Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: UcwYeRntFWgnH9xyEboU+WW642dKQLdYKpF89lP83T0=
Subject key identifier: C4:CD:AF:A1:7D:42:6E:36:0C:8C:C5:7C:2E:61:F8:B0:7D:49:30:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 525CDAF8EBBE51136947621D3993F40286E33C91
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:5c:da:f8:eb:be:51:13:69:47:62:1d:39:93:f4:02:86:e3:3c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=fd2cd45f855409fcd96fe8ce485bffc461ec8da24984162e47856586d95f98fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2d:3f:77:30:cf:98:15:c2:7c:52:8a:07:97:
ea:6d:30:66:6b:69:af:8a:a8:ca:b5:b1:54:a3:37:
95:15:51:5c:2a:b8:e1:cb:f1:fb:f6:23:a4:46:ac:
d1:42:70:ef:72:7a:10:a6:0a:e5:bd:f6:ef:98:8f:
70:6f:1a:70:59:c6:73:22:d8:0e:6c:18:3f:55:c4:
74:82:dd:4d:17:90:f3:40:5f:d6:40:e1:fe:7b:b5:
aa:d9:59:e3:98:59:3e:95:a7:e7:79:fd:e6:1f:40:
7c:3d:95:25:0e:4c:61:f7:94:87:ec:e0:21:a3:8d:
ad:9d:58:2c:5c:2e:e4:ca:f2:e2:7d:7c:59:d7:1e:
e0:71:22:73:91:a9:0e:b6:d4:f2:14:a6:12:b3:f4:
74:d9:68:d6:c4:d8:80:23:b7:37:5c:64:47:5b:32:
28:fd:8c:dc:ec:c7:8e:8c:c9:77:78:26:9e:90:fd:
45:de:79:af:36:e5:72:ce:a3:a1:8b:db:5d:f5:d9:
40:79:a9:b7:84:1a:bf:ed:0f:05:3f:28:f6:19:9c:
40:a9:15:19:37:18:e0:94:4a:cf:e3:1e:d6:1f:2a:
8a:53:5e:ba:3e:24:23:cf:f6:03:41:0a:f4:bb:5f:
17:ea:6a:3c:5e:ff:b6:08:a0:3c:08:ab:08:7c:43:
7a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CD:AF:A1:7D:42:6E:36:0C:8C:C5:7C:2E:61:F8:B0:7D:49:30:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
67:45:bf:20:8c:ba:30:9b:bc:0a:81:d0:97:ee:cf:2e:5e:76:
13:4f:10:98:b0:bc:1f:59:50:ff:a4:a4:16:84:7d:1e:9a:e6:
29:1a:b1:d6:89:0d:86:29:3f:be:c2:3a:b8:c7:41:45:96:7a:
a1:55:8b:60:55:4b:a2:b5:95:2e:5d:1a:5f:d2:7c:d7:21:ce:
06:91:c8:e1:db:0e:8a:1d:96:13:c0:54:e4:c6:e5:28:3e:51:
e7:ea:4b:e6:6c:93:60:00:50:3d:06:5f:12:02:fe:50:20:f0:
8f:e9:a0:69:32:d2:aa:e5:87:a4:42:1b:6e:fb:51:06:9f:12:
bb:71:56:0c:db:36:d2:5b:ca:34:f3:48:90:ce:c1:75:a3:7e:
8a:d1:6d:cf:e6:9b:b2:44:52:dc:5e:ca:3f:48:33:b7:ba:3c:
d1:0e:1c:ed:11:6e:b6:98:aa:60:c4:97:1f:97:5f:bd:d3:bb:
28:5d:89:40:37:c4:92:83:12:05:bd:10:5c:80:83:63:07:2c:
8e:94:89:a3:c2:6f:7c:5f:ae:32:0a:bb:03:ec:92:cc:e1:ff:
03:bc:5c:11:94:da:d8:1f:97:11:e4:ba:08:0e:d0:59:3d:09:
08:38:aa:1f:97:32:55:28:bb:3f:2b:08:e7:df:fd:07:f1:42:
38:29:e9:9b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUlza+Ou+URNpR2IdOZP0AobjPJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMmNkNDVmODU1NDA5ZmNkOTZmZThjZTQ4NWJmZmM0NjFlYzhkYTI0OTg0
MTYyZTQ3ODU2NTg2ZDk1Zjk4ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgtP3cwz5gVwnxSigeX6m0wZmtpr4qoyrWxVKM3lRVRXCq44cvx+/YjpEas
0UJw73J6EKYK5b3275iPcG8acFnGcyLYDmwYP1XEdILdTReQ80Bf1kDh/nu1qtlZ
45hZPpWn53n95h9AfD2VJQ5MYfeUh+zgIaONrZ1YLFwu5Mry4n18Wdce4HEic5Gp
DrbU8hSmErP0dNlo1sTYgCO3N1xkR1syKP2M3OzHjozJd3gmnpD9Rd55rzblcs6j
oYvbXfXZQHmpt4Qav+0PBT8o9hmcQKkVGTcY4JRKz+Me1h8qilNeuj4kI8/2A0EK
9LtfF+pqPF7/tgigPAirCHxDehcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEza+h
fUJuNgyMxXwuYfiwfUkwGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAZ0W/IIy6MJu8CoHQl+7PLl52E08QmLC8H1lQ/6Sk
FoR9HprmKRqx1okNhik/vsI6uMdBRZZ6oVWLYFVLorWVLl0aX9J81yHOBpHI4dsO
ih2WE8BU5MblKD5R5+pL5myTYABQPQZfEgL+UCDwj+mgaTLSquWHpEIbbvtRBp8S
u3FWDNs20lvKNPNIkM7BdaN+itFtz+abskRS3F7KP0gzt7o80Q4c7RFutpiqYMSX
H5dfvdO7KF2JQDfEkoMSBb0QXICDYwcsjpSJo8JvfF+uMgq7A+ySzOH/A7xcEZTa
2B+XEeS6CA7QWT0JCDiqH5cyVSi7PysI59/9B/FCOCnpmw==
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org