKQFhLg5aG35YfrLoOzNRTH3+tnBIIVJaUo4u8pcMSI10
Sln0Xt+kBj91bmYfIP/TPKbIBepxCCG843nb466ZXKGTrKYSCFPsj0Hiu1HMGeuD
u1na8NKjRMP+W7qBrAgwzyxiReZ0Z66C3jBjToOJ8VbGoH5Jnl1XKV4h2MryDbkr
gdfH0ZMwL+LrWQ2aeQ4M5Wxiy+BgTxaBKauyNKio2cpYl7IxkzeixohZqCJ9Grdn
D8oRwDgneC+0j26NVpmFGSRCRkECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSChd1O
89Lvx7wSzAc6A1zq7qbWkDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzU1OGFkMzItMjE1ZS00N2E0LTlmNWItNDc3ZWM3MWU5NDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
AzANBgkqhkiG9w0BAQsFAAOCAQEASu6cluxZswdInj0ezxISJbyFYO+Z4hB1jZfh
8WMUbTpRjArGpGafO95zcS4mcVGyIJ+RzY8kkKVrRarscIGmJ59+n27p9MhnEq36
XoLfjFT7bqHQk3F6Otn1fCfpEnibNtvIn700ckoJSc/jezKIiUDV1np6rn7LWsYQ
THrqIhe1EtVmzUJZhoi05LJxhCo7nvPUKMQt4PsCnP5VpbWVwSGXIn8bmC0h4WG2
sZDBoWjUUnjuPxk3dlGog8Q1QSsSClQlnjeJQM4vGwtLlGL7hoSZBEBNnZjBG8IV
ayLyUn29Ec0vGN/JrhK+T6GlDVGUVgJFezz7ZDBhApECveQD/w==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org