Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: 42glD0VkoIxxrlAsgj0gBDz/eP6dLq5TSWndU8l/iU0=
Subject key identifier: 05:5A:EF:C8:72:BE:59:B6:16:24:FD:FA:BE:DE:92:72:BD:7C:0B:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 204445BCF710BF044C802B4BC3BCDF304880A1C9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:44:45:bc:f7:10:bf:04:4c:80:2b:4b:c3:bc:df:30:48:80:a1:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=9c486c84482603c235b23ac758c60d63592c7f640c4aa6fa73ff740f32f0d3af, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a3:bf:40:92:82:4f:f8:eb:4a:53:78:c3:0a:
24:43:a2:a0:28:bf:77:8d:3a:fb:ab:78:b0:46:e7:
84:db:d4:f8:fa:78:d1:fe:69:4c:29:61:ef:80:bd:
89:31:7e:b3:56:89:85:57:40:e6:d6:79:31:1b:49:
b2:d3:9f:f9:a2:3e:7b:99:37:53:7b:b3:0f:06:c6:
b7:17:e7:0f:52:6d:bf:a8:97:56:7b:e3:2e:cb:3a:
b9:a5:2d:76:0f:40:37:3c:04:8a:da:06:e1:f9:3f:
8f:89:b9:0b:f3:b7:bf:2e:b1:37:4f:4b:8a:03:41:
f0:c1:9f:a7:90:0b:b9:6e:da:b7:aa:54:ba:ff:e9:
38:5a:cc:48:82:eb:08:8a:c9:e8:a2:1b:82:31:44:
1b:0e:b4:c3:fb:db:3b:a6:51:1a:eb:5d:9d:3d:1d:
f1:df:76:a0:2e:d0:17:1f:07:76:54:0e:5e:e7:7b:
c5:e2:ae:e8:45:7c:10:dc:a7:8c:29:85:bb:07:cb:
c8:65:61:7a:f2:68:00:32:ef:e5:13:a9:74:09:13:
06:c8:34:02:ae:7d:b2:84:2e:5f:b9:2c:30:47:53:
82:f5:e4:eb:7f:8f:24:29:25:28:52:83:b9:ed:56:
8f:d7:39:3b:99:41:89:bb:de:f8:b4:74:07:40:d9:
c3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5A:EF:C8:72:BE:59:B6:16:24:FD:FA:BE:DE:92:72:BD:7C:0B:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:71:03:2c:39:69:9b:81:a4:69:05:66:e4:4d:b2:d3:33:f6:
42:e8:49:ec:3c:6e:bb:1d:1c:f9:18:d3:2e:4d:5a:81:e5:e7:
1a:2b:d1:ce:ab:9d:60:b3:4a:3e:df:08:1c:fa:5d:10:3b:d5:
6e:e0:a7:8a:54:cc:88:57:aa:0f:28:56:1e:c9:ba:6a:9e:a1:
19:71:70:84:c4:c2:e8:59:d6:25:a7:4e:10:bd:f2:a2:b5:5d:
c9:fd:1b:f0:f6:49:e3:8d:a3:b3:13:6a:7c:2d:b1:c0:dd:e6:
ab:70:d5:6f:67:e9:6d:ca:a9:cd:e6:f5:59:29:7f:a0:42:a7:
bc:1d:d9:7a:dd:10:7e:2c:b4:21:5d:ac:12:9c:d3:4f:40:ea:
05:90:41:61:ae:7c:79:5b:03:7b:dc:b1:ca:1b:84:68:4d:ac:
11:6e:c9:87:8f:fa:6e:c0:df:57:bb:b9:5c:23:a1:6f:36:59:
a6:a5:bc:01:be:1b:3c:70:7d:d3:96:3e:f1:05:a9:7d:a8:b2:
93:79:fb:80:4f:2d:94:08:0c:32:7c:a5:0e:7e:14:c3:5d:17:
7b:51:9c:a0:5d:61:9a:cb:c1:36:d4:1a:96:6c:09:7f:d2:d4:
57:d5:19:db:0f:0e:b1:3b:43:82:2c:00:bc:45:69:d4:77:24:
c8:1b:fb:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIERFvPcQvwRMgCtLw7zfMEiAockwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDljNDg2Yzg0NDgyNjAzYzIzNWIyM2FjNzU4YzYwZDYzNTkyYzdmNjQwYzRh
YTZmYTczZmY3NDBmMzJmMGQzYWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOjv0CSgk/460pTeMMKJEOioCi/d406+6t4sEbnhNvU+Pp40f5pTClh74C9
iTF+s1aJhVdA5tZ5MRtJstOf+aI+e5k3U3uzDwbGtxfnD1Jtv6iXVnvjLss6uaUt
dg9ANzwEitoG4fk/j4m5C/O3vy6xN09LigNB8MGfp5ALuW7at6pUuv/pOFrMSILr
CIrJ6KIbgjFEGw60w/vbO6ZRGutdnT0d8d92oC7QFx8HdlQOXud7xeKu6EV8ENyn
jCmFuwfLyGVhevJoADLv5ROpdAkTBsg0Aq59soQuX7ksMEdTgvXk63+PJCklKFKD
ue1Wj9c5O5lBibve+LR0B0DZw/ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFWu/I
cr5ZthYk/fq+3pJyvXwLLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQB2cQMsOWmbgaRpBWbkTbLTM/ZC6EnsPG67HRz5GNMu
TVqB5ecaK9HOq51gs0o+3wgc+l0QO9Vu4KeKVMyIV6oPKFYeybpqnqEZcXCExMLo
WdYlp04QvfKitV3J/Rvw9knjjaOzE2p8LbHA3earcNVvZ+ltyqnN5vVZKX+gQqe8
Hdl63RB+LLQhXawSnNNPQOoFkEFhrnx5WwN73LHKG4RoTawRbsmHj/puwN9Xu7lc
I6FvNlmmpbwBvhs8cH3Tlj7xBal9qLKTefuATy2UCAwyfKUOfhTDXRd7UZygXWGa
y8E21BqWbAl/0tRX1RnbDw6xO0OCLAC8RWnUdyTIG/tD
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org