Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
File: 8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa (raw, json)
Hash identifier: wNwmJm7k0AUQrj2zLn2KcKel793OE01vEH4TmCDwcp0=
Subject key identifier: BB:47:1D:20:E2:6A:DF:59:3A:7B:1E:A6:D4:F7:FB:BB:E0:7D:FD:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 61BC10AE8C352E372CA9EF854A5CBCF2F5594C88
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:bc:10:ae:8c:35:2e:37:2c:a9:ef:85:4a:5c:bc:f2:f5:59:4c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=c63f5f86b7aa64b0098109de1e8ec915203d0310fe64a592f36bda8ae93c9dab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:35:21:b2:db:87:ba:a7:a0:25:6b:29:5a:f9:
1a:e4:0d:5e:67:52:8d:a8:0b:61:1b:52:01:42:ef:
fc:89:a0:cd:47:ad:db:6f:09:65:f6:a2:17:bf:fc:
99:e5:3c:b0:43:10:ef:3a:80:d9:8b:08:39:44:56:
88:47:b2:3a:f6:81:44:ac:1e:f6:34:74:91:5d:f1:
4e:8f:45:f5:16:10:b3:99:10:f6:98:1a:09:92:8e:
11:0e:60:98:ea:f5:5c:5c:e0:08:8b:92:94:e2:8a:
88:e9:40:8e:5e:00:3d:9d:5f:77:b8:41:7d:7c:d4:
70:d5:82:af:c9:e1:c7:d3:18:5d:5e:8d:f4:a4:a2:
08:62:15:e8:e0:00:ce:d4:0a:e3:53:41:52:39:de:
33:da:f6:cd:f4:1a:b8:34:28:74:b6:fa:30:a9:f4:
86:59:77:87:76:33:fa:e5:4f:f0:2e:a2:9c:86:f6:
bc:b5:4f:d3:09:9c:a0:8f:ba:ce:40:8f:9b:e9:96:
6a:19:30:a1:0a:f3:7f:12:09:72:12:9a:38:92:49:
40:6a:11:b5:a4:77:b9:f7:7f:02:ab:56:49:49:ce:
1a:bb:be:63:1f:fb:60:ca:1f:6e:4c:a8:31:50:95:
56:7b:72:a4:cb:cc:31:f0:07:4b:41:18:f1:cf:f6:
52:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:47:1D:20:E2:6A:DF:59:3A:7B:1E:A6:D4:F7:FB:BB:E0:7D:FD:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:85:d8:e5:8c:c8:07:3c:ec:cd:d9:22:91:1a:f7:87:96:59:
c4:61:0f:63:0b:bc:3b:fa:cb:58:80:e7:5f:42:0b:3f:c6:de:
3d:c7:2a:57:5f:75:36:d9:f2:2d:b7:f1:58:9f:42:6f:a9:06:
09:54:0d:b1:b9:63:4d:aa:d1:9b:d0:96:93:d5:8f:1d:ee:93:
92:73:1d:77:36:aa:52:fa:81:5d:27:31:ae:3b:10:20:fb:45:
2c:b1:eb:eb:b4:67:9f:fd:20:40:47:03:72:a7:f2:12:b9:e0:
42:a7:3d:4b:32:2b:7a:c2:85:56:82:30:3b:b4:7f:69:05:93:
44:1c:46:6b:80:86:ad:8d:7f:88:bd:99:93:06:3a:26:b8:07:
f4:99:fd:b9:04:0d:8e:96:a4:4d:b5:86:48:18:11:1c:53:7a:
0b:80:59:0e:f6:c1:19:93:dd:9c:5d:e8:c1:17:56:a7:bb:3f:
13:0e:4e:f5:49:73:11:8e:a1:c9:22:25:e9:09:00:d1:30:de:
f2:61:8e:d7:19:2f:36:01:09:7e:60:36:41:15:30:49:76:17:
b5:1a:03:57:57:fd:ff:7a:dc:b3:f9:69:92:9f:77:c6:47:f5:
72:fc:da:13:e8:ca:8a:32:92:3d:8f:d2:06:58:98:8a:6c:a5:
8a:8a:a7:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYbwQrow1Ljcsqe+FSly88vVZTIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2M2Y1Zjg2YjdhYTY0YjAwOTgxMDlkZTFlOGVjOTE1MjAzZDAzMTBmZTY0
YTU5MmYzNmJkYThhZTkzYzlkYWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOI1IbLbh7qnoCVrKVr5GuQNXmdSjagLYRtSAULv/ImgzUet228JZfaiF7/8
meU8sEMQ7zqA2YsIOURWiEeyOvaBRKwe9jR0kV3xTo9F9RYQs5kQ9pgaCZKOEQ5g
mOr1XFzgCIuSlOKKiOlAjl4APZ1fd7hBfXzUcNWCr8nhx9MYXV6N9KSiCGIV6OAA
ztQK41NBUjneM9r2zfQauDQodLb6MKn0hll3h3Yz+uVP8C6inIb2vLVP0wmcoI+6
zkCPm+mWahkwoQrzfxIJchKaOJJJQGoRtaR3ufd/AqtWSUnOGru+Yx/7YMofbkyo
MVCVVntypMvMMfAHS0EY8c/2UjUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7Rx0g
4mrfWTp7HqbU9/u74H393TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0OGU0ZmUtYTY5Ny00NGIwLWJhYjItMWI1NDkzNWE1MGYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQAghdjljMgHPOzN2SKRGveHllnEYQ9jC7w7+stYgOdf
Qgs/xt49xypXX3U22fItt/FYn0JvqQYJVA2xuWNNqtGb0JaT1Y8d7pOScx13NqpS
+oFdJzGuOxAg+0UssevrtGef/SBARwNyp/ISueBCpz1LMit6woVWgjA7tH9pBZNE
HEZrgIatjX+IvZmTBjomuAf0mf25BA2OlqRNtYZIGBEcU3oLgFkO9sEZk92cXejB
F1anuz8TDk71SXMRjqHJIiXpCQDRMN7yYY7XGS82AQl+YDZBFTBJdhe1GgNXV/3/
etyz+WmSn3fGR/Vy/NoT6MqKMpI9j9IGWJiKbKWKiqc6
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org