Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
File: 7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa (raw, json)
Hash identifier: bFkIZvrxct/rWTCAak3VtvDIyXUtp9rHA1YfKW25ah0=
Subject key identifier: 5C:50:23:75:58:FD:9B:F8:2C:FB:05:03:6A:F7:06:7A:B2:7A:E7:07
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63F0F95F4A076B0AF219EBF9E6CBC1FFF8DDF8D7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:f0:f9:5f:4a:07:6b:0a:f2:19:eb:f9:e6:cb:c1:ff:f8:dd:f8:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=9556978f6182876dbfdcb5414b23d100541c077911b2dab4bc29861247c4d557, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:76:f5:e7:7c:5d:48:8a:23:ef:5a:f4:d1:89:
a1:f6:f6:6c:1b:8f:49:f9:b2:2b:38:05:60:d9:77:
3f:a7:67:e2:cc:17:11:72:4b:5f:ff:59:eb:5c:4a:
37:20:ba:92:ee:1c:7d:09:5c:62:12:86:00:1f:bd:
dc:c1:f7:9f:95:2a:a0:d3:c5:4f:e9:ad:6c:ed:8f:
34:c6:0d:24:43:60:04:e5:9d:a5:ef:d2:6c:ac:14:
2d:48:b1:82:31:36:c6:12:df:9e:bf:c0:7d:34:4e:
0f:d1:20:4b:eb:80:cb:39:7d:cb:f9:77:7f:f7:a9:
a2:24:29:d0:66:8a:5f:7c:e1:6e:a4:ae:fc:72:b1:
78:a1:1d:85:14:d1:fc:2b:f0:bd:53:d2:12:64:6f:
52:fd:65:60:00:62:91:e2:f5:a2:ae:a3:89:26:f2:
1b:e6:54:e7:26:f1:3b:c3:19:e9:00:28:d4:61:82:
8c:b2:db:85:df:ce:d3:19:ab:99:ed:be:a0:b3:5e:
76:27:db:da:38:e8:47:d5:72:c0:5a:f9:3e:09:46:
83:90:b8:fd:f7:02:59:1c:a8:bd:20:28:13:d6:23:
ee:ba:72:f9:1e:bc:aa:b4:8a:9b:eb:ac:88:19:d0:
b9:82:91:09:54:a7:91:fc:55:49:21:c9:bc:ec:47:
fb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:50:23:75:58:FD:9B:F8:2C:FB:05:03:6A:F7:06:7A:B2:7A:E7:07
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
71:b4:8c:71:a7:34:ee:fb:34:9a:4d:fb:e7:b1:eb:e7:d3:a7:
31:61:bf:88:d8:25:1a:fd:97:89:4d:d3:bf:ef:40:b6:2d:cd:
de:6e:a7:e3:b7:60:57:75:5c:e6:41:7f:3c:a5:08:51:04:76:
e7:bf:f2:2d:76:d0:a3:e3:e8:3b:bb:4a:66:77:0d:35:91:27:
e7:6d:d1:64:ca:69:f2:1e:d4:c1:1c:55:a1:84:b8:c2:03:69:
e0:67:93:68:d4:1d:57:05:cf:f0:1a:d0:cf:d7:dd:e5:9e:1d:
4d:a2:93:e6:ca:72:ea:ac:a9:37:85:f2:9a:1e:2c:52:49:fa:
a6:71:58:38:cb:c0:b3:21:ab:1e:02:9c:94:15:83:09:3c:c5:
bc:0f:ec:0b:62:7d:a4:eb:e1:0e:bd:ac:ad:3f:fe:52:bf:50:
0f:69:92:54:99:e6:e4:9f:33:98:8a:58:af:5b:a9:63:fd:e6:
68:f5:af:98:cd:4f:12:13:c4:6c:69:3e:9e:ea:b6:f4:33:88:
e8:31:91:17:84:74:15:19:24:27:85:48:72:00:fb:90:d7:b2:
0d:2a:18:3e:61:5c:df:72:e7:f3:f8:be:3b:96:bd:3d:60:61:
db:6c:5f:2e:73:87:dc:f2:9c:e5:5e:45:d4:4d:a6:b3:a7:a8:
d3:37:5e:65
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY/D5X0oHawryGev55svB//jd+NcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1NTY5NzhmNjE4Mjg3NmRiZmRjYjU0MTRiMjNkMTAwNTQxYzA3NzkxMWIy
ZGFiNGJjMjk4NjEyNDdjNGQ1NTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKt29ed8XUiKI+9a9NGJofb2bBuPSfmyKzgFYNl3P6dn4swXEXJLX/9Z61xK
NyC6ku4cfQlcYhKGAB+93MH3n5UqoNPFT+mtbO2PNMYNJENgBOWdpe/SbKwULUix
gjE2xhLfnr/AfTROD9EgS+uAyzl9y/l3f/epoiQp0GaKX3zhbqSu/HKxeKEdhRTR
/CvwvVPSEmRvUv1lYABikeL1oq6jiSbyG+ZU5ybxO8MZ6QAo1GGCjLLbhd/O0xmr
me2+oLNedifb2jjoR9VywFr5PglGg5C4/fcCWRyovSAoE9Yj7rpy+R68qrSKm+us
iBnQuYKRCVSnkfxVSSHJvOxH+9kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRcUCN1
WP2b+Cz7BQNq9wZ6snrnBzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2E5ZDQ5NzAtOGU5Yy00ZDExLWExYzYtNzcyYTU3MTMzNGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAcbSMcac07vs0mk3757Hr59OnMWG/iNglGv2XiU3T
v+9Ati3N3m6n47dgV3Vc5kF/PKUIUQR257/yLXbQo+PoO7tKZncNNZEn523RZMpp
8h7UwRxVoYS4wgNp4GeTaNQdVwXP8BrQz9fd5Z4dTaKT5spy6qypN4Xymh4sUkn6
pnFYOMvAsyGrHgKclBWDCTzFvA/sC2J9pOvhDr2srT/+Ur9QD2mSVJnm5J8zmIpY
r1upY/3maPWvmM1PEhPEbGk+nuq29DOI6DGRF4R0FRkkJ4VIcgD7kNeyDSoYPmFc
33Ln8/i+O5a9PWBh22xfLnOH3PKc5V5F1E2ms6eo0zdeZQ==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org