Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90e43ec0-92f9-420a-8158-7b97f7f32b51.roa
File: 90e43ec0-92f9-420a-8158-7b97f7f32b51.roa (raw, json)
Hash identifier: WYzbFAhPI6dBrZPAeI3bsmeAsN/NtDybOeaYIeDkJrM=
Subject key identifier: 4F:94:CC:01:B2:8B:46:EE:FB:41:DD:B3:E0:D6:BF:FF:24:4B:8E:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20CA1FF7B5F853E93CC1B704BE29A6203A809571
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90e43ec0-92f9-420a-8158-7b97f7f32b51.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ca:1f:f7:b5:f8:53:e9:3c:c1:b7:04:be:29:a6:20:3a:80:95:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=892898a5a68bfcb7a7e6b24c84adf3c9591b63447e8573683a182df02d6e914d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ab:e2:a6:42:b9:e8:65:05:55:27:0b:f2:d9:
36:6a:d3:07:81:25:2f:23:fa:41:80:80:da:19:be:
d2:44:3d:0e:7a:23:4c:0b:87:ae:e0:eb:8f:7b:ee:
05:4f:a8:03:f2:0c:1f:f1:70:e5:6e:0a:ea:ee:7a:
2f:32:e2:10:e2:8d:a9:98:39:be:ff:85:dc:5b:2a:
ea:7a:40:1a:14:a6:4a:e8:34:f5:b4:4a:a1:83:4f:
d2:ba:ef:e3:d1:c2:eb:9d:d4:e7:fe:c3:31:ad:6e:
a4:b5:3b:38:98:bd:c5:db:f6:7c:bc:37:cd:a9:f8:
dd:b8:34:15:d4:40:6f:6f:5e:56:4c:b5:97:61:79:
7b:17:83:d9:79:64:c3:d2:82:48:f8:3a:f6:b9:12:
1d:5c:5c:67:99:7e:61:f3:f2:ba:dd:3e:1d:0e:46:
38:91:fe:72:c8:6f:6c:95:b4:52:4a:91:3d:50:e6:
2c:cd:ab:3f:f2:5e:e2:00:8e:43:ba:fe:14:37:5b:
7f:07:8f:73:ce:80:24:8a:ff:84:09:b9:b6:8b:b0:
16:3c:fb:f7:7c:2a:24:3a:51:3c:77:f2:2c:14:48:
04:f1:4f:58:8b:d8:ef:42:cd:76:75:9c:ff:55:26:
a0:a9:8c:2c:19:fd:1c:88:e5:08:76:1a:dd:45:b1:
d0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:94:CC:01:B2:8B:46:EE:FB:41:DD:B3:E0:D6:BF:FF:24:4B:8E:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/90e43ec0-92f9-420a-8158-7b97f7f32b51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
11:70:91:1f:53:0a:f8:c5:dc:c1:ba:2c:ea:f5:8c:8a:5f:b4:
23:27:81:f7:fd:d3:e9:c3:6b:8e:dc:eb:40:de:63:5a:2b:6a:
df:22:13:00:6c:a6:19:e1:1a:c5:1a:66:73:fe:5f:c9:a7:11:
c9:3b:ad:62:34:c2:15:7a:38:19:9c:30:8a:30:13:76:a0:24:
43:07:b5:7b:e6:c5:98:15:51:fa:5d:72:fb:32:21:17:b8:17:
f5:cd:79:b9:66:39:b4:e3:6f:97:53:f6:c1:1e:42:7a:1d:97:
fb:72:80:af:2a:ab:d3:70:ad:03:ee:44:fb:45:82:cd:72:37:
e5:b3:d9:40:50:e2:a3:b5:6c:44:b0:03:22:19:29:a3:d4:fe:
68:c2:0d:8a:a6:c1:e7:b0:1e:07:16:b0:48:c6:a4:cf:c6:e4:
90:21:38:6e:20:90:39:70:c2:3f:10:d2:97:98:2a:88:87:17:
a7:8a:e2:6d:3e:7a:b4:7a:d9:58:a8:58:45:11:5b:41:7f:b5:
84:d0:75:56:1e:f6:9f:2a:1f:34:23:b5:d6:07:09:6f:b3:03:
5f:e2:1e:63:b8:65:94:ad:8d:ac:5f:76:e3:9c:a1:23:8b:13:
54:77:0e:51:77:c1:86:07:47:7d:9d:6e:d0:7e:b4:82:61:b6:
8f:f6:8a:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIMof97X4U+k8wbcEvimmIDqAlXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5Mjg5OGE1YTY4YmZjYjdhN2U2YjI0Yzg0YWRmM2M5NTkxYjYzNDQ3ZTg1
NzM2ODNhMTgyZGYwMmQ2ZTkxNGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyr4qZCuehlBVUnC/LZNmrTB4ElLyP6QYCA2hm+0kQ9DnojTAuHruDrj3vu
BU+oA/IMH/Fw5W4K6u56LzLiEOKNqZg5vv+F3Fsq6npAGhSmSug09bRKoYNP0rrv
49HC653U5/7DMa1upLU7OJi9xdv2fLw3zan43bg0FdRAb29eVky1l2F5exeD2Xlk
w9KCSPg69rkSHVxcZ5l+YfPyut0+HQ5GOJH+cshvbJW0UkqRPVDmLM2rP/Je4gCO
Q7r+FDdbfwePc86AJIr/hAm5touwFjz793wqJDpRPHfyLBRIBPFPWIvY70LNdnWc
/1UmoKmMLBn9HIjlCHYa3UWx0DUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRPlMwB
sotG7vtB3bPg1r//JEuOwDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTBlNDNlYzAtOTJmOS00MjBhLTgxNTgtN2I5N2Y3ZjMyYjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAEXCRH1MK+MXcwbos6vWMil+0IyeB9/3T6cNrjtzr
QN5jWitq3yITAGymGeEaxRpmc/5fyacRyTutYjTCFXo4GZwwijATdqAkQwe1e+bF
mBVR+l1y+zIhF7gX9c15uWY5tONvl1P2wR5Ceh2X+3KAryqr03CtA+5E+0WCzXI3
5bPZQFDio7VsRLADIhkpo9T+aMINiqbB57AeBxawSMakz8bkkCE4biCQOXDCPxDS
l5gqiIcXp4ribT56tHrZWKhYRRFbQX+1hNB1Vh72nyofNCO11gcJb7MDX+IeY7hl
lK2NrF9245yhI4sTVHcOUXfBhgdHfZ1u0H60gmG2j/aKuw==
-----END CERTIFICATE-----
Generated at Thu Apr 25 20:25:59 2024 by rpki-client on console-fra.rpki-client.org