Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
File: b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa (raw, json)
Hash identifier: prs+Cd4DFBYD10waOFao7DqE2HSwXY1usYyvqH+4OZo=
Subject key identifier: ED:89:B6:5E:78:44:E3:89:0C:E8:EB:62:43:E7:7E:C9:B2:B1:03:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30EB41F0FE307446984F7A6E8F0144755E01C89D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:eb:41:f0:fe:30:74:46:98:4f:7a:6e:8f:01:44:75:5e:01:c8:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=5416ca2c113b8a9457817d9d67bd01363d69551b56aedeefd8bb66742985ef4a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e6:e3:bc:1e:39:ea:45:e0:95:77:38:6f:2e:
19:3c:05:61:71:07:46:89:6c:60:b5:0a:fc:09:36:
30:c5:11:55:01:36:43:a6:fb:26:48:95:81:29:c1:
99:b2:de:70:35:c3:9b:33:d0:1a:ec:3b:2a:be:fb:
aa:c2:77:78:7f:bb:87:b2:28:d7:7d:dd:08:cb:26:
32:ba:13:1f:04:c7:3e:c8:f8:46:1c:aa:eb:52:35:
13:6f:81:18:42:2b:94:7e:9e:b8:9f:3c:6c:9f:5c:
be:29:f5:44:84:03:28:78:ac:b1:84:3e:f7:fd:9a:
90:89:28:44:78:4c:ec:cf:9c:64:6a:de:c6:8c:1b:
9a:1d:91:58:fb:07:f6:0f:9e:a1:cb:a5:db:42:b2:
a0:52:37:7a:d5:5a:a5:a3:40:06:0b:64:37:2d:1d:
cc:61:8b:5e:c4:03:4d:f5:e2:73:c9:5d:42:df:c8:
86:bc:48:54:4e:cb:3d:e9:cd:3f:42:ee:20:75:6b:
a4:0b:78:55:cf:ec:e0:06:9f:09:fc:2b:82:66:39:
7c:52:e3:f6:9d:c3:c8:f6:d2:95:0b:3e:0f:dc:dd:
bf:db:7b:04:1a:09:39:de:63:b3:af:63:6f:e2:ad:
5c:09:15:80:58:9b:73:bb:71:e7:fd:b1:17:35:53:
1a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:89:B6:5E:78:44:E3:89:0C:E8:EB:62:43:E7:7E:C9:B2:B1:03:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:b6:bf:01:3c:21:b5:28:a3:ec:09:0a:7f:15:77:91:a0:d4:
88:f3:e0:72:99:03:5b:39:18:34:f5:0a:65:c1:7b:09:76:5e:
09:8c:25:ba:5e:08:c8:1c:27:02:ac:69:b8:45:1b:e1:13:92:
11:c6:0a:c3:c6:c4:d1:b4:ed:de:64:1b:f0:45:48:1d:30:38:
88:8e:95:37:1c:8b:f5:0d:db:20:24:e7:ff:50:d8:8a:b9:42:
fc:4f:af:fc:c7:66:c9:60:73:5e:13:1f:5b:3e:60:78:80:e4:
aa:03:fd:f3:02:d1:0c:1b:77:88:45:72:1c:9f:5e:51:ae:07:
63:fb:f3:9d:75:bd:2d:d5:98:5e:e5:f7:20:f3:8a:1c:15:32:
39:4a:5a:96:1b:dc:94:e7:5c:6c:ed:2d:64:11:46:e2:fb:ac:
a2:8c:9a:f9:04:24:2e:69:5e:be:4c:58:05:b6:a9:82:c8:5a:
00:16:bd:dc:a2:a7:21:aa:dc:17:50:91:a6:87:48:06:2d:97:
5d:bf:8f:06:ff:4f:6e:94:d1:90:9d:5c:94:c0:8a:b6:fa:7a:
f9:20:5e:e2:dd:0b:d2:55:ea:dd:41:2c:d4:a3:fd:cf:af:97:
ce:ae:2b:7b:a7:69:ed:75:97:32:5d:ea:07:50:1e:43:a5:00:
39:73:d8:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMOtB8P4wdEaYT3pujwFEdV4ByJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MTZjYTJjMTEzYjhhOTQ1NzgxN2Q5ZDY3YmQwMTM2M2Q2OTU1MWI1NmFl
ZGVlZmQ4YmI2Njc0Mjk4NWVmNGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXm47weOepF4JV3OG8uGTwFYXEHRolsYLUK/Ak2MMURVQE2Q6b7JkiVgSnB
mbLecDXDmzPQGuw7Kr77qsJ3eH+7h7Io133dCMsmMroTHwTHPsj4Rhyq61I1E2+B
GEIrlH6euJ88bJ9cvin1RIQDKHissYQ+9/2akIkoRHhM7M+cZGrexowbmh2RWPsH
9g+eocul20KyoFI3etVapaNABgtkNy0dzGGLXsQDTfXic8ldQt/IhrxIVE7LPenN
P0LuIHVrpAt4Vc/s4AafCfwrgmY5fFLj9p3DyPbSlQs+D9zdv9t7BBoJOd5js69j
b+KtXAkVgFibc7tx5/2xFzVTGmECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtibZe
eETjiQzo62JD537JsrEDnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjhhMmI0MmEtOWVhMy00ZThkLTkyZWMtZTg5YzljNDQ2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQCGtr8BPCG1KKPsCQp/FXeRoNSI8+BymQNbORg09Qpl
wXsJdl4JjCW6XgjIHCcCrGm4RRvhE5IRxgrDxsTRtO3eZBvwRUgdMDiIjpU3HIv1
DdsgJOf/UNiKuUL8T6/8x2bJYHNeEx9bPmB4gOSqA/3zAtEMG3eIRXIcn15Rrgdj
+/Oddb0t1Zhe5fcg84ocFTI5SlqWG9yU51xs7S1kEUbi+6yijJr5BCQuaV6+TFgF
tqmCyFoAFr3coqchqtwXUJGmh0gGLZddv48G/09ulNGQnVyUwIq2+nr5IF7i3QvS
VerdQSzUo/3Pr5fOrit7p2ntdZcyXeoHUB5DpQA5c9ht
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org