Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: Rgd/Sv1zWHwbTNRamAF7O66R5rXueBpXKAqxy+wEz14=
Subject key identifier: 30:B1:96:68:3D:58:31:B3:54:47:81:A9:9A:32:F1:00:17:85:21:D9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ED074B7D7E238B7D5C48CDD2F4A212A49FB2640
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:d0:74:b7:d7:e2:38:b7:d5:c4:8c:dd:2f:4a:21:2a:49:fb:26:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=97659ffbc30129ca72e0cdbe17e7cc5f68ba68797f15af29746ee1c60d6dd8cf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ce:f7:69:ef:c5:6a:91:ec:54:bc:f1:03:8b:
42:a6:4f:c5:0d:a6:92:15:fc:b5:3d:38:b2:2d:f3:
95:ec:6c:82:17:ba:c2:f3:a1:19:eb:33:e5:d0:64:
17:1d:c8:a2:5b:f5:11:ca:ba:25:e7:db:b8:cf:d3:
b7:20:a8:e9:e5:2c:fe:71:4a:dd:ef:e9:74:32:7c:
b2:49:a7:ec:88:97:4b:7f:2f:6a:5b:e6:3a:aa:92:
95:88:77:08:0a:ce:09:2e:1f:1c:de:58:66:70:3c:
5f:0d:87:9e:e7:ee:c8:0c:1c:43:b5:0c:b4:f7:06:
c1:45:75:49:6d:c3:b0:74:61:74:2e:bb:ae:d9:00:
96:de:fb:d5:11:c6:3a:72:25:22:a9:23:64:bc:21:
32:95:96:63:24:2c:68:25:6c:9b:67:0a:60:3d:b4:
9d:00:de:83:2e:58:e8:2b:9b:48:7b:c2:31:cf:50:
04:e7:c0:96:1d:00:c7:06:04:52:53:72:8e:b8:e5:
e2:ed:51:4b:e5:9c:c1:06:b9:14:09:5d:0a:e2:e2:
e0:60:fc:57:0a:aa:cb:82:ad:01:e4:89:24:31:d9:
f7:23:6f:60:90:b5:f0:f6:27:ba:73:8e:ac:17:aa:
d0:5f:14:f8:05:88:6e:71:2f:85:da:87:d3:7c:8a:
e4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B1:96:68:3D:58:31:B3:54:47:81:A9:9A:32:F1:00:17:85:21:D9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:a2:c7:6a:77:96:a9:4b:1e:ff:fd:c9:e5:d7:27:a6:a0:26:
3d:ad:22:ad:a1:02:15:2e:fb:a3:58:82:83:b7:75:87:9e:45:
1c:53:b3:f1:62:bc:9d:85:37:00:d7:2f:4d:ca:f2:d2:60:f1:
13:3c:53:5c:ea:f0:d7:07:35:14:9f:19:e6:63:f0:5a:56:e4:
a4:9e:1e:8f:c7:42:5c:9f:89:f0:69:1c:94:3a:27:f4:de:8a:
2d:3d:45:d9:93:7b:99:ae:d2:98:64:2d:7b:49:c2:c8:43:4d:
e3:f9:a1:e8:09:d1:3c:a4:05:0a:18:72:fa:88:bb:02:b6:e8:
4a:ca:eb:2d:5e:06:d2:7f:f0:ce:4b:af:a6:f1:76:8a:7c:79:
07:b4:f0:db:25:40:98:75:55:13:d7:d1:f3:c2:c6:1f:48:7f:
65:3a:7c:a6:78:65:33:1f:9a:b7:d1:c2:88:65:3c:9f:76:46:
86:7b:48:95:c6:a5:59:a1:d1:bb:f5:4d:af:6e:9d:e2:3f:92:
56:ba:34:43:6b:12:13:0a:f9:90:72:09:a7:14:83:93:3b:dc:
20:47:97:2e:10:ba:f8:57:6d:09:44:1c:88:2e:6a:5d:e6:b6:
34:7f:0b:a5:ee:d7:a1:99:19:1b:35:b5:a1:99:0e:16:1a:d9:
75:1b:e8:36
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUftB0t9fiOLfVxIzdL0ohKkn7JkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3NjU5ZmZiYzMwMTI5Y2E3MmUwY2RiZTE3ZTdjYzVmNjhiYTY4Nzk3ZjE1
YWYyOTc0NmVlMWM2MGQ2ZGQ4Y2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPO92nvxWqR7FS88QOLQqZPxQ2mkhX8tT04si3zlexsghe6wvOhGesz5dBk
Fx3Iolv1Ecq6JefbuM/TtyCo6eUs/nFK3e/pdDJ8skmn7IiXS38valvmOqqSlYh3
CArOCS4fHN5YZnA8Xw2HnufuyAwcQ7UMtPcGwUV1SW3DsHRhdC67rtkAlt771RHG
OnIlIqkjZLwhMpWWYyQsaCVsm2cKYD20nQDegy5Y6CubSHvCMc9QBOfAlh0AxwYE
UlNyjrjl4u1RS+WcwQa5FAldCuLi4GD8Vwqqy4KtAeSJJDHZ9yNvYJC18PYnunOO
rBeq0F8U+AWIbnEvhdqH03yK5BkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQwsZZo
PVgxs1RHgamaMvEAF4Uh2TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQCFosdqd5apSx7//cnl1yemoCY9rSKtoQIVLvujWIKD
t3WHnkUcU7PxYrydhTcA1y9NyvLSYPETPFNc6vDXBzUUnxnmY/BaVuSknh6Px0Jc
n4nwaRyUOif03ootPUXZk3uZrtKYZC17ScLIQ03j+aHoCdE8pAUKGHL6iLsCtuhK
yustXgbSf/DOS6+m8XaKfHkHtPDbJUCYdVUT19HzwsYfSH9lOnymeGUzH5q30cKI
ZTyfdkaGe0iVxqVZodG79U2vbp3iP5JWujRDaxITCvmQcgmnFIOTO9wgR5cuELr4
V20JRByILmpd5rY0fwul7tehmRkbNbWhmQ4WGtl1G+g2
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org