Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: 9rdPI0y1+h5NqmDhV/rxem2tnqcWK+8VTo7ztx/p44c=
Subject key identifier: 8B:9A:8E:89:C4:5B:FC:92:87:76:F2:15:53:AB:33:3A:F4:5E:E9:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C44FFA4F8134AFE6B8796006595D3C5B1E3851B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:44:ff:a4:f8:13:4a:fe:6b:87:96:00:65:95:d3:c5:b1:e3:85:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2e5f825b09d24649c9a6d9534b86a3d23f4532f4c8906e487078d22012a49eb8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:1b:8a:ae:9b:6c:71:f8:ea:ca:ef:f3:4e:
73:75:50:ad:a2:00:38:5e:95:cd:61:f5:be:b8:83:
74:ad:27:9e:af:16:2b:40:69:53:33:f1:7c:91:1f:
9f:bc:2d:de:23:f1:89:41:48:16:6f:19:6e:ba:0a:
45:9c:f6:b3:a1:5d:90:f8:54:37:d8:b1:32:3b:6c:
52:db:23:ba:d5:45:59:c5:10:3d:26:5c:30:d3:9a:
11:c9:a8:bf:56:73:4b:57:37:a0:c5:8b:ba:20:e6:
b2:78:db:dd:f5:8a:f8:a6:f4:0c:45:bb:ea:e4:d2:
cb:8b:19:71:9b:ef:65:ed:83:d5:49:0e:0a:83:5d:
df:a3:b5:9a:5f:96:5a:e7:e5:e1:c9:44:e2:ba:f5:
42:ac:76:a3:03:1f:1b:84:6f:6d:5b:f8:00:a5:65:
ba:c9:00:8d:1b:6f:1e:2c:f4:c6:9b:be:d8:b9:66:
1d:d6:36:15:37:fa:8e:95:02:65:56:46:c2:06:3a:
ac:8b:e4:47:0c:c4:d3:12:6d:d6:01:ca:f6:50:74:
70:cc:56:e2:29:2f:3c:0a:b4:95:b4:e5:97:8c:1b:
c0:2c:06:4f:53:3f:36:ed:1c:ef:2e:51:90:11:41:
4f:0f:5c:3f:9e:e2:fe:b8:73:4e:79:51:f0:6d:c6:
2a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9A:8E:89:C4:5B:FC:92:87:76:F2:15:53:AB:33:3A:F4:5E:E9:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:5c:84:65:0b:df:fe:da:96:f4:2b:82:74:a2:4c:20:ff:29:
be:56:46:83:32:72:0c:52:e9:e2:a8:c8:7f:73:14:02:05:3f:
21:5c:1d:0c:54:06:fa:b9:29:e6:99:2d:9f:94:0f:5c:f6:dc:
41:3e:19:dd:80:4c:96:cd:3f:68:2a:0d:ec:4d:57:13:8b:88:
aa:c7:de:fc:aa:5f:e7:5e:70:a9:e7:b5:bb:3f:9c:45:55:35:
5b:8b:30:2c:d2:e8:81:2f:96:91:5a:75:c1:d4:ba:ef:19:4e:
1f:c8:37:41:02:22:3b:38:00:3a:0f:a2:dc:10:24:49:2d:c6:
ca:05:97:27:01:35:4f:e5:52:c8:37:b4:88:bb:d2:80:42:7b:
9f:bd:7f:8c:26:54:f0:b9:5b:03:e6:3b:25:7f:be:c7:7d:e0:
0e:48:85:60:f4:b3:15:68:ec:7a:f5:f8:39:40:dd:08:dd:ea:
00:6e:2e:c0:8e:d9:38:6a:e9:db:ea:08:b9:2a:54:9d:e4:66:
2d:5c:dd:44:fa:1c:38:5d:18:e8:e2:9b:ee:cb:cb:f9:c5:d4:
9d:09:70:31:44:57:64:e2:7b:98:3f:5f:a0:fb:ca:10:9a:75:
59:aa:fc:00:ba:38:17:52:7f:fa:44:b5:d1:dc:49:05:a7:73:
b8:a6:cf:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHET/pPgTSv5rh5YAZZXTxbHjhRswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlNWY4MjViMDlkMjQ2NDljOWE2ZDk1MzRiODZhM2QyM2Y0NTMyZjRjODkw
NmU0ODcwNzhkMjIwMTJhNDllYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYjG4qum2xx+OrK7/NOc3VQraIAOF6VzWH1vriDdK0nnq8WK0BpUzPxfJEf
n7wt3iPxiUFIFm8ZbroKRZz2s6FdkPhUN9ixMjtsUtsjutVFWcUQPSZcMNOaEcmo
v1ZzS1c3oMWLuiDmsnjb3fWK+Kb0DEW76uTSy4sZcZvvZe2D1UkOCoNd36O1ml+W
Wufl4clE4rr1Qqx2owMfG4RvbVv4AKVluskAjRtvHiz0xpu+2LlmHdY2FTf6jpUC
ZVZGwgY6rIvkRwzE0xJt1gHK9lB0cMxW4ikvPAq0lbTll4wbwCwGT1M/Nu0c7y5R
kBFBTw9cP57i/rhzTnlR8G3GKlMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSLmo6J
xFv8kod28hVTqzM69F7ptDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQAKXIRlC9/+2pb0K4J0okwg/ym+VkaDMnIMUuniqMh/
cxQCBT8hXB0MVAb6uSnmmS2flA9c9txBPhndgEyWzT9oKg3sTVcTi4iqx978ql/n
XnCp57W7P5xFVTVbizAs0uiBL5aRWnXB1LrvGU4fyDdBAiI7OAA6D6LcECRJLcbK
BZcnATVP5VLIN7SIu9KAQnufvX+MJlTwuVsD5jslf77HfeAOSIVg9LMVaOx69fg5
QN0I3eoAbi7Ajtk4aunb6gi5KlSd5GYtXN1E+hw4XRjo4pvuy8v5xdSdCXAxRFdk
4nuYP1+g+8oQmnVZqvwAujgXUn/6RLXR3EkFp3O4ps+d
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org