Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a42a2ce0-b40d-465c-9ccb-43cad0772f6d.roa
File: a42a2ce0-b40d-465c-9ccb-43cad0772f6d.roa (raw, json)
Hash identifier: 6Wo6TJbILCprS4zSumfjQJTPvX4mxiywTshDVOxXb6I=
Subject key identifier: 81:CF:1A:C4:32:7B:91:E5:24:98:71:1E:FF:3C:D3:35:B4:40:C6:29
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4ECEC3CCBE0653112FA8BCB594887F93CCFBA5DC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a42a2ce0-b40d-465c-9ccb-43cad0772f6d.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:ce:c3:cc:be:06:53:11:2f:a8:bc:b5:94:88:7f:93:cc:fb:a5:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=b1b1640684592d91b6a1326cb808bca8c9035c714c439d1511ff976f50dc1d7d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:af:37:83:72:12:3e:22:54:97:88:cd:50:d3:
40:b1:37:ca:89:78:0a:4b:e2:bf:ea:e5:41:a2:ce:
0b:a5:65:b7:6d:99:06:a2:92:ad:e8:d2:d5:33:8b:
cd:b4:4e:e2:7c:cd:60:14:aa:91:88:92:22:64:0a:
db:e8:75:7b:a5:50:e3:9a:0c:b1:d0:4b:d1:cc:79:
2d:3c:54:be:da:1e:b8:6b:2d:cd:9c:2f:86:2b:97:
98:a5:5d:28:1e:13:05:9f:f5:f6:2d:43:ea:79:c5:
f9:e5:42:d0:13:74:53:2a:4a:ad:59:af:2d:7e:bd:
4d:fe:78:7d:8f:24:8b:54:1b:95:25:ff:a7:ea:f4:
c3:49:ab:1b:ab:79:69:e7:bd:0f:88:14:92:b0:ad:
d2:17:55:28:e3:6d:f5:c0:bb:76:c7:c4:ce:00:96:
f0:93:2d:66:10:69:e6:84:2c:02:1f:18:a3:dc:95:
ad:15:28:d4:a0:a2:91:60:6e:48:76:da:7d:c2:66:
97:0e:0b:1f:ab:5b:be:ab:bf:87:ba:e5:b5:71:08:
13:a9:d8:29:d9:fe:31:9b:32:db:8f:86:d5:b1:97:
f3:85:c4:aa:64:ec:ce:ef:89:c6:a6:42:fb:eb:83:
f1:54:d3:7e:68:8b:ae:89:24:10:c8:b5:2f:3c:75:
01:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CF:1A:C4:32:7B:91:E5:24:98:71:1E:FF:3C:D3:35:B4:40:C6:29
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a42a2ce0-b40d-465c-9ccb-43cad0772f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:98:83:5c:91:3f:b9:35:f8:ec:2e:24:c2:1c:21:72:b4:f1:
fb:ba:41:c5:a1:cc:38:ca:67:aa:d2:1b:5a:7f:41:d5:d5:65:
e9:3e:65:8c:cd:46:15:13:4c:80:0b:81:67:8a:e5:56:50:9e:
22:26:3c:c5:1f:8c:ff:3f:b0:8b:6b:33:18:ae:2c:d8:a5:81:
f5:37:33:d8:01:2d:58:44:86:13:e6:08:4e:29:22:e6:67:67:
4a:f8:b9:79:f7:bd:cf:f1:aa:19:06:ce:9c:8e:e9:d3:9c:89:
2f:13:8d:6a:5d:b4:3f:21:9b:9f:c3:0f:37:65:74:31:d5:59:
fc:f3:a1:f0:4a:9a:15:3c:88:0c:dc:89:cd:6f:64:ac:76:37:
96:b2:24:03:8c:bf:90:1c:70:8f:52:2f:99:96:69:85:c0:69:
33:40:f8:dd:65:b5:19:12:3d:0b:fb:95:c5:c6:0c:38:36:d0:
4e:7d:e3:c8:d2:d6:67:20:59:57:84:71:3e:88:23:5d:21:96:
ef:93:92:e8:8e:e3:e6:ca:8d:15:91:98:c8:1e:0f:94:7d:77:
da:ec:26:8a:a4:90:5e:2b:19:f9:e8:80:45:10:05:f6:98:74:
62:73:20:22:26:ea:16:1b:aa:f2:59:c7:60:ac:48:b7:08:c5:
22:a0:f0:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTs7DzL4GUxEvqLy1lIh/k8z7pdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxYjE2NDA2ODQ1OTJkOTFiNmExMzI2Y2I4MDhiY2E4YzkwMzVjNzE0YzQz
OWQxNTExZmY5NzZmNTBkYzFkN2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOvN4NyEj4iVJeIzVDTQLE3yol4Ckviv+rlQaLOC6Vlt22ZBqKSrejS1TOL
zbRO4nzNYBSqkYiSImQK2+h1e6VQ45oMsdBL0cx5LTxUvtoeuGstzZwvhiuXmKVd
KB4TBZ/19i1D6nnF+eVC0BN0UypKrVmvLX69Tf54fY8ki1QblSX/p+r0w0mrG6t5
aee9D4gUkrCt0hdVKONt9cC7dsfEzgCW8JMtZhBp5oQsAh8Yo9yVrRUo1KCikWBu
SHbafcJmlw4LH6tbvqu/h7rltXEIE6nYKdn+MZsy24+G1bGX84XEqmTszu+JxqZC
++uD8VTTfmiLrokkEMi1Lzx1AYcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSBzxrE
MnuR5SSYcR7/PNM1tEDGKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTQyYTJjZTAtYjQwZC00NjVjLTljY2ItNDNjYWQwNzcyZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQAcmINckT+5NfjsLiTCHCFytPH7ukHFocw4ymeq0hta
f0HV1WXpPmWMzUYVE0yAC4FniuVWUJ4iJjzFH4z/P7CLazMYrizYpYH1NzPYAS1Y
RIYT5ghOKSLmZ2dK+Ll5973P8aoZBs6cjunTnIkvE41qXbQ/IZufww83ZXQx1Vn8
86HwSpoVPIgM3InNb2SsdjeWsiQDjL+QHHCPUi+ZlmmFwGkzQPjdZbUZEj0L+5XF
xgw4NtBOfePI0tZnIFlXhHE+iCNdIZbvk5LojuPmyo0VkZjIHg+UfXfa7CaKpJBe
Kxn56IBFEAX2mHRicyAiJuoWG6ryWcdgrEi3CMUioPCG
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org