Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
File: e07d74df-535d-4244-b607-95997aa421a3.roa (raw, json)
Hash identifier: BgsRM4DWnfWqZ4hHd42+HWo1uMnxastTxRHs4wwyMF8=
Subject key identifier: 33:7A:29:6F:74:4E:B7:EB:FD:54:65:B2:0C:EE:1C:C4:B6:D0:BB:07
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 316060CCEE33BFBAA3FF08DBD724FF36BDB50AEF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:60:60:cc:ee:33:bf:ba:a3:ff:08:db:d7:24:ff:36:bd:b5:0a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=3eaa6f6f435ba8d19a9e982fb87a2a90e1a4854e1df4fbed1de893601d5ea080, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:46:1e:69:ff:77:da:54:9a:c1:d8:7d:b1:cd:
ee:de:61:7d:44:6f:e7:c4:de:c1:db:32:c5:87:c6:
4b:08:8d:64:3a:1e:bb:a9:70:bb:a7:96:3b:ab:18:
2f:92:26:1b:65:88:a3:bb:93:9e:26:32:a4:66:0f:
6d:68:6d:41:3b:d5:ad:07:b0:5f:f0:09:9a:c8:66:
bf:2f:66:00:32:e8:8f:51:3f:a2:ec:9d:08:e4:47:
1f:1d:eb:46:0f:2f:d0:21:10:20:b0:b5:5e:79:f2:
d7:b6:41:a8:89:0c:b7:e6:b2:f8:bf:f2:0f:f3:35:
76:f6:65:e4:7c:7d:6a:55:ee:54:c6:55:ce:7a:2c:
c4:cc:ba:fb:49:ba:5c:b5:da:e1:7e:03:58:f5:68:
a1:2e:4f:9f:4e:29:08:ae:9d:ff:72:5e:d2:a1:1a:
56:89:9d:b5:be:70:f7:6e:0c:ba:62:06:cc:a5:50:
12:8d:be:f7:61:c3:1b:0f:ea:51:98:b6:19:d0:ea:
b9:69:e3:f5:6f:37:50:bf:85:2f:c2:ae:f4:df:80:
c4:7c:e7:76:e2:a7:0a:28:62:0e:1f:f7:b2:cd:44:
e4:53:e9:fb:96:b6:38:07:83:c4:a5:ac:79:42:b1:
fc:b5:0a:a3:ca:87:bd:c5:46:d7:2d:04:2d:43:b4:
fa:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7A:29:6F:74:4E:B7:EB:FD:54:65:B2:0C:EE:1C:C4:B6:D0:BB:07
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:c7:72:13:a3:e8:57:bc:a4:84:aa:32:57:23:2b:d1:4b:77:
bd:d2:e5:bc:c1:6d:66:11:ef:f0:9c:0b:db:1c:67:9b:2f:9a:
90:be:7d:2e:75:69:52:f9:c7:76:92:45:43:fb:eb:2a:ac:9c:
21:8f:13:35:f4:23:a2:cc:27:91:b2:ae:a7:bd:92:88:7b:34:
f7:53:c9:2a:2e:ea:5b:8e:f0:20:69:a8:c1:e8:e6:0b:77:a4:
61:4e:17:94:3d:94:4f:08:29:b5:7e:a7:80:8f:fb:11:3d:08:
79:20:4f:08:91:6f:88:31:8b:b1:83:1c:83:4c:29:81:e1:b3:
3d:f9:8d:ba:39:f2:15:ad:03:8c:7f:5e:91:eb:51:ac:20:f5:
17:28:61:57:6c:9f:eb:e2:f1:ea:43:b6:9d:84:9d:08:39:86:
38:0a:9a:71:c2:a9:f2:38:de:2b:2a:06:11:8f:66:5e:7c:3a:
1d:72:e4:c8:f7:92:2e:ea:82:e4:5d:f8:89:c5:8f:69:24:aa:
00:7e:ce:53:89:b4:1b:7f:cb:ef:1a:10:78:ed:0c:0a:5d:32:
cb:e3:ed:aa:e8:30:58:f5:45:f8:5e:3b:52:65:b5:e7:21:fe:
66:07:ce:8f:a3:5a:4d:3b:5c:c7:9f:17:93:74:a1:8e:ad:4f:
2d:cc:b7:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMWBgzO4zv7qj/wjb1yT/Nr21Cu8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlYWE2ZjZmNDM1YmE4ZDE5YTllOTgyZmI4N2EyYTkwZTFhNDg1NGUxZGY0
ZmJlZDFkZTg5MzYwMWQ1ZWEwODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNGHmn/d9pUmsHYfbHN7t5hfURv58TewdsyxYfGSwiNZDoeu6lwu6eWO6sY
L5ImG2WIo7uTniYypGYPbWhtQTvVrQewX/AJmshmvy9mADLoj1E/ouydCORHHx3r
Rg8v0CEQILC1Xnny17ZBqIkMt+ay+L/yD/M1dvZl5Hx9alXuVMZVznosxMy6+0m6
XLXa4X4DWPVooS5Pn04pCK6d/3Je0qEaVomdtb5w924MumIGzKVQEo2+92HDGw/q
UZi2GdDquWnj9W83UL+FL8Ku9N+AxHznduKnCihiDh/3ss1E5FPp+5a2OAeDxKWs
eUKx/LUKo8qHvcVG1y0ELUO0+v0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQzeilv
dE636/1UZbIM7hzEttC7BzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTA3ZDc0ZGYtNTM1ZC00MjQ0LWI2MDctOTU5OTdhYTQyMWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEATMdyE6PoV7ykhKoyVyMr0Ut3vdLlvMFtZhHv8JwL
2xxnmy+akL59LnVpUvnHdpJFQ/vrKqycIY8TNfQjoswnkbKup72SiHs091PJKi7q
W47wIGmowejmC3ekYU4XlD2UTwgptX6ngI/7ET0IeSBPCJFviDGLsYMcg0wpgeGz
PfmNujnyFa0DjH9eketRrCD1FyhhV2yf6+Lx6kO2nYSdCDmGOAqaccKp8jjeKyoG
EY9mXnw6HXLkyPeSLuqC5F34icWPaSSqAH7OU4m0G3/L7xoQeO0MCl0yy+Ptqugw
WPVF+F47UmW15yH+ZgfOj6NaTTtcx58Xk3Shjq1PLcy39g==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org