Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
File: 8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa (raw, json)
Hash identifier: oAXXRVHEinKjSH4Nx6dSSmLE/mLIu+yb1yB+CgoHEfw=
Subject key identifier: A3:97:51:A5:D1:37:9F:72:33:14:C1:A3:B5:D3:59:70:59:FC:9B:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D1A59E40F11B1C8391A3DF56BBFFE3FD1EFB8C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:1a:59:e4:0f:11:b1:c8:39:1a:3d:f5:6b:bf:fe:3f:d1:ef:b8:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=16700f5710c02eb6615813731cbdfa46efd95e9798c1ba7bcc16c7846e35c90b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b9:dc:4d:a8:8a:5d:1d:f3:61:a4:82:3d:20:
66:f8:ca:c7:c6:90:a7:63:6e:e6:ec:5a:e5:95:a7:
da:df:e8:19:c6:27:f7:a2:39:41:74:5a:4b:75:8c:
9e:87:34:58:57:f6:fd:d8:ce:4a:21:18:be:ad:f5:
bb:94:02:3f:e0:09:e8:af:57:1a:f8:9d:94:cc:eb:
1d:fb:fb:13:54:db:76:a6:1d:77:0d:38:15:0e:9a:
fc:97:75:e4:f3:f0:29:aa:39:e6:f0:be:14:d6:16:
12:1b:ea:c8:0c:ed:fe:e9:a7:8d:f8:07:e2:60:ea:
04:f7:b9:fc:a5:60:66:92:f5:a6:52:06:c7:7e:5c:
a6:bf:db:83:95:ae:31:33:81:6d:68:13:1b:70:ee:
48:96:20:e4:df:eb:08:55:ab:7e:23:33:0c:99:55:
57:82:0d:02:26:fd:19:93:c3:ad:45:cd:5d:98:bb:
3c:21:f7:46:06:ca:ae:e1:9f:05:26:4b:a7:bb:1e:
d8:82:47:05:a5:10:c1:d3:64:30:13:fa:cf:87:b0:
a5:86:05:00:06:1c:e2:8a:cd:5e:63:f4:e5:73:0c:
0f:d2:95:7a:d5:64:8f:31:6c:32:98:5b:37:24:08:
04:a0:b1:1f:12:1d:14:5b:f4:bf:ae:7a:33:cc:04:
81:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:97:51:A5:D1:37:9F:72:33:14:C1:A3:B5:D3:59:70:59:FC:9B:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:47:0e:62:c7:c4:35:96:7a:b0:07:41:3a:28:46:2a:9e:18:
03:9f:f5:ad:7b:14:c4:a3:1e:80:ad:30:ae:86:95:46:df:50:
50:85:88:f7:e7:77:9d:a8:20:d7:87:97:b7:98:04:83:a1:6c:
9b:cc:24:7b:22:0d:50:ee:9c:8f:ef:40:20:aa:33:bd:04:69:
8e:f4:a6:ee:56:fc:2e:d7:00:9a:ad:b4:4e:8f:70:eb:f0:8f:
fe:e6:19:ca:a6:69:64:05:33:1b:89:20:6d:60:d0:34:55:d2:
b9:70:5a:64:37:70:42:28:14:ba:fb:fa:a7:64:87:53:68:e8:
d0:87:d4:6a:8e:3a:9e:52:3a:7e:03:9f:3b:ca:09:ac:3c:52:
d1:79:cc:99:e4:9d:8d:4a:77:03:37:a2:8d:34:38:0a:a9:97:
de:2b:12:2b:b8:25:bf:7e:ee:94:75:21:fc:5a:fa:52:2b:6e:
29:c5:0c:e7:e4:82:d1:ff:b7:70:a3:ae:87:3a:7c:25:ac:f1:
ca:e5:6a:8f:39:d8:db:1b:1b:3c:7f:a2:f7:fa:e2:30:7c:4d:
70:2b:06:1b:d9:f1:15:3b:89:c2:5c:40:0a:68:0f:49:47:93:
5b:78:44:4e:5d:7c:fd:32:f1:2a:c3:55:53:a2:f0:30:a4:9b:
7f:19:91:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXRpZ5A8Rscg5Gj31a7/+P9HvuMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NzAwZjU3MTBjMDJlYjY2MTU4MTM3MzFjYmRmYTQ2ZWZkOTVlOTc5OGMx
YmE3YmNjMTZjNzg0NmUzNWM5MGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKC53E2oil0d82Gkgj0gZvjKx8aQp2Nu5uxa5ZWn2t/oGcYn96I5QXRaS3WM
noc0WFf2/djOSiEYvq31u5QCP+AJ6K9XGvidlMzrHfv7E1TbdqYddw04FQ6a/Jd1
5PPwKao55vC+FNYWEhvqyAzt/umnjfgH4mDqBPe5/KVgZpL1plIGx35cpr/bg5Wu
MTOBbWgTG3DuSJYg5N/rCFWrfiMzDJlVV4INAib9GZPDrUXNXZi7PCH3RgbKruGf
BSZLp7se2IJHBaUQwdNkMBP6z4ewpYYFAAYc4orNXmP05XMMD9KVetVkjzFsMphb
NyQIBKCxHxIdFFv0v656M8wEgUkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSjl1Gl
0TefcjMUwaO101lwWfybvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGE1OTQxNzMtZDIzYi00ZTRhLTlhMWYtOTZkZWI1OWI0NWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQB1Rw5ix8Q1lnqwB0E6KEYqnhgDn/WtexTEox6ArTCu
hpVG31BQhYj353edqCDXh5e3mASDoWybzCR7Ig1Q7pyP70AgqjO9BGmO9KbuVvwu
1wCarbROj3Dr8I/+5hnKpmlkBTMbiSBtYNA0VdK5cFpkN3BCKBS6+/qnZIdTaOjQ
h9RqjjqeUjp+A587ygmsPFLRecyZ5J2NSncDN6KNNDgKqZfeKxIruCW/fu6UdSH8
WvpSK24pxQzn5ILR/7dwo66HOnwlrPHK5WqPOdjbGxs8f6L3+uIwfE1wKwYb2fEV
O4nCXEAKaA9JR5NbeEROXXz9MvEqw1VTovAwpJt/GZGQ
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:10:10 2024 by rpki-client on console-fra.rpki-client.org