Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/adc1220c-3515-4928-b808-ab48f97a186c.roa
File: adc1220c-3515-4928-b808-ab48f97a186c.roa (raw, json)
Hash identifier: RI8WQqAJZlsROtFd9z/KRh/5hp8qxcPZupCS57ZG4vs=
Subject key identifier: BD:DD:46:14:AA:5A:BE:EC:5C:AE:8B:C7:B9:41:1A:3C:46:21:0C:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F92DCB177315F6D587422545C33BFA3F7D14D19
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/adc1220c-3515-4928-b808-ab48f97a186c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:92:dc:b1:77:31:5f:6d:58:74:22:54:5c:33:bf:a3:f7:d1:4d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b10fee2a3bc917f66433666d069537bb6965c39740513de53dd1b715e78f0984, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:86:62:12:84:a4:7a:93:ef:64:d8:bf:22:e9:
23:3c:e9:12:7d:65:52:c4:80:0b:4c:77:7d:d1:ac:
70:cd:16:dc:40:db:1a:4b:a4:ad:67:43:86:ac:21:
d1:90:07:26:fc:dc:1e:66:79:6e:ec:d0:93:1a:d7:
c9:29:ea:23:18:a0:ad:1b:9d:50:32:23:6c:47:73:
2a:64:c9:93:5e:39:4d:f1:54:be:3c:87:7d:b0:66:
44:5f:6a:9c:af:b8:cc:06:63:6d:9c:30:3d:5a:27:
76:09:0b:d8:c9:33:2b:6a:a0:50:74:ef:48:28:1e:
96:2a:c0:b4:d6:c9:51:b2:ba:ee:89:7e:7a:c0:f2:
ba:81:f0:55:db:94:77:18:b2:76:b1:24:82:06:ef:
35:d2:1c:f5:93:92:99:f5:fd:56:25:6c:52:67:8b:
13:7e:d8:1d:17:64:a8:d2:85:24:9e:6a:d3:81:ac:
58:0e:53:fd:43:bb:9d:1f:ad:eb:65:9a:8f:b2:d3:
59:bb:1a:44:a2:1d:c1:47:e5:de:c2:a6:75:35:a9:
3a:ec:e9:08:d8:13:8d:53:8d:bc:ff:55:a6:a8:78:
1a:45:b4:42:92:9e:29:ae:df:af:fd:a8:48:20:de:
26:8f:58:11:67:e5:05:ec:ff:f4:57:8a:de:14:50:
e4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DD:46:14:AA:5A:BE:EC:5C:AE:8B:C7:B9:41:1A:3C:46:21:0C:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/adc1220c-3515-4928-b808-ab48f97a186c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f8:e5:e6:72:74:02:39:62:5a:14:b8:95:1a:f8:a7:09:52:
b6:6f:1d:51:82:81:67:c1:3b:fb:2f:02:a2:77:8e:c3:2f:aa:
ed:3f:c7:cf:3a:ba:2f:6f:e1:5b:48:0b:1e:b9:c8:2d:c6:98:
d7:b8:00:c4:e3:e1:62:3d:66:a5:ea:6d:4d:ba:7d:78:0d:94:
97:54:50:c8:04:8d:c9:a0:db:21:96:32:be:1a:a7:79:9e:94:
62:9e:1d:ac:06:7a:f3:0b:2e:43:83:e7:5c:53:c4:d8:c3:f8:
01:5a:8f:27:0b:1a:b8:f6:fa:02:07:7d:61:f0:7b:47:64:7e:
60:02:de:22:52:d9:ad:b1:25:9e:82:86:35:91:8d:77:a1:4e:
67:20:99:4e:51:8d:92:1d:e3:67:00:52:b1:75:d0:19:3a:6a:
7d:e8:db:0d:3a:63:14:d0:63:07:9b:99:63:c8:43:ac:b0:6c:
a6:3f:ac:f2:1b:fb:fb:dc:d2:2e:85:33:b7:07:1f:90:00:1e:
ee:03:d5:0a:b9:15:cd:2a:2f:79:e0:7b:fd:5c:c7:7e:c5:ad:
9d:2b:38:00:de:48:a5:27:99:cb:20:7f:c8:24:82:e5:d8:ef:
25:81:ce:5a:59:d4:81:a6:24:c0:b5:f9:0c:ab:eb:f4:2e:7f:
b5:f1:d6:51
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP5LcsXcxX21YdCJUXDO/o/fRTRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMGZlZTJhM2JjOTE3ZjY2NDMzNjY2ZDA2OTUzN2JiNjk2NWMzOTc0MDUx
M2RlNTNkZDFiNzE1ZTc4ZjA5ODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGGYhKEpHqT72TYvyLpIzzpEn1lUsSAC0x3fdGscM0W3EDbGkukrWdDhqwh
0ZAHJvzcHmZ5buzQkxrXySnqIxigrRudUDIjbEdzKmTJk145TfFUvjyHfbBmRF9q
nK+4zAZjbZwwPVondgkL2MkzK2qgUHTvSCgelirAtNbJUbK67ol+esDyuoHwVduU
dxiydrEkggbvNdIc9ZOSmfX9ViVsUmeLE37YHRdkqNKFJJ5q04GsWA5T/UO7nR+t
62Waj7LTWbsaRKIdwUfl3sKmdTWpOuzpCNgTjVONvP9Vpqh4GkW0QpKeKa7fr/2o
SCDeJo9YEWflBez/9FeK3hRQ5HkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS93UYU
qlq+7Fyui8e5QRo8RiEMQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWRjMTIyMGMtMzUxNS00OTI4LWI4MDgtYWI0OGY5N2ExODZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAYPjl5nJ0AjliWhS4lRr4pwlStm8dUYKBZ8E7+y8C
oneOwy+q7T/Hzzq6L2/hW0gLHrnILcaY17gAxOPhYj1mpeptTbp9eA2Ul1RQyASN
yaDbIZYyvhqneZ6UYp4drAZ68wsuQ4PnXFPE2MP4AVqPJwsauPb6Agd9YfB7R2R+
YALeIlLZrbElnoKGNZGNd6FOZyCZTlGNkh3jZwBSsXXQGTpqfejbDTpjFNBjB5uZ
Y8hDrLBspj+s8hv7+9zSLoUztwcfkAAe7gPVCrkVzSoveeB7/VzHfsWtnSs4AN5I
pSeZyyB/yCSC5djvJYHOWlnUgaYkwLX5DKvr9C5/tfHWUQ==
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org