Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
File: 8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa (raw, json)
Hash identifier: lvXhUAHFkgQ8SDv7tnCIZCRrCdk5/C73lEKZ60Fxzhw=
Subject key identifier: E7:2C:98:96:F0:F7:F5:A9:30:D7:98:9D:B0:B0:60:05:8C:65:92:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3DE917D630A9D48B1AC95CB5A4CC7E625E8079F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:e9:17:d6:30:a9:d4:8b:1a:c9:5c:b5:a4:cc:7e:62:5e:80:79:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=e1caf0806cf088e2be91edc6b5e318dd5ae1d56c71a5b9c6386eaa111727dcf6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:21:b8:3c:73:d4:83:91:a3:19:aa:66:ac:b7:
f5:5c:98:b2:10:19:19:3a:f5:f8:86:ad:6f:0a:be:
de:b8:3b:26:b4:bd:40:a0:26:e7:aa:e8:be:4f:69:
87:16:76:6d:cc:6d:91:50:b4:f4:f8:20:28:00:74:
89:db:47:f5:73:78:8e:35:e1:63:4d:89:ab:4b:a1:
91:6f:af:1b:ef:e3:dd:1c:33:a3:86:e4:d0:14:20:
fd:0c:c5:5a:68:89:27:c4:19:d5:75:fd:24:86:57:
9a:7f:9b:2c:c6:34:93:05:79:3f:7f:ec:a8:21:fa:
7f:cf:73:14:e1:fc:be:17:10:76:fd:75:4a:7f:28:
af:d8:5c:11:89:b2:17:e4:21:d6:be:3f:54:e6:b1:
90:17:d3:a7:8b:96:1a:a4:47:92:f5:2a:a5:80:d0:
26:08:2a:b6:6a:b7:15:77:20:0d:49:ad:6e:78:34:
dd:86:80:e6:bd:fe:2c:28:9c:bd:73:a1:65:44:13:
af:b3:45:a1:b7:7b:bf:09:b5:3a:71:78:46:db:42:
71:ed:d2:69:66:57:f7:1b:46:3a:3a:e7:db:c1:e9:
59:2c:07:8d:c5:fa:7c:1f:68:ce:e9:45:63:eb:67:
4c:c6:d4:c1:d6:68:05:03:57:62:24:03:39:ad:0f:
69:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2C:98:96:F0:F7:F5:A9:30:D7:98:9D:B0:B0:60:05:8C:65:92:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8b14a0f9-8627-4e23-b9ab-fa8ddd835f1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:9f:04:50:b1:96:2c:d3:b1:a5:9e:cf:11:b9:8e:30:84:aa:
17:04:84:b5:11:d8:c7:11:1e:31:c3:30:99:b7:b6:c0:c2:77:
df:ff:0e:fb:fe:f0:50:a4:37:73:bb:d1:e9:3d:e8:0c:a9:b2:
e9:c9:6b:17:e4:84:6c:ee:ad:83:25:e7:26:99:a7:ae:6f:71:
2c:dd:55:6b:ae:28:9b:ca:39:65:ff:b3:cc:77:d2:28:6e:b4:
11:93:b7:e3:78:83:b4:34:d0:60:84:ce:ce:0b:6d:b9:b3:61:
e4:37:6d:f7:2c:86:74:87:7b:dd:0f:98:1f:34:f6:2d:ff:84:
65:c1:68:1b:dc:cc:d9:84:ad:cd:8a:e9:03:a2:f7:e5:55:5a:
56:bb:bd:71:0a:d4:bd:a4:5b:b0:99:05:9c:42:2c:2a:34:f1:
18:fd:64:ad:6a:8d:26:08:0a:63:ad:fb:86:70:d6:fc:5c:fd:
97:ef:f9:89:72:2c:c6:94:0a:c2:81:c2:3a:88:8b:2f:cf:41:
18:a0:33:ae:9e:af:7b:ef:29:ad:93:fa:a1:a7:07:2c:7e:c6:
ab:0b:75:aa:2c:56:6e:63:64:ad:e9:61:98:f6:c4:8a:e4:b9:
9f:d9:2c:57:f6:d4:4b:69:ea:06:ad:b0:3a:7f:e7:ad:7e:d1:
c3:0f:a6:d2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPekX1jCp1IsayVy1pMx+Yl6AefkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxY2FmMDgwNmNmMDg4ZTJiZTkxZWRjNmI1ZTMxOGRkNWFlMWQ1NmM3MWE1
YjljNjM4NmVhYTExMTcyN2RjZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYhuDxz1IORoxmqZqy39VyYshAZGTr1+Iatbwq+3rg7JrS9QKAm56rovk9p
hxZ2bcxtkVC09PggKAB0idtH9XN4jjXhY02Jq0uhkW+vG+/j3Rwzo4bk0BQg/QzF
WmiJJ8QZ1XX9JIZXmn+bLMY0kwV5P3/sqCH6f89zFOH8vhcQdv11Sn8or9hcEYmy
F+Qh1r4/VOaxkBfTp4uWGqRHkvUqpYDQJggqtmq3FXcgDUmtbng03YaA5r3+LCic
vXOhZUQTr7NFobd7vwm1OnF4RttCce3SaWZX9xtGOjrn28HpWSwHjcX6fB9ozulF
Y+tnTMbUwdZoBQNXYiQDOa0PaS8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTnLJiW
8Pf1qTDXmJ2wsGAFjGWSLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGIxNGEwZjktODYyNy00ZTIzLWI5YWItZmE4ZGRkODM1ZjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQA1nwRQsZYs07Glns8RuY4whKoXBIS1EdjHER4xwzCZ
t7bAwnff/w77/vBQpDdzu9HpPegMqbLpyWsX5IRs7q2DJecmmaeub3Es3VVrriib
yjll/7PMd9IobrQRk7fjeIO0NNBghM7OC225s2HkN233LIZ0h3vdD5gfNPYt/4Rl
wWgb3MzZhK3NiukDovflVVpWu71xCtS9pFuwmQWcQiwqNPEY/WStao0mCApjrfuG
cNb8XP2X7/mJcizGlArCgcI6iIsvz0EYoDOunq977ymtk/qhpwcsfsarC3WqLFZu
Y2St6WGY9sSK5Lmf2SxX9tRLaeoGrbA6f+etftHDD6bS
-----END CERTIFICATE-----
Generated at Wed May 8 01:49:10 2024 by rpki-client on console-fra.rpki-client.org