Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
File: c0680170-a405-45c9-bf7f-03cb2e587884.roa (raw, json)
Hash identifier: XMqHKEM1j72M5oW/dar7cQ/fhRsjpBIm+eQjov7qSNU=
Subject key identifier: B9:1E:D0:99:A0:58:14:FC:51:28:59:C8:9F:7D:FF:3C:20:9A:6F:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 105C407EBB453AFA0C6F2896153334605E6DD614
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:5c:40:7e:bb:45:3a:fa:0c:6f:28:96:15:33:34:60:5e:6d:d6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=5c163e22458829b38408482c00b953421872b56d0be4c50f033d8f553ed1d631, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ac:5e:fc:d0:72:5a:d2:77:45:b4:8e:c0:e9:
9e:bd:43:3c:f1:a6:fa:0d:ee:69:63:57:4b:c4:73:
07:96:0b:70:08:7d:dd:a3:f2:f6:30:8f:dc:a5:03:
b5:d6:bb:fe:ef:9b:ec:50:8e:cd:d2:b4:47:88:0b:
a1:be:8f:18:aa:a5:3e:44:a1:2e:9f:b2:5b:0e:fc:
dc:d6:13:e7:c7:c9:e8:4e:d0:19:14:22:90:32:da:
d1:06:d0:5c:89:b9:eb:cb:44:15:03:e4:fa:79:cf:
40:f3:72:b7:c0:80:04:2b:c5:26:b9:b3:92:5d:b3:
8b:33:fd:f6:9d:1a:31:c0:32:a9:96:08:14:5c:1a:
ae:2b:72:43:fc:8c:32:43:7c:1a:db:ea:43:48:02:
ac:5c:bf:4c:78:2b:25:4f:16:04:1f:81:a9:5a:ed:
2c:f0:6d:a7:99:c8:55:1f:40:7a:51:1d:a2:a1:34:
ce:77:bc:55:fc:99:01:d7:d5:f8:11:88:b7:a9:5e:
96:ef:e0:bf:e4:21:22:5b:b7:4f:e9:e5:db:72:35:
ca:82:0a:09:99:0d:e7:e9:29:9d:70:d3:ea:56:93:
1a:ec:88:9f:79:91:ff:10:57:9f:a6:14:d9:3f:0b:
0f:cd:f6:78:92:d9:e5:5c:17:4a:17:5f:fe:69:c2:
4b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1E:D0:99:A0:58:14:FC:51:28:59:C8:9F:7D:FF:3C:20:9A:6F:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:2b:49:fa:7b:ee:17:70:04:b6:d0:7f:93:b5:f8:ae:d0:69:
be:4f:41:08:e5:99:ec:18:a8:8f:f1:1b:78:c7:c0:0e:2c:9d:
6d:71:e3:7c:90:11:0c:13:dc:0b:1e:34:56:56:ca:81:00:1a:
59:79:0e:21:ae:a8:61:09:e1:3b:77:e0:ac:3f:f2:5a:01:3f:
56:08:be:af:52:fb:ff:06:a2:9a:67:3f:50:67:d3:d2:c0:6d:
9f:85:83:5e:41:38:36:37:b7:fe:09:20:fc:b6:03:44:dd:c7:
77:a0:ba:82:ef:50:c1:9c:47:61:ae:1c:95:68:81:74:28:71:
d4:4d:cb:1f:9e:d0:f6:72:76:b0:11:d2:02:b3:31:b3:af:dd:
10:5e:fb:a2:08:61:fe:8f:ef:10:85:22:31:c8:0e:8e:88:98:
d6:43:89:53:f3:5f:aa:7a:ee:c4:1f:12:9b:d8:07:e4:12:70:
23:61:b1:7f:4d:82:3d:bd:c6:dd:9c:ac:73:7e:d2:eb:b4:b9:
f1:db:88:f2:8c:e6:36:3d:64:d8:40:cf:fb:3a:36:9c:05:7e:
2c:e0:1a:d3:36:b7:6d:d8:6e:16:cb:95:c7:ca:27:a6:86:b7:
7d:11:8d:f9:08:1d:12:fe:1c:7b:e3:ab:55:2b:94:15:aa:e9:
0d:d5:34:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEFxAfrtFOvoMbyiWFTM0YF5t1hQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMTYzZTIyNDU4ODI5YjM4NDA4NDgyYzAwYjk1MzQyMTg3MmI1NmQwYmU0
YzUwZjAzM2Q4ZjU1M2VkMWQ2MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqsXvzQclrSd0W0jsDpnr1DPPGm+g3uaWNXS8RzB5YLcAh93aPy9jCP3KUD
tda7/u+b7FCOzdK0R4gLob6PGKqlPkShLp+yWw783NYT58fJ6E7QGRQikDLa0QbQ
XIm568tEFQPk+nnPQPNyt8CABCvFJrmzkl2zizP99p0aMcAyqZYIFFwarityQ/yM
MkN8GtvqQ0gCrFy/THgrJU8WBB+BqVrtLPBtp5nIVR9AelEdoqE0zne8VfyZAdfV
+BGIt6lelu/gv+QhIlu3T+nl23I1yoIKCZkN5+kpnXDT6laTGuyIn3mR/xBXn6YU
2T8LD832eJLZ5VwXShdf/mnCS4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5HtCZ
oFgU/FEoWcifff88IJpv0jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA2ODAxNzAtYTQwNS00NWM5LWJmN2YtMDNjYjJlNTg3ODg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQA3K0n6e+4XcAS20H+Ttfiu0Gm+T0EI5ZnsGKiP8Rt4
x8AOLJ1tceN8kBEME9wLHjRWVsqBABpZeQ4hrqhhCeE7d+CsP/JaAT9WCL6vUvv/
BqKaZz9QZ9PSwG2fhYNeQTg2N7f+CSD8tgNE3cd3oLqC71DBnEdhrhyVaIF0KHHU
TcsfntD2cnawEdICszGzr90QXvuiCGH+j+8QhSIxyA6OiJjWQ4lT81+qeu7EHxKb
2AfkEnAjYbF/TYI9vcbdnKxzftLrtLnx24jyjOY2PWTYQM/7OjacBX4s4BrTNrdt
2G4Wy5XHyiemhrd9EY35CB0S/hx746tVK5QVqukN1TTd
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org