Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
File: 97deaf2e-9439-42f2-812d-4cd489ce3cab.roa (raw, json)
Hash identifier: lavnK1b2R79DKylwJLnqYay3uWf6yHk4JhEVtUAWBRQ=
Subject key identifier: 02:FD:6C:07:A6:0B:07:8E:EC:60:C6:7B:6E:2A:97:A0:BD:01:22:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25DF2C68FC1A7378EDDA3CCC75AF84F63822B663
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:df:2c:68:fc:1a:73:78:ed:da:3c:cc:75:af:84:f6:38:22:b6:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=693088a6fd3c5ab1e8a1c83781e60b3701a6add25301f947c328064481c2b151, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:84:f7:4d:9d:f5:7a:92:8a:c2:7a:49:c2:60:
9a:47:e1:42:1c:af:a1:c1:cb:ff:a6:6e:4b:37:bb:
42:3d:53:61:ca:b6:09:25:0f:5a:a5:7c:9e:69:89:
a5:49:25:b8:de:e7:a5:ed:20:2c:ab:4a:23:7b:e7:
68:08:32:f6:c5:b1:5d:fe:2f:2d:49:df:94:63:e5:
16:09:30:49:19:39:fb:54:70:04:2a:86:96:48:67:
0c:fe:cd:79:3b:04:b0:9b:7d:2d:2d:37:64:f0:5d:
a5:de:fa:45:25:80:1b:44:4a:c7:1b:16:12:5c:b6:
5b:f9:a2:b6:85:5f:07:2c:8d:0a:06:ea:71:2c:8d:
c9:bc:4d:00:cc:b2:8d:d4:5d:61:a2:8e:0a:32:d9:
fb:10:eb:22:40:da:d0:56:5c:f5:77:dd:0b:d3:a2:
df:12:7b:c2:e2:eb:46:06:dc:cb:07:ee:91:a6:ea:
67:97:ed:96:34:29:37:55:7e:4b:f4:f9:07:6f:f6:
93:9f:dd:a9:5a:f5:95:88:03:77:2e:3b:6f:f6:09:
d0:01:23:ca:0b:05:c4:c1:66:ac:cf:bb:d5:c2:60:
57:e3:e7:32:71:f3:bb:9f:8f:96:3e:52:83:7c:78:
73:5e:be:c2:70:61:47:7a:24:71:54:4d:ea:93:0b:
41:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FD:6C:07:A6:0B:07:8E:EC:60:C6:7B:6E:2A:97:A0:BD:01:22:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97deaf2e-9439-42f2-812d-4cd489ce3cab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
22:9f:4d:9e:ee:7a:25:25:6f:60:f0:c4:19:d2:86:3f:22:c7:
8b:12:01:34:73:92:4f:10:77:07:10:f7:19:8e:d5:d7:f2:b4:
2a:02:6b:68:0a:09:cc:69:14:8b:8b:46:16:cf:21:49:db:f1:
5d:47:4c:ba:c1:23:76:57:e9:aa:35:5c:54:ac:a6:e6:44:77:
26:55:60:e6:0a:b2:61:f7:0b:1d:52:fc:15:a8:3a:9b:aa:c8:
e0:41:82:41:71:31:7b:7c:de:df:38:2f:39:38:94:1f:07:cb:
cf:4e:dc:5c:bc:36:24:f8:df:d0:14:5f:c0:0f:9a:2a:44:33:
ba:ab:4b:85:60:b9:a1:66:96:46:8e:20:8b:cd:57:28:34:27:
a4:2e:85:20:5e:f3:a3:dc:a3:40:38:c8:3d:a5:a9:1d:20:57:
81:e1:1c:7f:f1:68:bd:14:0f:a6:11:26:a2:d0:21:4f:44:5c:
c0:23:cc:18:e4:86:7b:fb:b3:29:8a:10:bf:9c:49:06:e9:2a:
1c:8c:3b:b2:30:40:a3:4e:04:61:7a:4a:52:bb:b1:9d:db:ca:
d3:bd:31:34:98:41:82:0c:5d:7e:ae:39:88:4a:c3:dc:dc:2b:
61:cf:b1:c4:ae:f8:74:cb:8a:2f:f7:31:2b:8e:64:2e:f7:85:
20:98:80:dd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJd8saPwac3jt2jzMda+E9jgitmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5MzA4OGE2ZmQzYzVhYjFlOGExYzgzNzgxZTYwYjM3MDFhNmFkZDI1MzAx
Zjk0N2MzMjgwNjQ0ODFjMmIxNTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGE902d9XqSisJ6ScJgmkfhQhyvocHL/6ZuSze7Qj1TYcq2CSUPWqV8nmmJ
pUkluN7npe0gLKtKI3vnaAgy9sWxXf4vLUnflGPlFgkwSRk5+1RwBCqGlkhnDP7N
eTsEsJt9LS03ZPBdpd76RSWAG0RKxxsWEly2W/mitoVfByyNCgbqcSyNybxNAMyy
jdRdYaKOCjLZ+xDrIkDa0FZc9XfdC9Oi3xJ7wuLrRgbcywfukabqZ5ftljQpN1V+
S/T5B2/2k5/dqVr1lYgDdy47b/YJ0AEjygsFxMFmrM+71cJgV+PnMnHzu5+Plj5S
g3x4c16+wnBhR3okcVRN6pMLQYcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQC/WwH
pgsHjuxgxntuKpegvQEiKjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTdkZWFmMmUtOTQzOS00MmYyLTgxMmQtNGNkNDg5Y2UzY2FiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIp9Nnu56JSVvYPDEGdKGPyLHixIBNHOSTxB3BxD3
GY7V1/K0KgJraAoJzGkUi4tGFs8hSdvxXUdMusEjdlfpqjVcVKym5kR3JlVg5gqy
YfcLHVL8Fag6m6rI4EGCQXExe3ze3zgvOTiUHwfLz07cXLw2JPjf0BRfwA+aKkQz
uqtLhWC5oWaWRo4gi81XKDQnpC6FIF7zo9yjQDjIPaWpHSBXgeEcf/FovRQPphEm
otAhT0RcwCPMGOSGe/uzKYoQv5xJBukqHIw7sjBAo04EYXpKUruxndvK070xNJhB
ggxdfq45iErD3NwrYc+xxK74dMuKL/cxK45kLveFIJiA3Q==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:25 2024 by rpki-client on console-fra.rpki-client.org