Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
File: ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa (raw, json)
Hash identifier: quCxaH8KHufHyE8hMSVsnu+swGUtBgZhTlgXRtxPj8k=
Subject key identifier: 3C:42:15:25:CF:CB:71:1B:A4:9D:32:04:2F:EA:9F:43:A4:EB:3E:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64A9C061AD9085835473349E05C7E1D2BEC16D13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:a9:c0:61:ad:90:85:83:54:73:34:9e:05:c7:e1:d2:be:c1:6d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=7f759d9d6c5ce5167bbbd74dc65e99c5dc49debc5e38783069dd10d54018ab20, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a9:51:40:6f:89:70:04:1a:18:c9:21:ae:d5:
c1:68:e8:31:4d:08:8b:93:48:f0:d1:23:48:bb:c5:
64:ed:cb:c7:e4:90:a4:ff:c7:bb:3a:a1:0b:20:d9:
8e:1e:5c:d9:72:1f:9e:c0:5f:8f:91:d0:09:aa:5b:
bf:78:62:37:3f:9b:df:d8:31:08:96:fc:e6:0c:2b:
7d:e8:48:55:91:b4:26:7c:9c:29:46:c1:24:30:50:
43:a3:72:fd:d4:ab:2c:b9:3b:67:e3:2f:59:04:f2:
9e:e3:6f:1d:f4:36:59:e6:eb:07:68:41:c9:15:fd:
15:b5:ec:c6:bd:74:1d:e8:83:43:ca:89:90:88:0b:
04:14:8b:b5:04:1c:cb:2a:8e:f7:09:80:9c:08:bc:
27:de:4d:e4:0d:f4:de:9e:88:04:9b:9c:36:e2:37:
16:4e:73:dd:64:36:fe:85:a2:e9:11:3f:d0:e7:73:
ec:77:a9:2c:30:17:cf:45:10:4b:40:a5:60:c0:8c:
cd:38:53:13:0d:95:59:e2:3b:6f:2a:3a:a7:f7:94:
41:50:59:c9:6f:de:78:4b:95:a0:5f:a0:ce:9f:b6:
56:5b:29:8a:01:bb:70:0a:77:19:ab:29:07:0f:06:
a1:41:39:51:ed:3a:f9:25:18:a4:b5:8d:aa:db:91:
cb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:42:15:25:CF:CB:71:1B:A4:9D:32:04:2F:EA:9F:43:A4:EB:3E:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1e:e1:84:40:fb:9e:d2:83:38:e7:b8:9d:22:04:5b:79:04:9f:
36:a0:43:5e:1d:f7:85:38:3f:80:cd:51:d0:ae:8c:6f:a0:06:
78:cd:e0:65:46:36:26:c4:25:90:74:c8:74:1a:ac:a3:79:fb:
88:54:3a:d0:d2:de:08:b8:18:28:58:41:55:b0:a8:2d:37:4b:
9c:d1:ce:2f:20:47:2c:cb:dd:c8:d7:a7:b8:b8:02:ea:dd:dd:
18:ba:35:2b:22:0f:af:f1:eb:78:2f:fa:f7:be:ed:81:05:fa:
32:3d:af:c4:c5:69:f2:0a:04:2f:60:ab:4e:0b:22:d7:05:d8:
d6:a7:c9:3e:66:2a:44:0c:2e:da:eb:a9:6e:21:cc:52:1a:2b:
2a:1c:5e:b8:46:4a:f6:b0:9a:fb:4e:87:50:30:11:df:11:46:
4b:16:01:c9:81:15:37:a1:f2:5a:21:d7:52:d3:ef:ed:88:d6:
b4:59:77:20:ff:27:4d:6d:85:b1:d0:4e:21:15:18:ec:1e:94:
f7:7a:54:46:ca:78:25:a8:3d:d2:c5:f4:b2:98:5c:e1:e9:f2:
3a:87:73:c7:06:e8:96:22:8c:bd:fd:5f:27:ef:6a:6c:5e:38:
27:bf:02:24:8d:a3:79:90:96:e5:ea:cd:c4:e3:f6:95:ed:ce:
cb:80:4b:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZKnAYa2QhYNUczSeBcfh0r7BbRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNzU5ZDlkNmM1Y2U1MTY3YmJiZDc0ZGM2NWU5OWM1ZGM0OWRlYmM1ZTM4
NzgzMDY5ZGQxMGQ1NDAxOGFiMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+pUUBviXAEGhjJIa7VwWjoMU0Ii5NI8NEjSLvFZO3Lx+SQpP/HuzqhCyDZ
jh5c2XIfnsBfj5HQCapbv3hiNz+b39gxCJb85gwrfehIVZG0JnycKUbBJDBQQ6Ny
/dSrLLk7Z+MvWQTynuNvHfQ2WebrB2hByRX9FbXsxr10HeiDQ8qJkIgLBBSLtQQc
yyqO9wmAnAi8J95N5A303p6IBJucNuI3Fk5z3WQ2/oWi6RE/0Odz7HepLDAXz0UQ
S0ClYMCMzThTEw2VWeI7byo6p/eUQVBZyW/eeEuVoF+gzp+2VlspigG7cAp3Gasp
Bw8GoUE5Ue06+SUYpLWNqtuRy4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ8QhUl
z8txG6SdMgQv6p9DpOs+EjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM4YTU0ZTYtOWM2NS00YWQ1LWFiZDQtZDgyYmEzYTU0ZWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQAe4YRA+57SgzjnuJ0iBFt5BJ82oENeHfeFOD+AzVHQ
roxvoAZ4zeBlRjYmxCWQdMh0GqyjefuIVDrQ0t4IuBgoWEFVsKgtN0uc0c4vIEcs
y93I16e4uALq3d0YujUrIg+v8et4L/r3vu2BBfoyPa/ExWnyCgQvYKtOCyLXBdjW
p8k+ZipEDC7a66luIcxSGisqHF64Rkr2sJr7TodQMBHfEUZLFgHJgRU3ofJaIddS
0+/tiNa0WXcg/ydNbYWx0E4hFRjsHpT3elRGynglqD3SxfSymFzh6fI6h3PHBuiW
Ioy9/V8n72psXjgnvwIkjaN5kJbl6s3E4/aV7c7LgEuZ
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org