Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
File: 1dff7204-d968-4bb7-8e61-2db8925bf33e.roa (raw, json)
Hash identifier: 9aVBIRdh4DEx3LQMZOis5Lc3fPoyA3HxHpvphHkk7JI=
Subject key identifier: 03:32:4F:F0:5D:DE:AF:8F:1E:DA:3E:F0:F3:A9:ED:4D:C7:62:15:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3980ACFE3F2478AD3CCF8B78466D97726D7833EE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:80:ac:fe:3f:24:78:ad:3c:cf:8b:78:46:6d:97:72:6d:78:33:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=e824d14fb978dbf375be496cbd29af093f53bd1f4b72ac9fa7cb84859fa79a38, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:87:31:2e:a4:0f:88:48:50:e9:cd:a6:9e:4b:
16:e5:15:ea:6e:5a:15:7c:5f:02:49:01:00:a3:32:
c0:13:5a:92:67:7c:45:8b:a8:b3:b9:87:db:85:d9:
95:cb:8a:6a:0b:37:66:be:a0:0b:06:dc:57:b9:03:
bb:9c:b9:d4:20:0f:95:f6:5a:44:cb:b3:41:bc:53:
ff:c8:30:b0:1a:0b:48:c5:d7:c8:48:3b:e0:11:3c:
ce:5a:af:6c:fb:1d:0e:23:b4:bc:e0:b7:50:c5:4c:
00:cc:49:54:97:5e:a6:a0:f4:61:62:51:4a:1f:c2:
f5:10:00:dc:0a:ff:b9:57:9d:4d:34:a5:ac:5e:a7:
50:67:92:12:6e:8f:09:95:e5:9a:b0:3d:8e:72:bc:
d0:c4:6c:70:c4:43:25:73:aa:82:cb:b8:bf:2c:e1:
5f:1a:c2:ae:e2:2e:a0:7f:df:a8:09:5c:07:f3:21:
1c:0f:7a:b8:24:c3:64:df:67:ee:31:33:2a:54:46:
cb:0c:b9:1a:32:02:77:a1:21:04:e1:8a:c3:fd:b6:
0c:f1:c8:88:0e:3f:3d:4a:ad:79:65:4d:09:4e:3a:
01:15:e5:4b:4c:68:36:7f:96:48:27:42:27:21:42:
12:cb:5e:79:1c:b8:5f:d6:8d:ef:ec:f8:88:a7:ea:
50:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:32:4F:F0:5D:DE:AF:8F:1E:DA:3E:F0:F3:A9:ED:4D:C7:62:15:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ce:27:d1:87:fb:c1:86:05:ba:e4:10:c6:c5:e9:f9:56:b4:2d:
9c:48:7d:fd:16:59:da:e3:f6:b5:66:fa:92:08:06:2a:ee:11:
ea:ff:66:3e:2e:89:ec:f7:d0:d7:2d:22:33:fd:a2:19:ee:11:
2e:32:14:d6:ac:2d:42:09:e0:0d:9c:1c:d6:6f:b7:f6:af:f0:
c2:31:29:ab:b2:5a:7c:9d:55:1c:be:5b:90:ab:e0:c9:48:06:
a4:54:0a:e0:93:20:66:36:58:2f:39:a8:af:1e:4c:25:fd:33:
3e:fc:c8:e9:27:06:24:33:8a:34:03:47:cf:5d:a7:3a:cd:80:
64:b3:ca:b6:47:af:04:11:46:ef:6d:ae:12:52:5a:d1:24:c8:
05:0a:ce:d3:2d:19:b6:16:f7:56:a0:72:35:00:75:44:4a:2d:
d4:d3:f5:32:45:b3:0c:25:92:5f:60:9a:c2:b5:66:56:88:fe:
d3:97:28:23:52:bd:1f:8d:81:f6:78:0e:eb:43:9e:35:f1:f9:
92:d4:b4:59:d6:e2:0e:07:5b:f2:75:41:be:8a:b6:99:b7:55:
d8:45:d6:38:d2:19:5a:61:eb:6f:bd:d8:d9:4f:81:3a:cd:38:
d8:86:e8:e1:71:8e:d0:2f:04:91:5e:ae:d5:b8:32:10:1b:87:
d1:45:0b:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOYCs/j8keK08z4t4Rm2Xcm14M+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4MjRkMTRmYjk3OGRiZjM3NWJlNDk2Y2JkMjlhZjA5M2Y1M2JkMWY0Yjcy
YWM5ZmE3Y2I4NDg1OWZhNzlhMzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWHMS6kD4hIUOnNpp5LFuUV6m5aFXxfAkkBAKMywBNakmd8RYuos7mH24XZ
lcuKags3Zr6gCwbcV7kDu5y51CAPlfZaRMuzQbxT/8gwsBoLSMXXyEg74BE8zlqv
bPsdDiO0vOC3UMVMAMxJVJdepqD0YWJRSh/C9RAA3Ar/uVedTTSlrF6nUGeSEm6P
CZXlmrA9jnK80MRscMRDJXOqgsu4vyzhXxrCruIuoH/fqAlcB/MhHA96uCTDZN9n
7jEzKlRGywy5GjICd6EhBOGKw/22DPHIiA4/PUqteWVNCU46ARXlS0xoNn+WSCdC
JyFCEsteeRy4X9aN7+z4iKfqULkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQDMk/w
Xd6vjx7aPvDzqe1Nx2IVXTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRmZjcyMDQtZDk2OC00YmI3LThlNjEtMmRiODkyNWJmMzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQDOJ9GH+8GGBbrkEMbF6flWtC2cSH39Flna4/a1ZvqS
CAYq7hHq/2Y+Lons99DXLSIz/aIZ7hEuMhTWrC1CCeANnBzWb7f2r/DCMSmrslp8
nVUcvluQq+DJSAakVArgkyBmNlgvOaivHkwl/TM+/MjpJwYkM4o0A0fPXac6zYBk
s8q2R68EEUbvba4SUlrRJMgFCs7TLRm2FvdWoHI1AHVESi3U0/UyRbMMJZJfYJrC
tWZWiP7TlygjUr0fjYH2eA7rQ5418fmS1LRZ1uIOB1vydUG+iraZt1XYRdY40hla
YetvvdjZT4E6zTjYhujhcY7QLwSRXq7VuDIQG4fRRQui
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org