Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
File: 55eb1295-2121-40dc-bdd3-a11a68da507a.roa (raw, json)
Hash identifier: Mv3POV7F95i/fB1aQsfAfRJJZoHy3DPtBxGCdU8dnho=
Subject key identifier: F6:36:0C:96:74:7A:E6:51:88:4D:3A:47:D2:24:88:10:78:E9:D9:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 039CB3BFA24B7BE7068C6013C37FB70D0FD250FB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:9c:b3:bf:a2:4b:7b:e7:06:8c:60:13:c3:7f:b7:0d:0f:d2:50:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=20a4e42d94027a3082af5799e5a76df22e038ac766312ba096460584d892f3c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f3:a2:45:19:f7:9a:90:2b:30:5d:b6:65:9e:
31:d9:f9:58:90:9d:54:3f:51:e0:d6:f8:33:19:c7:
67:99:ee:53:4c:bc:80:30:fc:19:ce:78:03:3c:98:
c7:6f:e4:36:0c:9c:76:b1:01:ba:ff:e1:d8:ea:88:
30:92:b9:75:0d:57:9f:7a:ec:04:54:43:9c:43:09:
97:fa:5c:5e:62:41:55:09:83:92:5b:5c:1f:ca:e1:
d9:6d:ce:9f:09:b9:4e:4b:05:58:4b:00:15:91:d4:
6c:60:7d:a4:19:7f:db:95:34:92:bb:4a:4e:10:c1:
6d:55:f9:87:4d:2f:09:16:92:a0:ca:b3:f3:ce:a3:
e7:b8:de:47:5d:28:36:cd:5d:b8:e7:a6:08:c6:da:
25:24:f0:18:3a:7b:b7:fc:82:76:06:96:d9:9e:b8:
ee:4d:58:de:90:b3:68:f7:f9:3c:cf:6e:c3:62:75:
24:40:f1:0c:d8:7c:ed:59:ca:e4:79:c1:3c:16:31:
2c:41:7c:fa:1b:3f:e3:e1:45:43:dc:dc:bd:11:c3:
59:fa:90:1c:7f:23:38:a0:19:2b:4d:b7:b7:d0:49:
b1:2e:f1:bb:42:17:21:ab:db:71:fb:c2:13:54:79:
59:52:b6:54:cf:5c:7d:74:31:e6:a7:dc:88:34:17:
fd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:36:0C:96:74:7A:E6:51:88:4D:3A:47:D2:24:88:10:78:E9:D9:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
2f:a9:b3:7c:69:32:2d:3d:83:6a:b4:5c:5e:1b:b9:28:ea:95:
03:8c:03:51:f2:c3:9a:8b:e5:1b:8f:b6:50:e1:72:59:00:78:
0b:74:d3:5d:37:a3:c2:a1:74:92:58:af:dd:e1:14:70:8c:4f:
81:14:f5:ea:c5:28:4c:8b:a9:76:05:4f:1a:e0:df:0a:8e:f4:
00:19:ea:42:2e:44:4f:8c:5d:ea:cd:e6:78:30:56:26:08:d5:
d4:05:57:fe:de:42:25:9f:a0:70:dd:8b:10:f1:dd:dc:8e:8c:
3f:8c:a2:3e:4d:fb:b8:2d:80:af:b3:e6:7e:88:e3:8e:d5:66:
50:51:c1:bf:0a:d4:b3:e3:17:f0:2d:4d:2a:14:64:10:10:dc:
0e:fa:82:ae:8e:4a:7f:af:ae:61:1c:24:bd:5d:5a:1c:6a:fa:
c8:83:2f:1f:0b:2d:4c:c0:ad:d2:98:40:01:0a:e2:20:97:bb:
ed:21:7f:9b:8d:49:af:de:5f:4a:97:2c:a9:66:e4:56:6a:29:
b8:39:eb:53:fb:4d:da:a0:7e:c1:c4:7c:e1:8a:6c:c3:e7:90:
4f:7d:f2:39:55:9d:b7:19:29:17:a1:1c:8e:df:18:51:2e:c9:
e9:7c:30:d1:41:31:cb:bd:62:08:3f:40:61:13:72:d8:8a:74:
6c:90:32:77
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA5yzv6JLe+cGjGATw3+3DQ/SUPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwYTRlNDJkOTQwMjdhMzA4MmFmNTc5OWU1YTc2ZGYyMmUwMzhhYzc2NjMx
MmJhMDk2NDYwNTg0ZDg5MmYzYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXzokUZ95qQKzBdtmWeMdn5WJCdVD9R4Nb4MxnHZ5nuU0y8gDD8Gc54AzyY
x2/kNgycdrEBuv/h2OqIMJK5dQ1Xn3rsBFRDnEMJl/pcXmJBVQmDkltcH8rh2W3O
nwm5TksFWEsAFZHUbGB9pBl/25U0krtKThDBbVX5h00vCRaSoMqz886j57jeR10o
Ns1duOemCMbaJSTwGDp7t/yCdgaW2Z647k1Y3pCzaPf5PM9uw2J1JEDxDNh87VnK
5HnBPBYxLEF8+hs/4+FFQ9zcvRHDWfqQHH8jOKAZK023t9BJsS7xu0IXIavbcfvC
E1R5WVK2VM9cfXQx5qfciDQX/b0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT2NgyW
dHrmUYhNOkfSJIgQeOnZOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTVlYjEyOTUtMjEyMS00MGRjLWJkZDMtYTExYTY4ZGE1MDdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAL6mzfGkyLT2DarRcXhu5KOqVA4wDUfLDmovlG4+2
UOFyWQB4C3TTXTejwqF0kliv3eEUcIxPgRT16sUoTIupdgVPGuDfCo70ABnqQi5E
T4xd6s3meDBWJgjV1AVX/t5CJZ+gcN2LEPHd3I6MP4yiPk37uC2Ar7PmfojjjtVm
UFHBvwrUs+MX8C1NKhRkEBDcDvqCro5Kf6+uYRwkvV1aHGr6yIMvHwstTMCt0phA
AQriIJe77SF/m41Jr95fSpcsqWbkVmopuDnrU/tN2qB+wcR84Ypsw+eQT33yOVWd
txkpF6Ecjt8YUS7J6Xww0UExy71iCD9AYRNy2Ip0bJAydw==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org