Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
File: 49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa (raw, json)
Hash identifier: TX81Us68zCcYQ5Qz5/h3aR0FUy50tFYr+jF6s3umZus=
Subject key identifier: 88:EF:06:60:CE:89:7D:73:41:D2:25:39:40:1F:03:56:34:FC:37:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B0E4EAE26080DF23113FCAABA784BC09C046362
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:0e:4e:ae:26:08:0d:f2:31:13:fc:aa:ba:78:4b:c0:9c:04:63:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=22039f008f089b8d637a51a99a92b9d427847f81ada25d04abfd95724c33e860, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7d:2f:f4:b5:28:95:02:6e:e8:3f:57:b1:b9:
8f:00:43:1c:02:60:74:e4:79:22:03:87:11:9a:92:
5b:e4:ab:79:3d:7c:21:bd:7c:e9:14:01:56:38:cf:
c9:3d:b0:e0:b4:af:c1:e5:dc:c4:a4:2e:22:9f:73:
77:5c:7a:19:dc:f4:cc:7c:20:01:8a:51:51:8e:2e:
6a:b0:f3:04:a4:e8:8c:56:55:21:f2:bf:6e:3f:70:
91:99:2d:a9:a5:ea:0a:33:2f:20:c0:10:d4:63:cf:
47:72:56:f5:41:dc:a4:b6:70:88:c0:8b:ff:0f:1e:
ac:6a:53:a7:7d:d7:c0:d0:01:de:13:3e:3a:40:94:
e2:53:38:bb:ad:cd:ad:d5:84:25:5c:4f:06:23:86:
89:3b:06:c8:46:d5:0c:0a:b4:53:69:3a:f6:2c:8f:
2e:70:b9:3f:fc:68:e2:16:79:ac:a0:00:d0:b8:eb:
99:b9:be:e0:3f:aa:29:73:03:f7:0b:b2:f4:89:9e:
3e:3b:70:a8:82:9f:43:f4:7c:66:cd:06:40:5d:22:
63:37:49:f4:a8:79:25:57:48:20:ba:1e:6a:21:4b:
42:62:b8:6b:b6:f8:45:ac:ff:67:eb:b4:b2:45:d7:
08:86:f0:a0:82:90:0f:b0:63:ee:4a:ff:71:b2:a8:
73:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EF:06:60:CE:89:7D:73:41:D2:25:39:40:1F:03:56:34:FC:37:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:df:31:64:b3:73:00:47:95:d4:ff:30:f0:da:cf:ab:cc:61:
5a:37:40:f5:de:9e:c4:5d:c0:87:86:06:8b:44:a8:95:a5:77:
57:39:d8:7d:c6:7e:40:e8:c5:c6:1c:3c:de:90:4e:02:34:e2:
d8:94:43:2c:06:83:23:a2:4d:48:66:e4:09:29:46:db:e3:e3:
3a:f2:c1:05:25:d1:1f:f3:84:c2:21:41:54:26:c2:6d:1d:16:
71:44:3b:32:82:35:46:45:01:80:e7:98:41:b4:eb:8b:aa:2c:
64:24:58:e8:9f:35:69:bd:9d:e1:1f:ff:75:2f:5f:2e:74:3f:
19:22:2b:a0:ae:5a:b7:b1:76:2d:7e:37:17:a5:54:a9:38:ff:
a6:92:4c:36:ba:66:a5:52:7d:bb:db:7f:67:c2:1f:92:35:94:
19:4a:dd:95:58:da:39:4f:bb:88:41:0d:67:4e:67:6c:cb:98:
36:db:4a:2e:fe:26:03:22:a8:82:19:a4:59:30:0d:2a:30:64:
29:3d:9f:de:a7:1f:ca:33:f2:da:f2:a3:95:02:90:56:17:d8:
5d:a9:0c:21:c0:e0:13:6d:6f:bf:86:96:55:58:ab:5c:50:1f:
33:a0:e5:1e:04:95:84:ff:c9:96:f1:71:23:15:ad:81:fc:1b:
d5:90:09:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUew5OriYIDfIxE/yqunhLwJwEY2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyMDM5ZjAwOGYwODliOGQ2MzdhNTFhOTlhOTJiOWQ0Mjc4NDdmODFhZGEy
NWQwNGFiZmQ5NTcyNGMzM2U4NjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOh9L/S1KJUCbug/V7G5jwBDHAJgdOR5IgOHEZqSW+SreT18Ib186RQBVjjP
yT2w4LSvweXcxKQuIp9zd1x6Gdz0zHwgAYpRUY4uarDzBKTojFZVIfK/bj9wkZkt
qaXqCjMvIMAQ1GPPR3JW9UHcpLZwiMCL/w8erGpTp33XwNAB3hM+OkCU4lM4u63N
rdWEJVxPBiOGiTsGyEbVDAq0U2k69iyPLnC5P/xo4hZ5rKAA0Ljrmbm+4D+qKXMD
9wuy9ImePjtwqIKfQ/R8Zs0GQF0iYzdJ9Kh5JVdIILoeaiFLQmK4a7b4Raz/Z+u0
skXXCIbwoIKQD7Bj7kr/cbKoc7cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSI7wZg
zol9c0HSJTlAHwNWNPw3vDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkwMTZjZjMtMjNjNS00YjE3LWIzZTktMWMzNmU2Y2FjMWUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQDJ3zFks3MAR5XU/zDw2s+rzGFaN0D13p7EXcCHhgaL
RKiVpXdXOdh9xn5A6MXGHDzekE4CNOLYlEMsBoMjok1IZuQJKUbb4+M68sEFJdEf
84TCIUFUJsJtHRZxRDsygjVGRQGA55hBtOuLqixkJFjonzVpvZ3hH/91L18udD8Z
Iiugrlq3sXYtfjcXpVSpOP+mkkw2umalUn27239nwh+SNZQZSt2VWNo5T7uIQQ1n
Tmdsy5g220ou/iYDIqiCGaRZMA0qMGQpPZ/epx/KM/La8qOVApBWF9hdqQwhwOAT
bW+/hpZVWKtcUB8zoOUeBJWE/8mW8XEjFa2B/BvVkAnd
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:30 2024 by rpki-client on console-fra.rpki-client.org