Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: iwghzHZluls6iE8CJttldLqYplvxY6Wobcg+m5wBRuc=
Subject key identifier: 8B:AD:10:EC:7C:83:7A:F3:82:08:41:11:5E:E1:34:09:FF:1C:B3:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 01327AF266689A77EE17CFA8491E50C9D8204B79
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:32:7a:f2:66:68:9a:77:ee:17:cf:a8:49:1e:50:c9:d8:20:4b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=a4b2b15eb6c38cc3752145e10ae801bbaf59209fedab00bf61f5c08a69861624, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0b:19:59:41:0d:32:e8:00:37:ce:d8:25:c7:
da:c3:ec:c2:0e:18:29:96:3c:f7:f4:92:b7:8d:46:
6e:fe:f7:5a:97:14:59:9e:ad:84:ac:4d:cc:58:45:
d5:23:23:9b:e6:e9:bd:25:be:f9:15:2b:76:b5:b9:
93:4f:50:24:df:ec:f6:30:15:f3:03:a8:a5:d4:1b:
83:b5:41:cc:28:b1:31:11:9c:d4:bd:28:3c:d0:e2:
55:18:60:62:58:92:b2:89:af:f1:d2:f5:92:3d:a5:
02:9e:08:35:ba:28:2e:d3:71:9d:f4:1c:70:8f:5a:
ab:1e:26:98:3e:d8:bf:db:07:5a:9a:46:c6:f3:07:
4b:d9:94:32:a8:5b:94:53:0b:c1:d7:58:54:18:4b:
07:fc:b0:3a:22:a0:6a:6c:0d:81:31:72:cc:12:86:
9f:4e:fd:6f:76:6d:bf:17:bf:5b:b1:4f:ce:87:e4:
8e:55:fa:80:a9:34:0a:cc:a3:21:43:21:e4:47:cb:
e0:7a:3d:26:f6:f0:de:41:f5:f9:d4:4e:7e:5e:6b:
3b:6c:0f:cd:e8:57:13:07:93:02:d4:eb:65:c8:9f:
a2:79:04:5c:39:75:5b:c9:b3:24:e5:5d:60:84:5c:
ca:ab:ce:22:a6:77:7c:25:55:a0:c4:19:b1:ff:a2:
16:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:AD:10:EC:7C:83:7A:F3:82:08:41:11:5E:E1:34:09:FF:1C:B3:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:cb:1e:cc:53:ad:47:4c:f7:76:68:5e:50:bf:9a:35:15:46:
39:c9:86:f7:e8:5c:5e:3b:7e:22:3b:94:60:96:1b:19:27:1d:
67:75:e5:32:c3:23:d4:b4:44:d1:20:2d:3a:b3:c4:0d:c3:cf:
28:58:b6:5e:52:3c:b4:05:55:8a:b1:5f:9f:79:44:ec:8f:2d:
ca:e0:c7:b7:0d:67:71:9b:49:ec:1c:18:cb:49:e0:e9:b8:6b:
89:f0:a5:99:8e:2a:be:84:3c:46:5b:4b:1a:03:7e:ce:30:01:
cd:5c:97:9e:4a:96:91:83:12:37:c0:74:45:8f:25:1f:23:25:
a8:de:56:b9:68:2a:7a:2c:be:8f:de:ef:b0:ca:91:9f:78:c5:
d4:73:7f:e4:fa:9e:10:e5:69:5b:55:3d:9e:72:52:63:5c:1f:
9b:3d:cc:83:5e:74:c5:6a:fd:84:79:fb:6f:b5:b3:49:df:05:
98:9e:f2:97:f4:4e:95:1d:15:91:7b:7c:e4:d5:49:37:db:c0:
df:ff:bc:c5:9f:fa:e3:f2:f8:54:f2:97:67:27:ed:68:21:93:
4e:15:68:84:9d:10:fa:d8:8f:c9:a1:17:d0:53:b5:d3:86:df:
f4:5c:ad:88:a9:7e:06:9b:c1:16:4c:46:96:a0:89:3e:fe:46:
ee:04:cf:0c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUATJ68mZomnfuF8+oSR5QydggS3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0YjJiMTVlYjZjMzhjYzM3NTIxNDVlMTBhZTgwMWJiYWY1OTIwOWZlZGFi
MDBiZjYxZjVjMDhhNjk4NjE2MjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsLGVlBDTLoADfO2CXH2sPswg4YKZY89/SSt41Gbv73WpcUWZ6thKxNzFhF
1SMjm+bpvSW++RUrdrW5k09QJN/s9jAV8wOopdQbg7VBzCixMRGc1L0oPNDiVRhg
YliSsomv8dL1kj2lAp4INbooLtNxnfQccI9aqx4mmD7Yv9sHWppGxvMHS9mUMqhb
lFMLwddYVBhLB/ywOiKgamwNgTFyzBKGn079b3Ztvxe/W7FPzofkjlX6gKk0Csyj
IUMh5EfL4Ho9Jvbw3kH1+dROfl5rO2wPzehXEweTAtTrZcifonkEXDl1W8mzJOVd
YIRcyqvOIqZ3fCVVoMQZsf+iFmsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSLrRDs
fIN684IIQRFe4TQJ/xyzMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQCJyx7MU61HTPd2aF5Qv5o1FUY5yYb36FxeO34iO5Rg
lhsZJx1ndeUywyPUtETRIC06s8QNw88oWLZeUjy0BVWKsV+feUTsjy3K4Me3DWdx
m0nsHBjLSeDpuGuJ8KWZjiq+hDxGW0saA37OMAHNXJeeSpaRgxI3wHRFjyUfIyWo
3la5aCp6LL6P3u+wypGfeMXUc3/k+p4Q5WlbVT2eclJjXB+bPcyDXnTFav2Eeftv
tbNJ3wWYnvKX9E6VHRWRe3zk1Uk328Df/7zFn/rj8vhU8pdnJ+1oIZNOFWiEnRD6
2I/JoRfQU7XTht/0XK2IqX4Gm8EWTEaWoIk+/kbuBM8M
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org