Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa
File: d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa (raw, json)
Hash identifier: K/NhwyOTxFJfR5iBsf6pA0E8RmDyp/kJcqVYsk0bOjU=
Subject key identifier: CE:4F:88:3C:B6:35:86:5B:59:AE:CD:C6:A7:88:ED:60:B2:82:70:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6377FC5280DAA3AFDABE028CC4B054748CFAA7FE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:77:fc:52:80:da:a3:af:da:be:02:8c:c4:b0:54:74:8c:fa:a7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=e3d901fc7268f402e91dfa09d5d5a2051105cb2a05f2776fc193c7e76e1a4887, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:62:03:41:76:3d:ed:68:4a:bd:f5:fb:e7:2a:
2e:c2:1c:6c:8d:83:39:a4:97:3b:dc:08:b4:e7:f3:
76:6e:4d:0d:d1:ab:a5:1d:69:8c:3e:b6:10:e6:8d:
e6:07:22:26:56:0d:85:8b:6d:ed:76:8e:a6:d1:c5:
ab:f6:1e:f0:f9:64:7e:dd:ad:ff:23:58:86:f9:20:
90:14:c2:25:d5:06:65:d3:22:1e:61:e1:64:02:88:
ae:d6:58:49:37:96:2a:8a:d8:01:27:2d:38:68:46:
84:4b:31:bb:14:bc:df:b8:eb:2b:53:21:4e:35:85:
44:8b:22:67:c7:51:4f:be:f2:f0:0c:e7:f6:5c:7b:
5c:19:8c:d5:26:ea:ea:29:96:b9:d5:9a:5b:74:3d:
a7:53:1d:f7:c0:1b:e0:3f:9e:be:65:3a:3b:18:d1:
94:19:c6:aa:07:cd:70:61:e5:81:e6:4f:14:22:0b:
bf:ac:df:71:aa:8b:39:01:09:3c:87:ed:d3:b6:3b:
86:4c:18:06:32:fe:02:ba:86:ff:41:04:da:7e:9c:
99:9d:2f:6b:ce:f5:8b:7a:99:8c:8b:89:15:85:c1:
e3:74:e8:6f:3f:a7:11:46:d0:09:91:b0:5a:bc:ee:
f9:11:c5:4c:86:7a:1b:26:28:f8:05:be:55:4d:08:
05:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4F:88:3C:B6:35:86:5B:59:AE:CD:C6:A7:88:ED:60:B2:82:70:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d1041a1c-b1fc-47a9-8ff6-bd37619381f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:a8:71:95:10:46:92:23:50:b2:27:a3:0a:c8:8d:83:9d:e1:
6b:9a:29:85:bb:c9:9c:dc:f4:78:93:f7:b1:f6:8d:4f:3c:bc:
c7:6a:d0:28:3f:ac:b6:58:0c:91:46:d5:4c:ad:5e:89:1c:06:
27:57:f4:22:28:c1:1c:16:4c:1d:a7:0c:2b:c6:59:f1:a5:89:
2f:8d:46:83:a3:bc:55:57:3a:49:d1:cf:4e:e1:a6:fd:ec:f3:
b8:d3:ac:73:e1:0c:ff:c2:41:af:76:fe:e7:de:30:2b:e0:65:
1e:01:94:ca:27:ba:2c:09:1b:34:28:b7:2a:65:3b:76:dd:b3:
f8:01:91:c5:b7:4e:b5:77:d0:78:b4:7e:fa:7a:28:62:5e:35:
5d:ef:46:89:46:3a:fc:bc:84:28:f5:f7:35:b3:cc:58:13:6b:
db:61:b0:c4:5a:71:60:19:bf:dd:92:3b:99:31:bb:9d:e7:d2:
9e:75:59:57:37:85:4c:93:a4:a9:9e:a9:71:7d:3f:fb:7a:ef:
55:53:17:e9:23:6e:18:11:00:05:fe:a7:4f:95:da:3c:6d:bd:
a1:3b:ac:42:54:ac:a6:c6:e1:35:d5:d6:71:a1:56:a1:13:36:
dc:c3:29:14:25:01:14:24:38:24:55:f4:8d:64:9e:3c:90:ba:
36:3a:14:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY3f8UoDao6/avgKMxLBUdIz6p/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzZDkwMWZjNzI2OGY0MDJlOTFkZmEwOWQ1ZDVhMjA1MTEwNWNiMmEwNWYy
Nzc2ZmMxOTNjN2U3NmUxYTQ4ODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxiA0F2Pe1oSr31++cqLsIcbI2DOaSXO9wItOfzdm5NDdGrpR1pjD62EOaN
5gciJlYNhYtt7XaOptHFq/Ye8Plkft2t/yNYhvkgkBTCJdUGZdMiHmHhZAKIrtZY
STeWKorYASctOGhGhEsxuxS837jrK1MhTjWFRIsiZ8dRT77y8Azn9lx7XBmM1Sbq
6imWudWaW3Q9p1Md98Ab4D+evmU6OxjRlBnGqgfNcGHlgeZPFCILv6zfcaqLOQEJ
PIft07Y7hkwYBjL+ArqG/0EE2n6cmZ0va871i3qZjIuJFYXB43Tobz+nEUbQCZGw
Wrzu+RHFTIZ6GyYo+AW+VU0IBXkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOT4g8
tjWGW1muzcaniO1gsoJwVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEwNDFhMWMtYjFmYy00N2E5LThmZjYtYmQzNzYxOTM4MWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQCuqHGVEEaSI1CyJ6MKyI2DneFrmimFu8mc3PR4k/ex
9o1PPLzHatAoP6y2WAyRRtVMrV6JHAYnV/QiKMEcFkwdpwwrxlnxpYkvjUaDo7xV
VzpJ0c9O4ab97PO406xz4Qz/wkGvdv7n3jAr4GUeAZTKJ7osCRs0KLcqZTt23bP4
AZHFt061d9B4tH76eihiXjVd70aJRjr8vIQo9fc1s8xYE2vbYbDEWnFgGb/dkjuZ
Mbud59KedVlXN4VMk6SpnqlxfT/7eu9VUxfpI24YEQAF/qdPldo8bb2hO6xCVKym
xuE11dZxoVahEzbcwykUJQEUJDgkVfSNZJ48kLo2OhR3
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org