Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
File: 5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa (raw, json)
Hash identifier: abXU+sS9VU4p0woOAbMA0qR9sVZXLnDGyv2qnFK3sXs=
Subject key identifier: 91:A2:6E:C3:88:AD:3E:9F:35:F6:75:53:48:25:BE:6D:EB:46:E5:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7EABE21F749ED2F4DEC035C1267604E4AFFBA81E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ab:e2:1f:74:9e:d2:f4:de:c0:35:c1:26:76:04:e4:af:fb:a8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=edf5f59c479471474f8f7b0cce2fb2340f0844e8310f92477dc169b2bdd67c3b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:01:0b:75:b5:cf:26:ae:d8:76:55:e6:ed:
46:9e:97:9a:f5:f4:4f:79:46:a9:a2:a5:02:0a:5e:
d3:6a:fd:e5:e4:0b:c3:17:1f:f0:c6:f4:96:4e:f1:
78:93:55:23:8a:e6:53:6c:5b:48:e4:0b:c1:26:45:
2f:12:8e:ad:bf:9c:e8:16:03:33:ed:2c:07:e0:b3:
fe:64:1e:af:c3:0d:6f:43:59:79:cf:44:c7:7f:fe:
09:d6:9f:39:be:3d:5a:7f:88:dc:44:26:c8:09:b7:
ec:91:8c:79:c2:15:65:aa:5b:32:5e:70:08:c6:d8:
14:13:b1:dd:be:0a:c6:4c:2f:21:fc:78:a7:b0:c4:
65:f6:38:eb:3a:ad:14:0e:0f:da:9d:5f:ce:b1:cd:
fe:58:33:18:66:e9:aa:01:67:1a:92:33:ee:e5:9e:
a0:13:64:b4:c5:08:79:da:cb:d4:54:67:a7:28:c7:
9b:bb:d9:66:ac:db:f9:3f:11:67:f9:e2:44:d4:3f:
0d:46:9e:4b:0d:8a:29:c8:0c:18:07:75:42:0a:5c:
45:d4:c3:b2:de:ef:23:f8:71:51:54:3f:20:3d:5b:
ec:50:66:58:e3:9b:b5:93:7c:f6:0f:03:68:e6:8f:
26:4b:d8:4d:0d:0f:37:3e:8f:ae:5e:61:ca:48:4b:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A2:6E:C3:88:AD:3E:9F:35:F6:75:53:48:25:BE:6D:EB:46:E5:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:b0:47:2d:2d:3e:57:7d:ee:5f:8b:e4:bf:ba:4a:0b:66:77:
a4:d0:3e:b1:e8:6f:e8:57:e7:27:4e:e4:e4:6d:08:36:ca:ba:
41:53:93:8a:18:92:68:9e:74:89:b2:06:bf:de:62:40:fc:4e:
28:b0:1d:be:b8:cc:22:dd:ff:4d:6b:56:1c:32:ef:60:f6:40:
31:f6:81:fb:e5:34:12:51:1a:87:f0:d0:f3:2a:6b:78:a7:2b:
17:2d:bf:bd:17:d1:9c:69:89:a8:04:96:6c:68:a2:83:ec:e3:
49:5c:4e:f3:dd:2d:3c:ca:5b:40:08:06:0c:e1:16:eb:ce:50:
f6:c5:4f:5a:3c:0a:be:66:0a:b3:97:f5:bb:6c:24:b7:6a:8c:
84:bd:92:88:3f:33:52:33:7f:d0:1f:db:01:7e:95:57:d0:a4:
58:89:6f:f0:2c:93:4b:51:33:1f:23:d5:e9:52:c3:c6:f7:61:
25:9a:8c:af:1f:b9:56:56:d7:2f:1b:ac:f5:3c:38:18:84:4f:
98:a5:75:cd:8e:c3:ba:21:37:6f:ce:59:8c:aa:bb:9a:d2:13:
82:53:8e:c0:2f:46:33:d2:61:fb:02:6d:c7:66:7b:74:4c:8a:
43:d4:12:2c:d9:a5:c8:c9:c1:04:64:c0:ad:3d:1a:76:5e:b1:
22:ac:67:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfqviH3Se0vTewDXBJnYE5K/7qB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkZjVmNTljNDc5NDcxNDc0ZjhmN2IwY2NlMmZiMjM0MGYwODQ0ZTgzMTBm
OTI0NzdkYzE2OWIyYmRkNjdjM2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKkAQt1tc8mrth2VebtRp6XmvX0T3lGqaKlAgpe02r95eQLwxcf8Mb0lk7x
eJNVI4rmU2xbSOQLwSZFLxKOrb+c6BYDM+0sB+Cz/mQer8MNb0NZec9Ex3/+Cdaf
Ob49Wn+I3EQmyAm37JGMecIVZapbMl5wCMbYFBOx3b4KxkwvIfx4p7DEZfY46zqt
FA4P2p1fzrHN/lgzGGbpqgFnGpIz7uWeoBNktMUIedrL1FRnpyjHm7vZZqzb+T8R
Z/niRNQ/DUaeSw2KKcgMGAd1QgpcRdTDst7vI/hxUVQ/ID1b7FBmWOObtZN89g8D
aOaPJkvYTQ0PNz6Prl5hykhLvDMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRom7D
iK0+nzX2dVNIJb5t60blfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNlZWE0NTYtNDNkYS00ZmI0LTk1ZjYtZTFiN2IyZTNmNjFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQB1sEctLT5Xfe5fi+S/ukoLZnek0D6x6G/oV+cnTuTk
bQg2yrpBU5OKGJJonnSJsga/3mJA/E4osB2+uMwi3f9Na1YcMu9g9kAx9oH75TQS
URqH8NDzKmt4pysXLb+9F9GcaYmoBJZsaKKD7ONJXE7z3S08yltACAYM4RbrzlD2
xU9aPAq+Zgqzl/W7bCS3aoyEvZKIPzNSM3/QH9sBfpVX0KRYiW/wLJNLUTMfI9Xp
UsPG92ElmoyvH7lWVtcvG6z1PDgYhE+YpXXNjsO6ITdvzlmMqrua0hOCU47AL0Yz
0mH7Am3HZnt0TIpD1BIs2aXIycEEZMCtPRp2XrEirGed
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org