Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: FUfX6VG3S4GWBAQ8pDUzO5mBhK6VSH5lX60zlLB3lYM=
Subject key identifier: 1A:F1:44:94:38:B5:27:0B:E8:00:C0:0C:5B:0A:70:00:01:83:44:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69B571B036C54BF07C67C88FD5655C89C154A8E2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:b5:71:b0:36:c5:4b:f0:7c:67:c8:8f:d5:65:5c:89:c1:54:a8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=15d60cb341dd76d78da459da3c819038f7c8880f35f94c61b613b4945d686479, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0f:a4:0e:5e:29:d1:91:1b:1d:bb:d6:00:0d:
4c:89:0d:fa:6e:6c:50:58:d1:e4:4a:3a:e3:cc:36:
3a:3c:fb:61:6f:41:ed:c6:0f:04:29:b1:4a:9a:0e:
58:e1:44:1e:d7:d8:99:27:17:09:d1:b4:b0:6d:42:
2d:8f:0f:ad:a3:0f:6d:6d:e8:ae:a7:90:02:f1:6b:
59:89:f9:d0:e6:cb:92:fa:d3:d7:a2:b7:88:fd:b7:
95:91:67:28:39:ce:3b:ec:e3:79:fc:e3:59:ae:8d:
6a:0a:57:c8:88:2b:df:d6:2e:d1:33:25:de:62:1e:
1a:5e:e9:ce:48:ef:84:8d:33:3c:75:2d:60:41:df:
c5:d9:aa:30:b1:01:bc:63:bc:f2:ea:db:a7:6a:7d:
e7:4e:e0:cf:7c:bf:46:e7:a9:c4:59:5b:8d:75:a9:
cc:8e:4f:c4:35:43:a1:25:87:63:5d:00:19:85:c9:
d0:23:6b:16:69:04:66:f8:cf:19:b2:48:3b:24:7f:
9b:c6:8a:12:ab:f9:ff:9a:94:35:3f:62:5a:68:39:
9f:2f:c9:bc:eb:8d:8b:25:80:10:20:33:40:b5:ea:
c8:06:cf:de:a9:15:c3:44:ef:3a:58:bc:ac:33:ef:
fa:85:77:b8:65:96:f4:39:da:aa:14:c7:7c:72:61:
c6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F1:44:94:38:B5:27:0B:E8:00:C0:0C:5B:0A:70:00:01:83:44:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3a:14:8c:90:15:43:42:06:eb:5a:e6:4d:05:81:75:c3:1b:20:
85:78:86:2b:c1:b7:e3:e7:9f:bc:93:81:bf:e3:cd:5a:a1:69:
98:dc:32:02:6b:ec:cb:2b:1d:ae:ea:21:73:a3:4e:71:f7:fc:
f0:05:bf:5e:dd:05:05:4b:94:b8:d8:3b:80:08:b9:71:52:96:
7f:ec:3b:6e:b9:b5:a5:6b:a9:33:ce:cc:52:74:59:5d:84:a9:
f4:ee:5f:b7:36:21:51:72:8c:e3:fa:e7:21:8b:56:d1:02:fc:
4d:b5:76:ff:2c:db:cd:33:5a:52:90:61:19:87:bd:38:b5:3a:
bf:b4:fb:a5:dd:aa:9e:27:06:d0:d3:29:43:d0:08:47:5a:63:
d6:11:df:e3:15:a1:84:9d:69:3d:ec:b7:12:ee:0d:aa:62:a2:
32:29:5c:89:df:d3:5d:61:98:3c:5a:b6:29:b9:80:d7:8b:c1:
60:df:47:bb:75:b1:69:47:48:84:e8:c4:3b:91:dd:8c:00:6b:
fc:13:e1:ad:ac:3c:f6:35:77:c9:5b:9c:69:1d:ce:a3:82:5d:
98:9f:de:1b:a2:a5:23:0f:32:d6:c9:79:23:f8:51:90:ba:af:
08:5e:cd:c0:d6:3f:54:31:12:9c:da:f2:1d:23:de:75:a1:d6:
33:61:4a:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUabVxsDbFS/B8Z8iP1WVcicFUqOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ZDYwY2IzNDFkZDc2ZDc4ZGE0NTlkYTNjODE5MDM4ZjdjODg4MGYzNWY5
NGM2MWI2MTNiNDk0NWQ2ODY0NzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIgPpA5eKdGRGx271gANTIkN+m5sUFjR5Eo648w2Ojz7YW9B7cYPBCmxSpoO
WOFEHtfYmScXCdG0sG1CLY8PraMPbW3orqeQAvFrWYn50ObLkvrT16K3iP23lZFn
KDnOO+zjefzjWa6NagpXyIgr39Yu0TMl3mIeGl7pzkjvhI0zPHUtYEHfxdmqMLEB
vGO88urbp2p9507gz3y/RuepxFlbjXWpzI5PxDVDoSWHY10AGYXJ0CNrFmkEZvjP
GbJIOyR/m8aKEqv5/5qUNT9iWmg5ny/JvOuNiyWAECAzQLXqyAbP3qkVw0TvOli8
rDPv+oV3uGWW9DnaqhTHfHJhxoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQa8USU
OLUnC+gAwAxbCnAAAYNEYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQA6FIyQFUNCButa5k0FgXXDGyCFeIYrwbfj55+8k4G/
481aoWmY3DICa+zLKx2u6iFzo05x9/zwBb9e3QUFS5S42DuACLlxUpZ/7DtuubWl
a6kzzsxSdFldhKn07l+3NiFRcozj+uchi1bRAvxNtXb/LNvNM1pSkGEZh704tTq/
tPul3aqeJwbQ0ylD0AhHWmPWEd/jFaGEnWk97LcS7g2qYqIyKVyJ39NdYZg8WrYp
uYDXi8Fg30e7dbFpR0iE6MQ7kd2MAGv8E+GtrDz2NXfJW5xpHc6jgl2Yn94boqUj
DzLWyXkj+FGQuq8IXs3A1j9UMRKc2vIdI951odYzYUp9
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org