Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
File: a52d8f8f-474c-4726-8c19-e59b8c69d480.roa (raw, json)
Hash identifier: 9WBJeaENWB8zBj5U7pAGYXfJbl/cdFK5rV+OwRGH21U=
Subject key identifier: B5:02:67:85:C7:37:4C:38:8B:97:CE:53:C6:C1:04:E8:E7:CB:2F:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A0BDB4EB7798FC0F48DDECAA2890BECBFE6814E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:0b:db:4e:b7:79:8f:c0:f4:8d:de:ca:a2:89:0b:ec:bf:e6:81:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=48f7a5d6799879e54a987fc737fb4b0b78cfdfebd9b1d80429000ba2d0940463, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dc:04:30:e6:6c:d2:6f:a6:04:9a:49:62:37:
55:40:d1:ba:ac:a6:af:f8:9c:10:51:9d:18:4e:a5:
80:f2:3a:17:7e:76:2a:ef:36:88:32:b4:89:c0:77:
5f:c8:8d:1e:05:bd:27:4f:16:ac:c6:08:d5:dd:7b:
11:13:28:d9:16:d2:eb:7e:9d:de:fa:da:55:2f:34:
2b:49:3c:77:51:dd:2c:ed:77:f2:6e:3b:e2:ab:e0:
b4:d1:bf:29:10:63:f1:ea:80:e0:99:d4:83:ab:1a:
9e:c5:ab:c8:9c:08:64:12:cb:21:50:10:2b:0b:91:
d2:21:40:aa:51:03:49:7d:cc:a8:dd:e9:7b:9c:13:
11:b1:7c:3d:2b:f0:91:b1:05:b4:69:d3:55:fa:6c:
e1:b4:63:91:90:0e:e5:ed:77:ea:74:8f:9a:9a:43:
44:a7:06:94:1a:4a:eb:71:d4:70:19:82:71:10:0c:
0d:90:a9:bc:dd:8e:c0:75:6f:59:9f:e0:88:84:a7:
07:51:cf:de:74:8b:27:09:9e:4e:03:69:8b:75:d0:
f7:e1:1f:16:a3:1b:9e:6f:0e:2d:32:1e:22:2e:0a:
4e:81:17:4c:6f:c6:27:c9:ab:70:1f:c8:11:bd:74:
ca:fc:11:bc:23:4e:26:51:97:0c:2e:ba:6d:63:7d:
18:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:02:67:85:C7:37:4C:38:8B:97:CE:53:C6:C1:04:E8:E7:CB:2F:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a52d8f8f-474c-4726-8c19-e59b8c69d480.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:b3:1a:00:cf:cc:0a:53:c6:a9:02:1c:f1:6b:3d:00:32:85:
93:9d:ce:60:07:37:5b:b4:0b:b9:56:90:56:11:47:7d:51:fe:
d7:17:5c:5b:b2:5e:1f:49:b6:b4:b9:6f:5b:4f:6a:e0:17:20:
ec:54:c8:42:d6:dc:f1:f5:7c:25:43:29:bb:ad:36:25:56:23:
90:d8:aa:51:cb:30:5d:72:99:6a:a8:55:09:17:a0:58:fa:c2:
e0:ec:ff:40:e7:38:da:67:e4:ca:5e:ba:3f:7d:ec:0d:01:c9:
e6:8b:07:a0:b1:34:f5:2c:98:82:ea:e1:bf:7d:5b:b1:9f:6e:
17:97:13:42:85:a2:b8:09:f8:b0:25:9c:cf:0f:b7:81:8c:e3:
1c:6b:59:fb:0e:49:37:9c:85:ea:8e:65:4d:17:aa:3f:2f:76:
be:5f:33:51:a8:39:09:ca:f4:04:b8:03:d3:79:3d:73:91:49:
51:55:26:77:77:12:38:9c:fb:74:65:13:3f:47:2e:f9:f0:36:
50:37:19:87:e1:93:03:38:63:b0:45:67:16:7a:d1:6a:27:4d:
5f:af:0b:26:30:7e:3c:31:a0:f5:2d:7e:eb:6c:4f:4e:e4:ef:
e1:0d:64:9a:48:d6:fc:3b:ad:42:20:05:e1:47:c6:66:ff:ef:
3e:69:46:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKgvbTrd5j8D0jd7KookL7L/mgU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4ZjdhNWQ2Nzk5ODc5ZTU0YTk4N2ZjNzM3ZmI0YjBiNzhjZmRmZWJkOWIx
ZDgwNDI5MDAwYmEyZDA5NDA0NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrcBDDmbNJvpgSaSWI3VUDRuqymr/icEFGdGE6lgPI6F352Ku82iDK0icB3
X8iNHgW9J08WrMYI1d17ERMo2RbS636d3vraVS80K0k8d1HdLO138m474qvgtNG/
KRBj8eqA4JnUg6sansWryJwIZBLLIVAQKwuR0iFAqlEDSX3MqN3pe5wTEbF8PSvw
kbEFtGnTVfps4bRjkZAO5e136nSPmppDRKcGlBpK63HUcBmCcRAMDZCpvN2OwHVv
WZ/giISnB1HP3nSLJwmeTgNpi3XQ9+EfFqMbnm8OLTIeIi4KToEXTG/GJ8mrcB/I
Eb10yvwRvCNOJlGXDC66bWN9GJkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1AmeF
xzdMOIuXzlPGwQTo58svwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTUyZDhmOGYtNDc0Yy00NzI2LThjMTktZTU5YjhjNjlkNDgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQCisxoAz8wKU8apAhzxaz0AMoWTnc5gBzdbtAu5VpBW
EUd9Uf7XF1xbsl4fSba0uW9bT2rgFyDsVMhC1tzx9XwlQym7rTYlViOQ2KpRyzBd
cplqqFUJF6BY+sLg7P9A5zjaZ+TKXro/fewNAcnmiwegsTT1LJiC6uG/fVuxn24X
lxNChaK4CfiwJZzPD7eBjOMca1n7Dkk3nIXqjmVNF6o/L3a+XzNRqDkJyvQEuAPT
eT1zkUlRVSZ3dxI4nPt0ZRM/Ry758DZQNxmH4ZMDOGOwRWcWetFqJ01frwsmMH48
MaD1LX7rbE9O5O/hDWSaSNb8O61CIAXhR8Zm/+8+aUYP
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org