Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
File: fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa (raw, json)
Hash identifier: w18mjchHa7yr20HCnVv4f5ZaFK4YM/LBOhGt1/SR/jc=
Subject key identifier: 85:D1:40:EE:00:39:44:27:0B:EA:9B:E1:99:F6:47:F1:95:D4:E5:A8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2639D9224D62A676F51300BEFE30A181E5C4457B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:39:d9:22:4d:62:a6:76:f5:13:00:be:fe:30:a1:81:e5:c4:45:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f1b3229b079caef748b248539fa5177793aafec30e2366345740d5a4295ec6f0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a0:0b:0a:54:82:ef:06:3b:78:d0:d0:81:c7:
56:e7:53:a9:77:2b:1f:17:71:53:b9:ca:d3:4d:1b:
3f:1b:d8:f5:5f:e3:f9:bd:19:bb:fa:da:41:f5:57:
8b:d2:34:d9:f8:97:11:24:56:9d:e5:9a:09:dc:17:
97:91:d2:d2:3b:fc:36:39:92:55:a0:d8:db:69:11:
ec:72:63:f8:4b:ef:31:da:f6:49:4d:13:69:9f:f0:
07:ba:5d:0c:5f:b8:4c:4e:b3:db:eb:d9:4d:53:95:
18:3e:98:99:6e:51:e1:b1:0f:29:dc:71:16:75:cc:
6b:46:74:30:99:8b:f6:84:ad:b6:e8:32:bb:4c:ce:
50:ce:d1:07:fa:e4:4e:de:19:21:05:71:29:95:03:
75:45:d1:30:94:c9:df:a0:f0:cc:2f:a1:15:f7:43:
2d:69:83:c1:e9:1b:b2:53:29:0a:aa:dc:6b:fa:e9:
8c:64:ca:35:71:5c:b1:6e:9a:4d:e3:fb:82:ef:26:
52:49:78:5b:50:54:44:db:6c:74:44:d6:ba:8a:1d:
63:2b:56:29:8c:4c:5f:9a:fa:f4:c6:34:57:28:fa:
b4:4c:aa:2c:89:26:71:1f:1c:2d:81:94:cf:ad:7d:
fa:5e:32:a7:32:f5:e0:77:5c:42:a0:e1:1a:49:46:
37:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D1:40:EE:00:39:44:27:0B:EA:9B:E1:99:F6:47:F1:95:D4:E5:A8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:76:ce:e8:68:68:c0:b9:e7:05:6b:85:c6:62:37:81:58:39:
be:db:74:52:5d:d8:6c:64:c9:bb:ff:8f:8c:8e:dc:af:e6:d1:
10:c6:13:43:26:cb:2a:d5:dd:47:a2:5f:df:d9:59:37:34:b5:
dc:0f:6d:b9:aa:d0:75:25:7c:9f:f3:77:5d:8c:a5:85:42:aa:
16:50:a4:84:9d:b3:90:73:6b:15:64:44:92:e7:6e:62:c4:4d:
50:74:df:99:9e:da:5b:e7:3e:4a:b5:9f:b7:9f:80:3e:b1:53:
d1:20:e3:68:3e:0d:bb:06:75:10:fd:01:35:7b:ee:9f:26:bd:
bd:f5:4d:99:65:ed:fc:00:93:4a:54:e4:9d:92:c5:4a:ca:45:
dd:36:fc:ee:7e:a7:5a:57:5c:b0:18:a6:d0:86:06:ad:a0:c2:
70:36:dc:65:a9:87:1c:3f:3f:4d:7e:c4:37:0c:c2:36:b5:23:
eb:34:f1:c6:af:c2:42:d2:f2:e9:77:f7:18:50:32:63:72:fb:
8c:22:aa:a9:6b:df:2c:ab:e2:c6:38:a7:a1:7a:6d:b9:18:dc:
b4:d8:0d:05:94:f6:70:04:7a:fb:e3:4e:25:d7:f8:56:7a:bf:
da:22:b2:34:42:c0:6f:c0:85:6c:80:db:19:d3:13:9c:33:03:
a5:3d:b4:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJjnZIk1ipnb1EwC+/jChgeXERXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYjMyMjliMDc5Y2FlZjc0OGIyNDg1MzlmYTUxNzc3OTNhYWZlYzMwZTIz
NjYzNDU3NDBkNWE0Mjk1ZWM2ZjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOgCwpUgu8GO3jQ0IHHVudTqXcrHxdxU7nK000bPxvY9V/j+b0Zu/raQfVX
i9I02fiXESRWneWaCdwXl5HS0jv8NjmSVaDY22kR7HJj+EvvMdr2SU0TaZ/wB7pd
DF+4TE6z2+vZTVOVGD6YmW5R4bEPKdxxFnXMa0Z0MJmL9oSttugyu0zOUM7RB/rk
Tt4ZIQVxKZUDdUXRMJTJ36DwzC+hFfdDLWmDwekbslMpCqrca/rpjGTKNXFcsW6a
TeP7gu8mUkl4W1BURNtsdETWuoodYytWKYxMX5r69MY0Vyj6tEyqLIkmcR8cLYGU
z619+l4ypzL14HdcQqDhGklGN0ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSF0UDu
ADlEJwvqm+GZ9kfxldTlqDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU5NmY2ZTYtNzRiMS00ZjY5LWJiMTgtMmQ5YWFlMzU0ZDhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAyHbO6GhowLnnBWuFxmI3gVg5vtt0Ul3YbGTJu/+P
jI7cr+bREMYTQybLKtXdR6Jf39lZNzS13A9tuarQdSV8n/N3XYylhUKqFlCkhJ2z
kHNrFWREkuduYsRNUHTfmZ7aW+c+SrWft5+APrFT0SDjaD4NuwZ1EP0BNXvunya9
vfVNmWXt/ACTSlTknZLFSspF3Tb87n6nWldcsBim0IYGraDCcDbcZamHHD8/TX7E
NwzCNrUj6zTxxq/CQtLy6Xf3GFAyY3L7jCKqqWvfLKvixjinoXptuRjctNgNBZT2
cAR6++NOJdf4Vnq/2iKyNELAb8CFbIDbGdMTnDMDpT20kA==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org