Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
File: 6983da84-161e-42b3-9b20-728d967cf78a.roa (raw, json)
Hash identifier: /NQLvGEzS+/Mm+6xBKhhK2mAyDTcqvfPxY/o0Eozv40=
Subject key identifier: 03:4A:D6:AD:E7:4C:6D:09:54:5D:C7:67:A3:59:59:5C:A2:7D:0D:23
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4809123271F3CA7140769A1E38ACEB05A67775B5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:09:12:32:71:f3:ca:71:40:76:9a:1e:38:ac:eb:05:a6:77:75:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=dc4ef6c30ffb47cbb7e0ca4e0e32b75be501b04528188f590ecccf22190c4f3b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0b:df:9e:cd:47:23:8a:51:43:85:00:66:cb:
84:04:86:8e:ba:4d:26:1d:c7:87:43:e1:a5:1b:21:
99:4d:0a:05:98:0b:7d:e3:cb:7b:cf:5a:84:3e:e0:
05:3e:e6:ff:c6:fa:2d:e1:78:ff:bb:0f:87:fd:d9:
9a:a2:1a:b5:a7:6b:5a:d3:c3:09:fb:3b:fc:ee:c4:
37:83:af:87:0f:9b:6f:d2:19:dd:d8:89:e2:17:1a:
a3:17:eb:12:c1:9d:2b:98:b2:81:35:24:5d:39:c4:
b1:2f:fe:a6:90:b7:bd:3c:1c:e5:2e:cd:38:34:d2:
b7:84:6d:fd:4a:4c:b6:ab:c3:2f:a9:2e:1a:21:9e:
62:62:3f:86:4d:da:e6:68:b7:5a:b0:7a:08:10:9f:
d2:f4:4b:e1:75:3a:b9:d7:28:bb:d9:cd:83:99:1e:
d1:10:7d:54:77:aa:b2:88:fc:c0:41:f5:a4:86:fd:
17:94:31:db:ce:6f:a7:5c:4b:f9:69:cf:9a:a9:9c:
bc:fc:18:d2:76:49:48:8c:ff:82:4f:26:de:f1:7e:
af:80:66:21:cb:8f:d1:17:d4:5b:c1:fc:5f:63:df:
3d:71:8b:31:3e:12:91:da:7f:0c:2c:0e:76:f1:20:
e8:ff:40:ec:42:19:46:3c:91:c6:71:52:86:9f:38:
ee:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4A:D6:AD:E7:4C:6D:09:54:5D:C7:67:A3:59:59:5C:A2:7D:0D:23
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:2c:58:20:09:37:76:f8:0a:ad:59:67:80:81:72:a5:cf:56:
96:52:42:1b:59:35:be:8e:59:6c:79:6b:0a:21:82:af:e5:6d:
6a:9c:49:c5:da:94:9e:17:55:6f:b3:27:81:88:78:59:66:66:
75:55:e7:43:ab:27:c6:07:56:b2:ee:ef:a5:b4:1f:f3:b8:ac:
2c:1c:02:85:a6:c2:6c:11:2a:f9:fe:68:9b:44:f3:66:d3:03:
7e:c0:65:fe:61:8d:a2:db:be:a0:31:9d:de:df:04:72:20:20:
68:10:f2:10:b7:01:05:2d:a4:26:ee:95:84:b2:92:47:b2:51:
d0:1d:e9:ec:fe:d4:5d:20:a0:21:27:e3:db:9d:ef:a2:96:0f:
8f:82:dd:a0:dd:69:46:e1:a3:9e:2e:5e:66:e8:1d:e7:d8:f0:
69:60:ef:48:1b:7a:12:b0:e2:ed:14:47:e3:6d:21:76:a9:13:
ea:73:55:25:cf:f1:7d:69:04:96:11:27:a4:22:fa:f5:36:f4:
93:9e:a0:56:e9:28:21:3e:85:88:71:8f:91:c3:14:4f:89:74:
cd:84:e9:96:fe:1c:01:63:dd:f4:5e:7c:82:72:ad:12:c5:29:
a4:d4:0e:61:f7:84:04:d5:1b:13:10:67:62:6f:bd:92:f3:da:
6f:e2:bf:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSAkSMnHzynFAdpoeOKzrBaZ3dbUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNGVmNmMzMGZmYjQ3Y2JiN2UwY2E0ZTBlMzJiNzViZTUwMWIwNDUyODE4
OGY1OTBlY2NjZjIyMTkwYzRmM2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0L357NRyOKUUOFAGbLhASGjrpNJh3Hh0PhpRshmU0KBZgLfePLe89ahD7g
BT7m/8b6LeF4/7sPh/3ZmqIatadrWtPDCfs7/O7EN4Ovhw+bb9IZ3diJ4hcaoxfr
EsGdK5iygTUkXTnEsS/+ppC3vTwc5S7NODTSt4Rt/UpMtqvDL6kuGiGeYmI/hk3a
5mi3WrB6CBCf0vRL4XU6udcou9nNg5ke0RB9VHeqsoj8wEH1pIb9F5Qx285vp1xL
+WnPmqmcvPwY0nZJSIz/gk8m3vF+r4BmIcuP0RfUW8H8X2PfPXGLMT4Skdp/DCwO
dvEg6P9A7EIZRjyRxnFShp847pMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQDStat
50xtCVRdx2ejWVlcon0NIzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk4M2RhODQtMTYxZS00MmIzLTliMjAtNzI4ZDk2N2NmNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQCLLFggCTd2+AqtWWeAgXKlz1aWUkIbWTW+jllseWsK
IYKv5W1qnEnF2pSeF1VvsyeBiHhZZmZ1VedDqyfGB1ay7u+ltB/zuKwsHAKFpsJs
ESr5/mibRPNm0wN+wGX+YY2i276gMZ3e3wRyICBoEPIQtwEFLaQm7pWEspJHslHQ
Hens/tRdIKAhJ+Pbne+ilg+Pgt2g3WlG4aOeLl5m6B3n2PBpYO9IG3oSsOLtFEfj
bSF2qRPqc1Ulz/F9aQSWESekIvr1NvSTnqBW6SghPoWIcY+RwxRPiXTNhOmW/hwB
Y930XnyCcq0SxSmk1A5h94QE1RsTEGdib72S89pv4r8r
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org