Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
File: 8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa (raw, json)
Hash identifier: ToqFNP6OuB4GX+HkRiFuXntyaKyQb4HXyz3GoFRRhWc=
Subject key identifier: 64:92:BA:5B:E9:6B:FC:74:61:48:6A:D7:DD:28:DE:A7:FA:B0:E7:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C25A79090D7B8853FE37656E922368F642E5440
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:25:a7:90:90:d7:b8:85:3f:e3:76:56:e9:22:36:8f:64:2e:54:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=fbb42d04bceea87ba852572bd64d11b1f66a7c44f268ab0b86cfbec981d75add, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:78:a4:f6:21:21:0a:21:af:b4:c1:a2:d5:
4b:94:13:48:26:d1:fd:8b:d8:34:7d:9c:b7:9d:5e:
e6:e0:b8:89:40:f1:d5:6a:71:0c:f7:99:f7:83:cc:
58:06:e2:15:81:4d:81:bf:aa:f8:b1:5e:5e:c6:f5:
a8:eb:3e:12:f9:52:cd:1e:d7:f3:e4:c0:07:ca:8e:
31:f0:b2:9b:9b:7f:0d:d9:45:20:a4:5d:09:75:1c:
c0:3e:1c:b3:36:07:ff:83:be:b9:c1:49:48:d6:ad:
8c:71:f7:72:d7:46:e1:d7:66:44:7e:c7:1a:a1:82:
58:0f:49:2e:87:88:47:5b:d3:05:23:6f:88:49:e8:
21:91:4f:ff:37:ea:87:53:3d:38:09:bb:b0:b3:c9:
d7:0f:94:a1:ef:d8:60:52:dc:58:dc:b5:31:c1:38:
2b:65:63:aa:ac:75:57:bd:89:c4:d7:db:ab:91:32:
b0:9a:1a:f1:aa:1a:16:0a:4d:6a:5a:cf:ef:fb:18:
0d:ab:d2:91:7f:cd:a9:56:32:61:e2:02:3c:87:19:
72:7e:03:1d:dd:55:7e:9f:71:85:8e:d5:d1:97:27:
7a:4c:45:d8:97:ca:cc:55:14:1e:0b:7d:70:70:c2:
a6:67:24:a2:8e:e4:08:ab:d3:6f:34:57:e5:5a:90:
87:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:92:BA:5B:E9:6B:FC:74:61:48:6A:D7:DD:28:DE:A7:FA:B0:E7:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:e7:98:01:d6:3e:a6:1b:1b:41:3c:18:bc:63:9e:1f:9c:67:
a1:1f:d4:2b:d6:fa:01:b4:20:b2:aa:ed:d8:5e:73:9d:f6:2b:
a4:d7:f2:9a:3f:5e:84:c4:dc:e2:1c:f6:15:3c:3d:a9:8f:53:
60:ef:64:b2:db:d6:7c:ae:36:5b:68:e4:9a:91:fe:08:29:71:
70:6e:aa:8f:de:87:00:19:a4:b0:1a:c0:18:bd:40:9b:bd:fe:
7a:dc:db:7c:14:24:6f:ff:47:f5:03:24:63:ae:15:02:81:18:
72:4f:b7:10:bb:6a:34:1a:f9:81:64:c5:26:3b:42:c6:fc:96:
e8:9b:3c:26:00:a5:8d:71:a5:98:31:07:2e:8e:fb:7e:a0:68:
d2:16:ab:97:9c:da:58:84:d1:ba:99:d7:27:e5:cb:11:f9:32:
ca:59:6d:e0:be:73:3a:05:14:a2:7a:ea:1c:e4:4c:39:eb:31:
21:ae:eb:e2:95:f4:0e:3a:12:6b:1b:f3:1b:6e:f3:8a:df:0d:
10:36:44:6d:4b:53:9f:e4:a1:bd:0a:0b:8c:c2:db:ee:69:d8:
24:d4:1f:09:4f:74:fc:3d:a8:90:e7:02:a2:d5:58:19:83:8f:
1e:fe:2d:97:0c:89:50:d5:c2:40:8b:c3:9c:ce:17:4f:09:db:
e9:37:48:41
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPCWnkJDXuIU/43ZW6SI2j2QuVEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiYjQyZDA0YmNlZWE4N2JhODUyNTcyYmQ2NGQxMWIxZjY2YTdjNDRmMjY4
YWIwYjg2Y2ZiZWM5ODFkNzVhZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzZeKT2ISEKIa+0waLVS5QTSCbR/YvYNH2ct51e5uC4iUDx1WpxDPeZ94PM
WAbiFYFNgb+q+LFeXsb1qOs+EvlSzR7X8+TAB8qOMfCym5t/DdlFIKRdCXUcwD4c
szYH/4O+ucFJSNatjHH3ctdG4ddmRH7HGqGCWA9JLoeIR1vTBSNviEnoIZFP/zfq
h1M9OAm7sLPJ1w+Uoe/YYFLcWNy1McE4K2Vjqqx1V72JxNfbq5EysJoa8aoaFgpN
alrP7/sYDavSkX/NqVYyYeICPIcZcn4DHd1Vfp9xhY7V0ZcnekxF2JfKzFUUHgt9
cHDCpmckoo7kCKvTbzRX5VqQh4cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRkkrpb
6Wv8dGFIatfdKN6n+rDn2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGViMDJlZTgtM2U4Zi00MzY5LWJhMGYtNDQ0N2Q0OTAyZmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ55gB1j6mGxtBPBi8Y54fnGehH9Qr1voBtCCyqu3Y
XnOd9iuk1/KaP16ExNziHPYVPD2pj1Ng72Sy29Z8rjZbaOSakf4IKXFwbqqP3ocA
GaSwGsAYvUCbvf563Nt8FCRv/0f1AyRjrhUCgRhyT7cQu2o0GvmBZMUmO0LG/Jbo
mzwmAKWNcaWYMQcujvt+oGjSFquXnNpYhNG6mdcn5csR+TLKWW3gvnM6BRSieuoc
5Ew56zEhruvilfQOOhJrG/MbbvOK3w0QNkRtS1Of5KG9CguMwtvuadgk1B8JT3T8
PaiQ5wKi1VgZg48e/i2XDIlQ1cJAi8OczhdPCdvpN0hB
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:21:46 2024 by rpki-client on console-ams.rpki-client.org