Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: rrcVsk/tgcMQMREQ0LicSaF/STuOqoMkwDhXDszEpWo=
Subject key identifier: E9:1D:81:30:F8:48:A3:FB:15:0F:6D:3A:F1:3B:1C:E0:85:18:D0:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5126B776895EC87BA8F2B4011AE573D21A6CEFF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:26:b7:76:89:5e:c8:7b:a8:f2:b4:01:1a:e5:73:d2:1a:6c:ef:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=7499af4a25081ae9d65b37ab6c10f56b33a42dffde233c891d7d88ee4ab298b6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:95:3a:73:2f:aa:e7:66:42:94:42:d6:0d:c2:
1d:99:59:2c:92:e8:5d:42:97:2f:58:7e:4b:88:45:
b8:43:07:e9:d2:78:14:17:9a:d2:bd:12:9e:57:e2:
29:6d:f5:8e:88:76:ae:ca:e4:3f:95:34:79:5b:72:
77:77:08:e7:64:2e:84:7a:ed:80:ee:6f:d4:f4:90:
15:01:f7:19:2f:a7:af:f7:7b:3b:a7:d3:1f:79:f4:
ef:b3:8e:5d:ad:2a:20:40:2a:cc:ad:89:8c:18:33:
cc:5b:38:47:74:b4:78:9f:30:d8:61:09:73:72:1a:
8b:a8:5d:cb:ad:cc:75:ad:65:1e:29:79:29:09:1f:
48:f7:84:c6:32:d4:83:a4:ae:6a:4d:94:e8:61:c2:
11:62:45:3e:73:7b:50:fd:6d:59:8d:ac:da:8e:aa:
af:03:41:be:49:df:3e:04:f4:ee:d3:b1:00:68:66:
b3:13:f6:18:c0:c5:16:eb:3b:78:26:39:98:be:3d:
0c:34:78:c2:40:dc:9d:fb:79:e1:99:30:6d:42:98:
cb:03:24:6c:66:14:f4:53:59:3d:f4:a4:a9:bb:52:
9a:9a:f2:8a:0a:3e:43:2d:9e:e4:79:1f:bf:b3:be:
19:3e:fc:31:52:64:a6:65:3f:b9:3e:39:05:5f:78:
63:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:1D:81:30:F8:48:A3:FB:15:0F:6D:3A:F1:3B:1C:E0:85:18:D0:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:b2:ff:c8:b6:99:1e:ce:ce:5d:6d:10:7b:a2:af:20:29:f5:
38:40:2c:f7:82:bb:01:30:43:61:cd:90:11:79:ff:88:d4:a9:
99:bf:55:e8:ab:90:68:b4:d4:90:4b:3f:65:36:7c:96:9d:d4:
f7:2e:d2:e4:81:bd:04:24:80:7c:7c:22:9b:78:79:9d:6c:2c:
67:bc:6f:44:3f:df:5b:ad:49:b5:50:90:75:b0:93:6e:e3:02:
45:4f:75:62:84:d6:f0:f9:47:a3:7d:d8:62:5d:cd:ab:5e:25:
c7:a5:0c:4c:8e:74:0b:21:32:e7:b9:5a:91:43:60:02:3e:9a:
41:50:7f:f7:c1:07:75:f8:99:76:5e:e2:74:b2:8e:fd:7a:e7:
21:f6:f4:2c:16:5f:b7:70:38:12:9c:1c:4f:65:d6:7e:ff:0d:
f3:d3:9d:43:c3:6c:e0:33:5f:a3:32:87:d1:bb:f0:a7:a0:7f:
4e:45:99:23:0a:7e:dc:72:eb:c9:f2:8b:5a:bc:11:be:d3:49:
0c:81:4b:d9:b3:95:9b:fa:7f:15:8d:ac:06:de:db:4d:64:5f:
a9:5b:45:aa:8a:66:48:41:0a:f4:31:fe:b9:d2:3e:5a:23:a3:
20:b5:6a:7d:4b:b2:02:f2:7f:f2:f3:58:72:98:91:7d:de:f4:
c7:ff:bd:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUSa3doleyHuo8rQBGuVz0hps7/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0OTlhZjRhMjUwODFhZTlkNjViMzdhYjZjMTBmNTZiMzNhNDJkZmZkZTIz
M2M4OTFkN2Q4OGVlNGFiMjk4YjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIaVOnMvqudmQpRC1g3CHZlZLJLoXUKXL1h+S4hFuEMH6dJ4FBea0r0Snlfi
KW31joh2rsrkP5U0eVtyd3cI52QuhHrtgO5v1PSQFQH3GS+nr/d7O6fTH3n077OO
Xa0qIEAqzK2JjBgzzFs4R3S0eJ8w2GEJc3Iai6hdy63Mda1lHil5KQkfSPeExjLU
g6Suak2U6GHCEWJFPnN7UP1tWY2s2o6qrwNBvknfPgT07tOxAGhmsxP2GMDFFus7
eCY5mL49DDR4wkDcnft54ZkwbUKYywMkbGYU9FNZPfSkqbtSmpryigo+Qy2e5Hkf
v7O+GT78MVJkpmU/uT45BV94YzcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTpHYEw
+Eij+xUPbTrxOxzghRjQdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQBmsv/Itpkezs5dbRB7oq8gKfU4QCz3grsBMENhzZAR
ef+I1KmZv1Xoq5BotNSQSz9lNnyWndT3LtLkgb0EJIB8fCKbeHmdbCxnvG9EP99b
rUm1UJB1sJNu4wJFT3VihNbw+UejfdhiXc2rXiXHpQxMjnQLITLnuVqRQ2ACPppB
UH/3wQd1+Jl2XuJ0so79euch9vQsFl+3cDgSnBxPZdZ+/w3z051Dw2zgM1+jMofR
u/CnoH9ORZkjCn7ccuvJ8otavBG+00kMgUvZs5Wb+n8VjawG3ttNZF+pW0WqimZI
QQr0Mf650j5aI6MgtWp9S7IC8n/y81hymJF93vTH/73y
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org