Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4357bcd8-5973-4f9d-968f-660b17590f0e.roa
File: 4357bcd8-5973-4f9d-968f-660b17590f0e.roa (raw, json)
Hash identifier: 1jS+2JiHRn+4A3qr89VKRMxoWjXm7BgaIwPYF1huGvM=
Subject key identifier: D6:54:BD:40:5D:4B:EA:5E:C0:8B:AB:B5:1F:23:91:6A:20:88:33:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 432C066D61E3A8F358F785DB53B6D7919C97446D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4357bcd8-5973-4f9d-968f-660b17590f0e.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:2c:06:6d:61:e3:a8:f3:58:f7:85:db:53:b6:d7:91:9c:97:44:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=86707f7f7eb44a0fe4c9a3477e7c6773ecabf90793c1a898e7445bcc00293473, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:d3:fc:b6:5d:5b:82:04:a9:6b:0f:6a:7d:
15:d3:80:89:77:f5:00:cf:e9:aa:5a:bf:54:71:96:
98:0a:5d:ed:f8:d1:c5:ae:c8:46:44:a1:1a:e7:f6:
ac:2c:eb:6f:f4:d6:d5:37:cb:b6:df:79:14:47:f5:
f2:bf:51:62:d3:d5:9d:1a:64:55:cf:07:5d:6f:12:
52:4e:47:f3:4e:a3:f8:1d:ca:69:7c:3a:a8:3a:90:
5c:05:77:71:5b:3c:eb:e2:be:73:de:fb:03:a3:5d:
e6:ab:c3:7c:73:09:88:a8:46:ed:5c:c4:28:bf:3e:
db:1e:18:26:a2:b9:8e:96:05:71:ad:3f:18:e6:de:
ac:4d:eb:7e:08:b8:25:af:e1:af:22:37:50:70:43:
1d:86:aa:f3:41:7f:8f:2f:39:14:cb:41:dc:fd:f3:
43:fc:e1:60:23:1f:88:0b:d6:2d:62:f8:5b:4b:c1:
41:d6:d6:0c:1d:bb:1e:b7:b8:13:42:34:4d:1d:53:
b5:cd:ed:27:81:93:b3:2a:6a:af:7e:c9:1c:82:67:
06:90:74:11:17:a5:e1:2f:ce:3d:48:20:85:f7:1c:
f7:38:96:56:d0:e4:1c:e4:1f:67:7c:03:20:0a:e7:
22:da:de:f6:51:19:c4:e6:bd:c4:f4:3f:5f:69:4b:
13:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:54:BD:40:5D:4B:EA:5E:C0:8B:AB:B5:1F:23:91:6A:20:88:33:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4357bcd8-5973-4f9d-968f-660b17590f0e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
36:20:bf:35:8c:85:9c:73:a9:55:10:5f:6c:45:c2:10:31:23:
1d:94:a8:57:5e:f1:56:71:24:15:04:49:81:92:43:f0:73:1b:
ba:ad:29:01:e9:3a:63:c5:cd:04:dc:10:60:31:a4:1e:e7:70:
44:b0:e2:f0:41:c8:7d:6a:41:37:3a:e4:dd:98:55:2a:d0:58:
65:ee:13:50:0b:3e:9d:1e:7a:2f:4d:ba:c7:91:f3:b4:03:a9:
07:48:09:6b:72:47:ce:a2:26:b1:63:9b:0b:37:01:8d:f7:17:
9d:83:b9:af:97:62:e8:e1:73:a7:4a:94:39:d3:cf:af:66:a8:
57:d9:5e:ff:ea:3d:65:6d:ea:30:7d:a1:bb:e9:94:3d:9e:2b:
a6:c7:3b:50:ce:8e:7a:43:b9:62:04:42:78:16:b9:cc:7d:9a:
88:17:2c:e1:b6:1e:82:76:3a:9a:82:5d:88:59:f8:44:14:ca:
eb:b6:8d:7c:fe:aa:28:b8:98:2f:6b:b5:e5:e3:45:00:ee:05:
36:08:0a:91:f6:2b:2e:09:0f:16:7a:30:24:10:e2:37:ca:2c:
61:9c:6a:fb:07:df:2c:28:5c:49:db:96:ab:c7:5f:57:e2:48:
46:a3:48:8b:cd:97:81:6f:71:75:2a:f4:e9:01:a6:31:e4:f1:
40:54:87:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQywGbWHjqPNY94XbU7bXkZyXRG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2NzA3ZjdmN2ViNDRhMGZlNGM5YTM0NzdlN2M2NzczZWNhYmY5MDc5M2Mx
YTg5OGU3NDQ1YmNjMDAyOTM0NzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKii0/y2XVuCBKlrD2p9FdOAiXf1AM/pqlq/VHGWmApd7fjRxa7IRkShGuf2
rCzrb/TW1TfLtt95FEf18r9RYtPVnRpkVc8HXW8SUk5H806j+B3KaXw6qDqQXAV3
cVs86+K+c977A6Nd5qvDfHMJiKhG7VzEKL8+2x4YJqK5jpYFca0/GOberE3rfgi4
Ja/hryI3UHBDHYaq80F/jy85FMtB3P3zQ/zhYCMfiAvWLWL4W0vBQdbWDB27Hre4
E0I0TR1Ttc3tJ4GTsypqr37JHIJnBpB0ERel4S/OPUgghfcc9ziWVtDkHOQfZ3wD
IArnItre9lEZxOa9xPQ/X2lLE5kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTWVL1A
XUvqXsCLq7UfI5FqIIgz0jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDM1N2JjZDgtNTk3My00ZjlkLTk2OGYtNjYwYjE3NTkwZjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEANiC/NYyFnHOpVRBfbEXCEDEjHZSoV17xVnEkFQRJ
gZJD8HMbuq0pAek6Y8XNBNwQYDGkHudwRLDi8EHIfWpBNzrk3ZhVKtBYZe4TUAs+
nR56L026x5HztAOpB0gJa3JHzqImsWObCzcBjfcXnYO5r5di6OFzp0qUOdPPr2ao
V9le/+o9ZW3qMH2hu+mUPZ4rpsc7UM6OekO5YgRCeBa5zH2aiBcs4bYegnY6moJd
iFn4RBTK67aNfP6qKLiYL2u15eNFAO4FNggKkfYrLgkPFnowJBDiN8osYZxq+wff
LChcSduWq8dfV+JIRqNIi82XgW9xdSr06QGmMeTxQFSHuw==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org