Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
File: 7f93618f-074f-4431-abe6-691e069b191f.roa (raw, json)
Hash identifier: zlznbhtS1DbCV8aszOIhzwcVh7Nucfb9+T9RPg5ZHyU=
Subject key identifier: E0:D0:D6:96:7C:00:E1:B6:C6:10:86:28:DE:DD:B2:13:D1:8B:8F:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13C2CC1DF680DCB4BF15D6C7461B6B394B06044D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:c2:cc:1d:f6:80:dc:b4:bf:15:d6:c7:46:1b:6b:39:4b:06:04:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=c6536bdbbc3870497f697fd356ce3f2a974a172aa62775f5e48931a5f3705c59, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:70:9e:86:bc:c5:19:18:4c:44:0d:e5:fe:2d:
81:72:32:1f:72:ed:a8:79:0c:62:ea:5a:3b:59:78:
7b:74:a3:6a:af:c3:10:e3:77:d9:80:50:6c:b1:23:
bf:a6:9d:39:72:c0:97:be:6d:92:a4:b0:9f:6a:3f:
55:bd:c9:e8:ba:f2:4c:58:1e:a8:fa:a1:66:34:7b:
6b:47:c6:24:ab:ac:ca:5f:b5:88:9d:31:be:bb:2c:
e9:38:cb:73:e0:ae:63:29:a1:17:b9:ef:e9:14:11:
24:4d:3e:50:3e:98:d2:be:e0:73:31:1a:48:3c:6d:
b4:14:af:84:ee:6d:72:f7:75:92:42:ff:d8:8c:56:
d1:8e:07:7c:8a:61:ea:41:78:93:12:25:a1:78:de:
a7:f7:d0:86:8a:75:9f:d8:6e:5e:ee:7e:31:7c:01:
61:fd:19:b9:46:df:6d:00:bb:36:d9:b3:91:a1:26:
79:c2:e9:8e:38:a6:c2:f7:b1:66:f4:cd:9e:ef:70:
c8:3f:a6:9d:3e:33:34:f6:90:d3:05:80:2b:29:bb:
f2:5f:2d:8b:8f:d1:f0:83:07:cf:60:3a:58:20:ba:
ea:0f:1b:a1:b9:07:4f:06:d7:16:70:fb:cd:d0:17:
9f:58:10:38:e1:61:4e:ba:b8:e4:fe:15:24:ad:7d:
18:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D0:D6:96:7C:00:E1:B6:C6:10:86:28:DE:DD:B2:13:D1:8B:8F:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f93618f-074f-4431-abe6-691e069b191f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:38:bb:58:ec:95:39:5b:81:8b:89:52:10:af:1a:cd:92:d8:
51:80:e4:0c:21:68:2e:9f:63:05:b6:0e:d3:09:d2:77:b2:40:
26:1f:78:3e:a1:21:ca:c6:69:4b:78:a6:b7:e7:2a:7b:57:9f:
5a:f2:61:89:e1:be:a2:3b:b2:73:c9:29:6f:7d:8f:e5:e0:f8:
2b:51:bd:4b:2d:8c:b6:d0:eb:77:40:3f:6c:de:c8:53:3e:e5:
fc:ef:c7:9d:1e:1f:79:c1:b0:66:54:5e:8c:e3:da:17:9f:d0:
84:7e:69:38:82:98:71:f3:88:d5:e7:4b:30:de:a5:ec:e8:40:
72:3a:43:24:48:eb:95:df:41:35:16:ee:b7:5d:96:5e:ad:fd:
ac:01:86:ca:48:aa:03:ab:33:83:af:75:3a:85:df:d5:d3:b0:
81:35:b5:aa:00:2a:45:4c:aa:11:8b:7c:34:c7:47:a3:46:d0:
8c:b7:ab:87:c1:94:2b:29:8d:0b:21:c0:90:c6:60:3a:92:73:
3e:6e:88:57:03:5f:57:1e:5f:75:00:ce:5d:ea:84:11:d0:30:
c9:02:92:07:e4:8e:2e:7d:90:20:19:8a:07:60:e8:d3:e4:b2:
3b:fd:5c:3b:c3:a6:c1:d3:a3:38:73:1d:e8:4d:4b:ac:78:29:
dc:33:69:0c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE8LMHfaA3LS/FdbHRhtrOUsGBE0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NTM2YmRiYmMzODcwNDk3ZjY5N2ZkMzU2Y2UzZjJhOTc0YTE3MmFhNjI3
NzVmNWU0ODkzMWE1ZjM3MDVjNTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRwnoa8xRkYTEQN5f4tgXIyH3LtqHkMYupaO1l4e3Sjaq/DEON32YBQbLEj
v6adOXLAl75tkqSwn2o/Vb3J6LryTFgeqPqhZjR7a0fGJKusyl+1iJ0xvrss6TjL
c+CuYymhF7nv6RQRJE0+UD6Y0r7gczEaSDxttBSvhO5tcvd1kkL/2IxW0Y4HfIph
6kF4kxIloXjep/fQhop1n9huXu5+MXwBYf0ZuUbfbQC7NtmzkaEmecLpjjimwvex
ZvTNnu9wyD+mnT4zNPaQ0wWAKym78l8ti4/R8IMHz2A6WCC66g8bobkHTwbXFnD7
zdAXn1gQOOFhTrq45P4VJK19GL0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTg0NaW
fADhtsYQhije3bIT0YuPHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y5MzYxOGYtMDc0Zi00NDMxLWFiZTYtNjkxZTA2OWIxOTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQAuOLtY7JU5W4GLiVIQrxrNkthRgOQMIWgun2MFtg7T
CdJ3skAmH3g+oSHKxmlLeKa35yp7V59a8mGJ4b6iO7JzySlvfY/l4PgrUb1LLYy2
0Ot3QD9s3shTPuX878edHh95wbBmVF6M49oXn9CEfmk4gphx84jV50sw3qXs6EBy
OkMkSOuV30E1Fu63XZZerf2sAYbKSKoDqzODr3U6hd/V07CBNbWqACpFTKoRi3w0
x0ejRtCMt6uHwZQrKY0LIcCQxmA6knM+bohXA19XHl91AM5d6oQR0DDJApIH5I4u
fZAgGYoHYOjT5LI7/Vw7w6bB06M4cx3oTUuseCncM2kM
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org