Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
File: 677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa (raw, json)
Hash identifier: aLou4xgQIeLoZrh12pLnBynTwuGjxi88EOmOKLLM8fM=
Subject key identifier: 43:B2:A9:82:B3:FF:C1:BD:2F:13:14:CA:2C:A4:49:54:15:CC:93:BD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F91AD4939C1EE05AF7CF6E0506BBF36710E4D3C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:91:ad:49:39:c1:ee:05:af:7c:f6:e0:50:6b:bf:36:71:0e:4d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=bf793874bf3360d2e4d982bbb39d2e64c2c087bb3580d0c70f4957612baa79e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8d:34:00:48:4a:02:69:66:28:2b:e8:b5:46:
1b:bc:49:97:01:78:e9:f6:fb:e3:cd:7e:77:74:d0:
b8:67:67:94:ee:41:63:f5:d4:86:ef:72:75:7a:5e:
5a:4d:e9:cb:87:3f:ff:92:7c:5a:1f:71:a0:5f:db:
97:25:5c:84:8f:48:36:63:50:e2:94:0c:b2:0f:0c:
cb:7d:ee:7a:b8:b5:1f:19:17:4c:fc:88:63:d3:17:
4d:73:b6:74:f1:34:8b:11:cf:6c:4d:6c:58:aa:d4:
0e:c9:ec:76:c7:37:d3:92:cf:8a:4a:37:df:5c:4b:
1d:ef:65:c3:55:78:be:7b:13:21:79:60:c7:87:e2:
cc:40:13:e6:e3:4a:d9:76:9f:f8:1d:ec:97:32:e4:
5b:95:86:61:92:04:2c:88:74:df:fb:ff:67:09:94:
5e:37:3f:ea:35:ae:41:55:a2:74:fe:f9:d9:0f:76:
20:92:49:40:90:94:6e:7b:5e:be:2e:3f:b7:5c:12:
38:46:fe:c6:cb:ff:7f:1f:87:8c:9c:82:f0:05:6f:
8a:55:36:f0:fa:04:93:90:70:36:49:3e:70:8b:bc:
33:3d:54:ba:14:4c:2a:f3:77:0f:26:49:0c:73:e2:
39:cf:7c:44:04:87:39:60:79:e5:84:60:e2:fe:d4:
bb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B2:A9:82:B3:FF:C1:BD:2F:13:14:CA:2C:A4:49:54:15:CC:93:BD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
9c:a0:8c:b3:7d:a0:fb:04:a1:8a:05:99:76:90:69:fa:1c:09:
aa:3a:e9:64:26:73:13:1a:1a:17:0f:7b:fb:76:04:af:51:d7:
7d:10:aa:15:fa:83:77:8d:3d:c5:f1:67:ab:22:b5:05:28:9f:
f5:7f:9c:71:64:21:9f:b7:31:91:2f:eb:b6:64:21:75:c4:32:
af:ac:16:47:6e:88:04:23:b1:29:e0:4f:b8:dc:b4:c8:7e:c3:
10:e3:4b:0d:26:e8:2d:2c:e1:6c:ae:52:62:44:3e:1a:98:5a:
6e:e8:5c:0a:0c:66:6e:5e:5a:8c:35:f6:3c:98:71:f5:2a:2c:
d8:b1:79:0f:18:5a:3a:de:05:8f:48:55:2b:06:51:1d:14:81:
ee:0e:3e:82:96:df:9f:ae:1f:b8:4a:95:1c:ba:38:4f:cb:2f:
be:00:96:af:ed:9d:b1:8e:09:26:5a:d5:fd:b4:86:7e:88:89:
81:c7:50:64:bb:ea:c9:f9:f0:81:7f:77:c1:8b:34:d6:e5:dc:
dc:92:12:d0:ad:32:13:21:bd:b9:cd:98:f3:dd:54:39:55:f9:
5d:71:de:c6:de:ec:9b:52:f6:0b:8f:4a:95:57:51:53:34:4f:
2f:00:c5:15:1f:5f:59:3e:65:2b:20:b4:53:b4:00:aa:86:97:
9e:57:b9:4c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP5GtSTnB7gWvfPbgUGu/NnEOTTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmNzkzODc0YmYzMzYwZDJlNGQ5ODJiYmIzOWQyZTY0YzJjMDg3YmIzNTgw
ZDBjNzBmNDk1NzYxMmJhYTc5ZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWNNABISgJpZigr6LVGG7xJlwF46fb7481+d3TQuGdnlO5BY/XUhu9ydXpe
Wk3py4c//5J8Wh9xoF/blyVchI9INmNQ4pQMsg8My33ueri1HxkXTPyIY9MXTXO2
dPE0ixHPbE1sWKrUDsnsdsc305LPiko331xLHe9lw1V4vnsTIXlgx4fizEAT5uNK
2Xaf+B3slzLkW5WGYZIELIh03/v/ZwmUXjc/6jWuQVWidP752Q92IJJJQJCUbnte
vi4/t1wSOEb+xsv/fx+HjJyC8AVvilU28PoEk5BwNkk+cIu8Mz1UuhRMKvN3DyZJ
DHPiOc98RASHOWB55YRg4v7Uu1kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRDsqmC
s//BvS8TFMospElUFcyTvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc3YWJmYjctYTFkNy00YWQ4LTg4NmUtNTRmZjM3NGJjYzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAnKCMs32g+wShigWZdpBp+hwJqjrpZCZzExoa
Fw97+3YEr1HXfRCqFfqDd409xfFnqyK1BSif9X+ccWQhn7cxkS/rtmQhdcQyr6wW
R26IBCOxKeBPuNy0yH7DEONLDSboLSzhbK5SYkQ+GphabuhcCgxmbl5ajDX2PJhx
9Sos2LF5DxhaOt4Fj0hVKwZRHRSB7g4+gpbfn64fuEqVHLo4T8svvgCWr+2dsY4J
JlrV/bSGfoiJgcdQZLvqyfnwgX93wYs01uXc3JIS0K0yEyG9uc2Y891UOVX5XXHe
xt7sm1L2C49KlVdRUzRPLwDFFR9fWT5lKyC0U7QAqoaXnle5TA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org