Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
File: 55eb1295-2121-40dc-bdd3-a11a68da507a.roa (raw, json)
Hash identifier: cfi5bFMe07uchObfdBAJRtcpKHOmVLU6pNQcZdY/XBY=
Subject key identifier: F3:C8:5A:B2:29:71:2D:BF:43:A2:08:FD:CC:C2:44:8E:D8:1C:31:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69ED3282C8ACD2B85517A3EA997349D7AC117470
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:ed:32:82:c8:ac:d2:b8:55:17:a3:ea:99:73:49:d7:ac:11:74:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=359181ec85c978fdc2dd88640715a1a1a34b9b5198f3272b70136260f333cff7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:16:d6:4d:3d:ed:93:71:ca:c7:17:aa:ff:73:
f7:84:65:99:28:43:eb:a8:b1:20:da:52:6d:af:2b:
51:81:f0:81:df:9b:11:d6:1b:90:56:76:99:ac:62:
05:f4:ed:6d:07:c1:f5:da:82:26:0a:2c:76:46:3c:
8b:73:9a:fb:af:22:cd:53:75:8a:2f:e7:87:47:3f:
a3:33:7f:29:ff:f9:a9:f9:8e:60:5d:e1:d0:92:c9:
a5:a5:28:48:80:59:fc:12:b4:16:47:cd:82:31:51:
f4:76:77:c7:54:0f:c6:2c:d5:fd:42:7a:51:9b:37:
a3:e1:e8:14:65:f1:e8:a4:c2:b6:62:a8:6e:b4:b3:
63:2b:2d:67:64:29:33:17:69:7b:f9:79:8e:17:51:
b0:09:67:4c:ab:43:95:6a:21:9e:3d:35:e7:4e:c2:
85:12:80:09:28:dd:29:ef:4d:56:0f:fb:f7:e7:47:
33:a7:44:37:a0:fe:1c:4a:ce:76:e8:ac:90:1d:6c:
c0:59:1e:da:42:73:00:5d:e7:c2:76:47:a3:2c:80:
a6:0f:99:dd:b0:1d:d7:d6:ae:7b:d9:30:26:a5:54:
d3:af:5e:18:df:26:96:93:55:35:72:f5:76:a3:15:
88:63:4f:e4:0d:ef:d6:3e:6b:05:8a:d4:71:25:4d:
28:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C8:5A:B2:29:71:2D:BF:43:A2:08:FD:CC:C2:44:8E:D8:1C:31:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
55:d9:0a:91:06:bb:ea:f6:20:14:24:5e:5c:bd:79:37:c6:76:
f4:bd:22:9f:74:60:5f:01:1d:55:df:f2:b2:08:48:b5:53:7a:
d7:67:82:4b:f7:7c:23:32:2a:68:62:1c:39:60:9b:30:01:ad:
e5:f2:db:82:b8:f7:2d:5e:c4:27:4d:e3:8e:d7:90:ee:25:3f:
8b:24:3c:02:a1:92:70:5c:a7:0d:c8:04:b5:bc:31:d5:58:2d:
6c:81:1e:d3:35:cc:1c:37:27:b0:b8:ac:03:19:de:6d:12:46:
44:f6:27:51:f7:e0:cc:a0:35:af:90:ee:16:ec:d0:26:c6:f5:
3a:96:39:e8:3b:75:62:5a:06:1d:fa:04:0a:dd:e0:06:d9:04:
e1:e5:17:ef:7b:f0:c7:43:a5:ff:3b:d3:39:54:a4:06:f5:4a:
f1:f9:af:cc:59:94:f0:34:d5:1b:58:b4:13:f3:29:66:bb:cc:
a3:f4:0f:9b:21:5e:eb:73:a4:7e:c4:03:e1:dd:d7:58:de:1d:
39:7a:28:8c:72:13:59:b4:18:e2:22:72:d2:5d:b6:53:06:87:
b0:a6:b7:18:cb:8b:3a:0e:d2:de:c5:fa:e6:80:3e:97:26:bf:
cb:c4:f5:23:38:74:30:b8:d2:7d:4d:6d:4f:18:60:03:a6:0b:
90:f8:f0:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUae0ygsis0rhVF6PqmXNJ16wRdHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1OTE4MWVjODVjOTc4ZmRjMmRkODg2NDA3MTVhMWExYTM0YjliNTE5OGYz
MjcyYjcwMTM2MjYwZjMzM2NmZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAW1k097ZNxyscXqv9z94RlmShD66ixINpSba8rUYHwgd+bEdYbkFZ2maxi
BfTtbQfB9dqCJgosdkY8i3Oa+68izVN1ii/nh0c/ozN/Kf/5qfmOYF3h0JLJpaUo
SIBZ/BK0FkfNgjFR9HZ3x1QPxizV/UJ6UZs3o+HoFGXx6KTCtmKobrSzYystZ2Qp
Mxdpe/l5jhdRsAlnTKtDlWohnj01507ChRKACSjdKe9NVg/79+dHM6dEN6D+HErO
duiskB1swFke2kJzAF3nwnZHoyyApg+Z3bAd19aue9kwJqVU069eGN8mlpNVNXL1
dqMViGNP5A3v1j5rBYrUcSVNKJMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTzyFqy
KXEtv0OiCP3MwkSO2Bwx4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTVlYjEyOTUtMjEyMS00MGRjLWJkZDMtYTExYTY4ZGE1MDdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAVdkKkQa76vYgFCReXL15N8Z29L0in3RgXwEdVd/y
sghItVN612eCS/d8IzIqaGIcOWCbMAGt5fLbgrj3LV7EJ03jjteQ7iU/iyQ8AqGS
cFynDcgEtbwx1VgtbIEe0zXMHDcnsLisAxnebRJGRPYnUffgzKA1r5DuFuzQJsb1
OpY56Dt1YloGHfoECt3gBtkE4eUX73vwx0Ol/zvTOVSkBvVK8fmvzFmU8DTVG1i0
E/MpZrvMo/QPmyFe63OkfsQD4d3XWN4dOXoojHITWbQY4iJy0l22UwaHsKa3GMuL
Og7S3sX65oA+lya/y8T1Izh0MLjSfU1tTxhgA6YLkPjw+Q==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org