Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/197a8641-5e8c-47f5-b202-941d73190653.roa
File: 197a8641-5e8c-47f5-b202-941d73190653.roa (raw, json)
Hash identifier: Th4MqRvmvtTIdVHtr3VE2JmzDqhSRfkCgZopkuQZlGw=
Subject key identifier: B2:60:F9:E1:E5:2B:B7:CB:C2:5D:2B:13:51:8C:97:88:75:B4:30:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B0EA968C3934D806F077529AAFA31E05FB5052C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/197a8641-5e8c-47f5-b202-941d73190653.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:0e:a9:68:c3:93:4d:80:6f:07:75:29:aa:fa:31:e0:5f:b5:05:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=ba3e9f9c52b96fc058d49c799b6e761e5926623260398f807d499d9c1c452a71, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:eb:84:57:62:09:21:b4:a4:19:ee:79:cf:4a:
40:af:90:ab:d5:22:ec:b7:e0:f1:35:3a:3d:db:54:
3c:6a:e2:b3:bd:0c:c0:d3:3e:99:03:4b:7c:e8:89:
66:c8:0d:95:42:86:06:9d:8a:0b:73:65:df:6b:0b:
c8:64:88:61:00:97:dd:76:b5:29:9b:25:62:19:79:
ee:4d:cb:21:aa:1b:f8:77:0c:3e:19:87:87:08:c3:
e3:3c:0f:db:43:86:db:79:50:e2:f5:91:fb:6b:79:
26:97:f6:d7:65:3f:07:98:f8:94:88:56:88:05:7a:
d7:83:98:f8:6e:92:f0:5b:b7:a5:c1:b9:b8:cd:f2:
d5:92:e2:a0:51:e7:d4:0d:57:5a:01:7a:21:c3:85:
27:1e:a2:7a:ba:3f:c8:4a:55:88:dd:35:00:63:49:
4a:74:23:2c:00:db:43:8a:b7:5a:35:f6:63:db:5c:
37:6f:99:93:f2:e3:3e:e8:5f:1a:f5:b5:7e:f7:e4:
0a:5a:81:c5:65:a6:3f:49:b0:b1:a1:d0:1e:74:c0:
56:09:ed:7b:49:6d:ac:6a:56:06:b4:ee:c2:7e:d3:
36:ac:23:b1:b6:ba:cf:e2:4e:42:e0:58:d8:0e:cc:
28:a9:4b:2f:76:81:c6:bb:4c:cf:28:15:46:29:f1:
5d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:60:F9:E1:E5:2B:B7:CB:C2:5D:2B:13:51:8C:97:88:75:B4:30:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/197a8641-5e8c-47f5-b202-941d73190653.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:89:9e:db:94:63:bc:5c:4a:f5:3f:b5:ae:e4:df:13:1d:83:
74:24:02:46:89:a7:58:db:bd:35:c9:ba:cd:c8:ae:0e:be:9d:
92:eb:70:11:8c:de:72:ce:3b:d8:ae:1a:19:51:9f:a6:f4:d2:
eb:e0:76:c6:c4:04:13:cb:e7:8e:9c:fd:5d:ef:da:9b:ec:e0:
a0:97:0a:f4:9d:2f:a4:69:cd:5c:4b:a1:de:b3:3b:be:70:5b:
e8:1e:05:6e:c6:f0:9f:c5:ee:2a:81:70:c2:9a:9e:5d:1f:6a:
02:7e:8f:58:5c:08:49:e1:fd:43:ce:c4:19:ea:5c:16:cf:61:
45:7d:75:8f:e4:75:7b:8a:5b:f1:fe:06:0e:0e:f7:25:be:90:
65:7b:ac:1a:39:5d:0d:af:d7:d9:c0:2a:76:6c:2c:c9:0b:2b:
bb:38:a3:e5:4d:23:73:97:d8:2a:d9:f7:a4:fd:c9:a3:9f:c8:
5e:6a:40:6c:62:62:e8:43:e7:60:e0:4f:72:1c:76:7f:74:60:
56:80:26:0a:ad:49:7f:a0:aa:5f:cb:aa:a5:fd:9d:1b:a3:65:
e2:8c:fc:6b:24:f5:9c:5f:12:13:cc:b5:00:aa:5f:7c:82:5a:
78:3c:ed:37:19:27:23:79:64:8f:00:06:83:fb:6b:c2:df:26:
30:42:97:44
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaw6paMOTTYBvB3Upqvox4F+1BSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhM2U5ZjljNTJiOTZmYzA1OGQ0OWM3OTliNmU3NjFlNTkyNjYyMzI2MDM5
OGY4MDdkNDk5ZDljMWM0NTJhNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLrhFdiCSG0pBnuec9KQK+Qq9Ui7Lfg8TU6PdtUPGris70MwNM+mQNLfOiJ
ZsgNlUKGBp2KC3Nl32sLyGSIYQCX3Xa1KZslYhl57k3LIaob+HcMPhmHhwjD4zwP
20OG23lQ4vWR+2t5Jpf212U/B5j4lIhWiAV614OY+G6S8Fu3pcG5uM3y1ZLioFHn
1A1XWgF6IcOFJx6iero/yEpViN01AGNJSnQjLADbQ4q3WjX2Y9tcN2+Zk/LjPuhf
GvW1fvfkClqBxWWmP0mwsaHQHnTAVgnte0ltrGpWBrTuwn7TNqwjsba6z+JOQuBY
2A7MKKlLL3aBxrtMzygVRinxXU0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSyYPnh
5Su3y8JdKxNRjJeIdbQwxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTk3YTg2NDEtNWU4Yy00N2Y1LWIyMDItOTQxZDczMTkwNjUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQCmiZ7blGO8XEr1P7Wu5N8THYN0JAJGiadY2701ybrN
yK4Ovp2S63ARjN5yzjvYrhoZUZ+m9NLr4HbGxAQTy+eOnP1d79qb7OCglwr0nS+k
ac1cS6Heszu+cFvoHgVuxvCfxe4qgXDCmp5dH2oCfo9YXAhJ4f1DzsQZ6lwWz2FF
fXWP5HV7ilvx/gYODvclvpBle6waOV0Nr9fZwCp2bCzJCyu7OKPlTSNzl9gq2fek
/cmjn8heakBsYmLoQ+dg4E9yHHZ/dGBWgCYKrUl/oKpfy6ql/Z0bo2XijPxrJPWc
XxITzLUAql98glp4PO03GScjeWSPAAaD+2vC3yYwQpdE
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org