Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
File: 8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa (raw, json)
Hash identifier: jc1PHhLXJYA+PO3A9uqdk0AlMqwMCKZxmAJHE0jJP28=
Subject key identifier: 6C:AA:64:2B:37:96:60:87:FF:8B:E1:AD:08:47:5E:90:CE:FB:39:8C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B93811A39AA718268E57F6FF9F3A2DF22620B1B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:93:81:1a:39:aa:71:82:68:e5:7f:6f:f9:f3:a2:df:22:62:0b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=d36724ea93ab211fbbc84d6d498f1c389074cf0e5397647cd224aa61b7763309, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:36:1c:c3:73:25:41:4e:58:fa:39:ac:a1:93:
07:ad:55:05:fb:51:7b:95:69:7d:1c:f4:5d:9f:e9:
9e:5b:8e:47:fe:ee:2b:4c:48:d0:3c:4a:25:c7:3d:
8e:fd:5d:64:55:63:9a:8f:0d:e8:95:59:d9:bc:6d:
17:02:6d:87:2b:fd:cd:84:65:c7:10:a6:9c:12:c3:
4f:29:fe:d1:24:a8:45:36:81:47:9d:2d:00:ef:5c:
f4:c8:f7:9d:04:f7:ac:96:be:fe:23:23:aa:61:2b:
0d:87:2e:6c:b1:ff:32:ba:a4:58:4f:7b:a0:31:04:
95:1e:b6:d6:9d:6b:8b:1d:04:ce:6c:a8:96:59:68:
5b:c8:af:14:27:5a:e9:a1:b9:4e:cc:7b:32:ff:83:
bc:d1:3a:f9:66:41:20:0f:14:b2:8e:42:57:c2:28:
2d:e3:d7:f6:f9:aa:f4:fc:e6:a6:19:1d:46:33:6f:
82:31:4e:5f:37:5e:6f:bd:00:7f:31:45:59:ed:e8:
0e:cd:ca:2e:a3:32:95:7e:74:3c:da:8c:e6:85:b7:
4f:b4:df:7f:dc:91:39:67:2d:a7:69:d4:cc:98:ef:
7a:56:17:5f:68:1d:61:18:52:4f:18:50:8f:b4:4f:
78:60:a5:37:a9:02:bc:0c:94:af:b0:b0:70:03:4d:
41:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AA:64:2B:37:96:60:87:FF:8B:E1:AD:08:47:5E:90:CE:FB:39:8C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:dd:f2:d2:fa:be:a5:cc:3d:2f:75:16:17:c1:36:f4:c6:38:
98:3e:9d:8c:24:e7:13:f4:1e:c0:a7:55:ba:8a:43:c5:ea:f3:
91:3d:c7:91:2a:03:2a:34:c7:76:19:8f:77:d0:04:9e:f9:7b:
6a:a1:10:e8:8a:7c:2e:18:a7:ac:36:4e:49:07:d0:a7:1f:5c:
79:bf:52:a0:46:ba:0f:3f:e8:72:09:5a:69:e2:23:1d:88:b4:
a9:d9:0b:1e:69:71:e7:51:1f:3e:52:59:dd:02:1d:a2:e7:cf:
59:da:42:02:23:b8:82:88:d2:4d:58:84:e4:da:09:35:93:de:
87:81:2e:2e:1d:93:d8:78:52:a2:22:33:63:d2:a6:ee:fe:61:
fa:95:81:4d:e7:68:55:8a:af:3f:68:49:b8:51:91:d5:19:9b:
dd:ca:42:bf:fb:1e:83:9d:9b:64:52:b2:d0:a6:b9:c7:fa:29:
c9:35:80:7f:af:8c:52:38:78:6d:68:bb:b7:4a:a7:3f:6e:db:
24:68:a9:28:00:ff:4f:bc:32:02:83:49:17:ae:10:13:fe:d9:
39:7e:05:19:6b:b5:fb:96:bc:33:9e:20:71:56:be:7e:d3:b6:
14:20:4a:1d:43:dd:7a:ee:a7:2f:2b:6e:33:7f:7e:6c:a4:7d:
91:46:6e:1b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe5OBGjmqcYJo5X9v+fOi3yJiCxswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNjcyNGVhOTNhYjIxMWZiYmM4NGQ2ZDQ5OGYxYzM4OTA3NGNmMGU1Mzk3
NjQ3Y2QyMjRhYTYxYjc3NjMzMDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOY2HMNzJUFOWPo5rKGTB61VBftRe5VpfRz0XZ/pnluOR/7uK0xI0DxKJcc9
jv1dZFVjmo8N6JVZ2bxtFwJthyv9zYRlxxCmnBLDTyn+0SSoRTaBR50tAO9c9Mj3
nQT3rJa+/iMjqmErDYcubLH/MrqkWE97oDEElR621p1rix0EzmyollloW8ivFCda
6aG5Tsx7Mv+DvNE6+WZBIA8Uso5CV8IoLePX9vmq9PzmphkdRjNvgjFOXzdeb70A
fzFFWe3oDs3KLqMylX50PNqM5oW3T7Tff9yROWctp2nUzJjvelYXX2gdYRhSTxhQ
j7RPeGClN6kCvAyUr7CwcANNQR0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsqmQr
N5Zgh/+L4a0IR16Qzvs5jDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGE1OTQxNzMtZDIzYi00ZTRhLTlhMWYtOTZkZWI1OWI0NWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBS3fLS+r6lzD0vdRYXwTb0xjiYPp2MJOcT9B7Ap1W6
ikPF6vORPceRKgMqNMd2GY930ASe+XtqoRDoinwuGKesNk5JB9CnH1x5v1KgRroP
P+hyCVpp4iMdiLSp2QseaXHnUR8+UlndAh2i589Z2kICI7iCiNJNWITk2gk1k96H
gS4uHZPYeFKiIjNj0qbu/mH6lYFN52hViq8/aEm4UZHVGZvdykK/+x6DnZtkUrLQ
prnH+inJNYB/r4xSOHhtaLu3Sqc/btskaKkoAP9PvDICg0kXrhAT/tk5fgUZa7X7
lrwzniBxVr5+07YUIEodQ9167qcvK24zf35spH2RRm4b
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org