Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: hlQYc0PJaCMGBHVZmgydrJG5T5vAbOrT2zbEmlblGBE=
Subject key identifier: E0:3E:44:E1:38:7A:7B:2B:C6:69:3A:1A:61:41:EE:A1:78:C7:A3:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5470BB101A935DCDB1028C79C3986ADB677F1973
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Wed 13 Mar 2024 00:00:00 +0000
ROA not before: Wed 13 Mar 2024 00:00:00 +0000
ROA not after: Wed 17 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:70:bb:10:1a:93:5d:cd:b1:02:8c:79:c3:98:6a:db:67:7f:19:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 13 00:00:00 2024 GMT
Not After : Apr 17 23:59:59 2024 GMT
Subject: serialNumber=5937339323cc343896519f29a6bb87ce3fee7016da2709cd6e05041436aef448, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:86:74:43:0f:7a:33:40:6a:b3:2b:02:29:f9:
3a:54:e4:0d:cf:a4:6e:f8:3c:48:37:d3:d4:0c:fc:
e6:9c:6d:52:2d:8f:a6:f6:7e:bf:2a:86:0c:58:2b:
18:14:ba:10:fb:f7:91:f5:c7:eb:d4:3d:2b:24:da:
87:dd:07:f9:08:c8:fb:3a:12:5f:f5:84:96:e5:e8:
97:42:ca:37:45:d2:d0:66:31:4c:85:b1:c3:fa:2b:
3e:95:99:fe:af:b1:14:6a:aa:08:1b:5f:6e:75:2d:
26:67:a1:10:07:e3:c0:5b:73:85:25:54:b1:81:b1:
5c:50:cd:cc:ef:33:22:bc:df:34:77:fe:1b:67:66:
67:f5:97:c5:35:46:36:f2:eb:69:0c:e5:cd:be:88:
cc:85:ad:34:e9:af:11:6d:55:3d:7b:a4:2b:df:e9:
35:59:b5:fd:09:a2:97:78:91:f9:c2:f9:03:99:98:
c8:8e:89:f8:45:15:b4:ba:b6:8b:47:5b:df:e8:50:
46:2f:ad:15:02:72:90:79:1e:33:3c:cc:4b:9d:9a:
60:b6:5e:f8:fa:49:62:1e:5c:89:a9:68:e7:8a:dd:
02:20:de:45:5e:32:c5:8d:d5:80:1f:0f:ec:a3:29:
5d:45:4d:10:6b:ab:8e:d6:ec:8c:26:c4:85:fa:b0:
7a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3E:44:E1:38:7A:7B:2B:C6:69:3A:1A:61:41:EE:A1:78:C7:A3:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4c:d1:26:ee:e1:85:30:ef:b1:5f:08:45:19:64:a9:ca:3e:d9:
9d:0e:6d:99:03:6b:c6:9e:f6:e7:4c:7a:62:82:0d:02:81:c5:
37:eb:ee:62:62:2d:f7:e4:d0:77:a8:dd:20:9e:e3:35:23:7d:
8a:ce:e1:a1:a7:68:a3:43:a9:45:c3:5b:c3:3f:6a:3e:b1:36:
df:01:5f:e9:b9:ab:29:cb:0e:c7:02:f5:f8:03:18:25:3d:a7:
79:54:a2:43:1f:2f:08:65:6e:92:2b:cd:6c:b4:a8:5a:44:b9:
83:ed:2e:03:84:88:2a:d0:e3:b1:39:b5:bf:48:e7:a1:a8:6c:
25:9e:15:f6:34:e9:97:68:cf:56:67:bf:ce:34:5c:1a:87:4e:
7e:5d:7e:83:7c:fa:84:ef:58:9c:4d:38:f9:c0:da:e3:ed:2f:
61:f2:55:d4:51:5e:61:a9:9e:9e:b4:4e:dd:bc:3c:0d:fb:34:
ba:50:1e:93:d4:b6:bd:e9:47:9f:2a:a0:7c:2a:8d:3c:24:96:
b0:ad:d8:fb:82:3f:ce:a8:ae:53:32:96:0f:d3:0f:9b:22:6f:
43:53:79:58:99:65:a5:44:97:8a:e9:3e:86:75:b8:b2:cc:92:
ff:f4:e7:15:07:c2:17:7e:3c:3a:da:33:23:df:ff:e2:af:d9:
7f:6c:14:4c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVHC7EBqTXc2xAox5w5hq22d/GXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMTMwMDAwMDBaFw0yNDA0MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5MzczMzkzMjNjYzM0Mzg5NjUxOWYyOWE2YmI4N2NlM2ZlZTcwMTZkYTI3
MDljZDZlMDUwNDE0MzZhZWY0NDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeGdEMPejNAarMrAin5OlTkDc+kbvg8SDfT1Az85pxtUi2PpvZ+vyqGDFgr
GBS6EPv3kfXH69Q9KyTah90H+QjI+zoSX/WEluXol0LKN0XS0GYxTIWxw/orPpWZ
/q+xFGqqCBtfbnUtJmehEAfjwFtzhSVUsYGxXFDNzO8zIrzfNHf+G2dmZ/WXxTVG
NvLraQzlzb6IzIWtNOmvEW1VPXukK9/pNVm1/Qmil3iR+cL5A5mYyI6J+EUVtLq2
i0db3+hQRi+tFQJykHkeMzzMS52aYLZe+PpJYh5cialo54rdAiDeRV4yxY3VgB8P
7KMpXUVNEGurjtbsjCbEhfqwetkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTgPkTh
OHp7K8ZpOhphQe6heMejbTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEATNEm7uGFMO+xXwhFGWSpyj7ZnQ5tmQNrxp7250x6
YoINAoHFN+vuYmIt9+TQd6jdIJ7jNSN9is7hoadoo0OpRcNbwz9qPrE23wFf6bmr
KcsOxwL1+AMYJT2neVSiQx8vCGVukivNbLSoWkS5g+0uA4SIKtDjsTm1v0jnoahs
JZ4V9jTpl2jPVme/zjRcGodOfl1+g3z6hO9YnE04+cDa4+0vYfJV1FFeYamenrRO
3bw8Dfs0ulAek9S2velHnyqgfCqNPCSWsK3Y+4I/zqiuUzKWD9MPmyJvQ1N5WJll
pUSXiuk+hnW4ssyS//TnFQfCF348OtozI9//4q/Zf2wUTA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:24 2024 by rpki-client on console-fra.rpki-client.org