Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
File: ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa (raw, json)
Hash identifier: xwJEk4WL1VeFNkod4fJ9aFquxtiF2AjBRhrf98BkJW0=
Subject key identifier: EB:E1:B5:D3:A2:82:BC:5A:70:AA:1A:A8:27:92:95:74:93:04:AC:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 553863BDB29B6CCA3176D44233C53B606F18CFDE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:38:63:bd:b2:9b:6c:ca:31:76:d4:42:33:c5:3b:60:6f:18:cf:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=f00e27cdc5addc2d7aafaf4288554d852a1322abcb46d5ffbff9d2acb793384c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:28:68:9d:01:4c:3c:bb:56:c8:bb:4e:f7:36:
45:17:27:63:58:fe:59:ab:05:ef:0d:05:25:20:26:
d1:68:33:46:b3:b0:df:41:68:7b:c6:32:85:28:8b:
e7:7c:8f:2c:a8:de:7d:ff:64:7f:7a:af:04:ab:a0:
bd:60:2c:60:40:d1:c4:2e:45:18:7c:71:1f:b2:c3:
4f:f4:20:91:e2:35:49:81:24:25:59:6f:0f:f7:81:
00:23:70:44:08:42:b5:8f:59:de:26:8e:ed:ff:50:
21:8f:c0:03:29:64:4b:54:4d:eb:cf:1c:5e:b3:9d:
92:aa:86:f3:5b:dc:95:c3:5a:53:81:5b:fb:91:96:
38:5e:3e:46:2a:fe:29:cf:8f:b0:bd:7b:51:81:38:
d0:3e:c9:be:dd:dd:c2:49:5f:78:53:f4:a7:c9:cd:
57:41:f2:ff:f1:c3:b7:dc:19:41:ad:b1:b6:78:e1:
89:1a:2e:aa:35:b4:71:78:a8:a7:47:cc:43:7f:cf:
88:76:a3:f1:96:f8:4d:28:cd:bb:df:13:07:00:34:
92:dd:a2:c1:c2:5e:80:4c:d9:ba:ed:b3:85:85:36:
bb:c7:37:9d:f4:c3:49:8b:7a:13:c2:5d:33:eb:a5:
06:19:57:a9:1b:ec:01:6e:b5:36:41:ab:68:6c:e7:
3a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E1:B5:D3:A2:82:BC:5A:70:AA:1A:A8:27:92:95:74:93:04:AC:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:56:63:e5:14:48:79:c8:51:c2:8f:1a:39:3f:a3:96:8d:39:
b1:46:bb:e8:30:4a:cc:ce:b5:f0:e8:4a:b9:3b:2b:d5:55:ff:
74:a8:c5:0e:34:bf:57:76:b9:9c:fd:62:ad:1f:ec:29:19:22:
89:7d:7e:78:de:7e:bb:72:a8:ea:a4:c0:75:e5:67:11:4a:40:
98:5f:a3:bc:b3:ca:97:2c:d8:ec:a1:6b:a4:9d:b8:16:b9:67:
f2:ae:f6:92:bf:f2:34:03:50:ee:e7:2d:a4:f3:dc:2f:10:12:
51:db:0f:cd:58:c1:6f:fc:cb:8b:12:01:5e:b6:ed:e9:9a:47:
17:2e:56:76:c3:92:e7:12:3b:3b:1a:6b:0f:eb:ab:bc:e5:b3:
c8:4e:15:05:4e:c6:90:3d:9a:64:9d:bd:e1:e5:b3:0d:14:ff:
57:fc:30:7d:97:e1:fd:36:2a:65:da:ba:a9:43:7f:c3:4f:0f:
7d:be:55:fa:ed:6c:04:3f:a9:95:45:39:89:f4:2e:8f:6a:1a:
44:c3:aa:3d:8d:1f:3e:ae:99:32:4f:2b:ef:80:19:9d:00:4f:
9f:7e:d5:63:a6:d0:22:f0:b7:9d:b8:00:89:60:91:bc:d0:0a:
10:01:22:ba:99:7c:96:6d:1a:d4:6a:a0:82:65:8b:0a:cb:6c:
a5:22:f5:5b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVThjvbKbbMoxdtRCM8U7YG8Yz94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwMGUyN2NkYzVhZGRjMmQ3YWFmYWY0Mjg4NTU0ZDg1MmExMzIyYWJjYjQ2
ZDVmZmJmZjlkMmFjYjc5MzM4NGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIoaJ0BTDy7Vsi7Tvc2RRcnY1j+WasF7w0FJSAm0WgzRrOw30Foe8YyhSiL
53yPLKjeff9kf3qvBKugvWAsYEDRxC5FGHxxH7LDT/QgkeI1SYEkJVlvD/eBACNw
RAhCtY9Z3iaO7f9QIY/AAylkS1RN688cXrOdkqqG81vclcNaU4Fb+5GWOF4+Rir+
Kc+PsL17UYE40D7Jvt3dwklfeFP0p8nNV0Hy//HDt9wZQa2xtnjhiRouqjW0cXio
p0fMQ3/PiHaj8Zb4TSjNu98TBwA0kt2iwcJegEzZuu2zhYU2u8c3nfTDSYt6E8Jd
M+ulBhlXqRvsAW61NkGraGznOkECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTr4bXT
ooK8WnCqGqgnkpV0kwSsXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYxYTAzMmMtNmI0YS00ZjRiLWFjMGUtODk2MjQwNThiMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBrVmPlFEh5yFHCjxo5P6OWjTmxRrvoMErMzrXw6Eq5
OyvVVf90qMUONL9Xdrmc/WKtH+wpGSKJfX543n67cqjqpMB15WcRSkCYX6O8s8qX
LNjsoWuknbgWuWfyrvaSv/I0A1Du5y2k89wvEBJR2w/NWMFv/MuLEgFetu3pmkcX
LlZ2w5LnEjs7GmsP66u85bPIThUFTsaQPZpknb3h5bMNFP9X/DB9l+H9Nipl2rqp
Q3/DTw99vlX67WwEP6mVRTmJ9C6PahpEw6o9jR8+rpkyTyvvgBmdAE+fftVjptAi
8LeduACJYJG80AoQASK6mXyWbRrUaqCCZYsKy2ylIvVb
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org