Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
File: ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa (raw, json)
Hash identifier: JeGY3WL02O4HoaM8/8f4vZDrffI7czRUPDoXwmMNUKQ=
Subject key identifier: 86:66:C0:73:1D:2B:C6:0D:4D:0F:77:1A:08:55:5E:28:63:D1:42:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66630175461E9DC469178FE9E588F3729AF1ABDF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:63:01:75:46:1e:9d:c4:69:17:8f:e9:e5:88:f3:72:9a:f1:ab:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2bf663c2cf04b9e8ce3205885463a46714b687e551d85d043dc671d72b402c63, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:43:8e:a0:d1:b4:d0:40:9e:b0:ad:94:f3:33:
1d:17:45:4c:cd:dc:a5:04:cc:c0:1b:58:8a:d1:7e:
04:9e:2c:cb:ba:72:5d:4a:9e:9b:09:e8:57:c7:3b:
1b:04:61:82:61:41:3b:a5:53:70:4f:b6:c4:50:45:
9f:35:f8:29:c6:d5:40:f0:f4:d3:7d:f6:fa:2e:ae:
a4:4d:65:ed:b5:6d:00:cc:7c:16:f6:0c:59:a8:a3:
23:19:b7:93:60:c9:a9:9c:3e:90:1c:8f:24:1a:f6:
7a:ef:5b:7f:5a:8d:f5:6c:f7:cb:e7:05:78:62:b9:
bf:0e:3c:cd:dd:98:52:70:3c:a9:dc:8a:a3:07:bd:
f6:a4:0f:f1:14:84:17:3d:d3:67:a5:40:d1:4e:d2:
2a:66:03:9c:ab:46:ef:97:76:d4:21:04:58:c3:5d:
6e:5f:16:8e:9b:bb:ad:4c:37:30:b0:21:b8:81:72:
9f:65:9c:8b:8b:e6:f6:5d:22:d6:c7:61:9b:f5:ee:
02:7b:19:4a:7c:b2:1c:ad:72:08:a9:fe:73:b1:f0:
77:b3:47:ec:c4:35:90:df:a2:59:90:e3:12:54:73:
e2:20:87:48:90:67:73:ba:17:9a:9c:01:09:ad:82:
3d:4a:43:48:7e:c4:98:d0:61:db:54:0e:2c:5e:1f:
a3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:66:C0:73:1D:2B:C6:0D:4D:0F:77:1A:08:55:5E:28:63:D1:42:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac8a54e6-9c65-4ad5-abd4-d82ba3a54ef2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6e:f5:cf:85:6f:92:a4:ad:ec:ff:18:22:83:2e:21:19:c2:30:
7b:df:1c:1a:ab:1f:58:e2:17:7f:74:bf:68:cc:5c:20:ff:56:
b4:c2:14:61:7e:10:30:44:8a:fe:ef:8f:14:7e:b1:0e:97:e2:
83:06:d2:1a:08:82:d9:25:c0:4f:c6:1b:85:f4:f6:d0:7b:d8:
12:e4:f2:47:d1:9c:2a:eb:d9:d2:97:77:2a:4a:b5:c5:03:88:
0f:a7:33:05:71:a4:10:c6:56:91:ac:11:61:a9:9a:13:e3:61:
7c:d0:65:fb:62:db:d5:ad:09:2f:5d:08:fe:c5:f9:86:6c:4b:
70:6e:6a:1f:4b:56:e8:07:56:b8:e4:08:af:bb:1f:ed:ea:ec:
65:f1:d3:63:c1:05:14:31:d9:50:58:6f:6b:a6:df:3b:eb:e6:
91:41:bd:72:0d:43:3a:f8:d7:9e:31:fb:8c:ee:1e:a6:28:22:
56:71:3e:9f:29:47:10:c6:74:a4:35:ba:fd:35:dd:c7:35:25:
31:91:8c:57:ee:42:33:62:29:67:43:4f:4d:a9:4d:0f:b7:3f:
c6:77:dd:09:e8:34:31:f8:96:67:11:3a:21:f3:ca:62:d3:bc:
d2:2c:06:a4:77:26:65:b7:b0:f6:a9:32:40:8a:cf:69:cc:7b:
49:7a:88:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZmMBdUYencRpF4/p5Yjzcprxq98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiZjY2M2MyY2YwNGI5ZThjZTMyMDU4ODU0NjNhNDY3MTRiNjg3ZTU1MWQ4
NWQwNDNkYzY3MWQ3MmI0MDJjNjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdDjqDRtNBAnrCtlPMzHRdFTM3cpQTMwBtYitF+BJ4sy7pyXUqemwnoV8c7
GwRhgmFBO6VTcE+2xFBFnzX4KcbVQPD00332+i6upE1l7bVtAMx8FvYMWaijIxm3
k2DJqZw+kByPJBr2eu9bf1qN9Wz3y+cFeGK5vw48zd2YUnA8qdyKowe99qQP8RSE
Fz3TZ6VA0U7SKmYDnKtG75d21CEEWMNdbl8Wjpu7rUw3MLAhuIFyn2Wci4vm9l0i
1sdhm/XuAnsZSnyyHK1yCKn+c7Hwd7NH7MQ1kN+iWZDjElRz4iCHSJBnc7oXmpwB
Ca2CPUpDSH7EmNBh21QOLF4fo6cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSGZsBz
HSvGDU0PdxoIVV4oY9FCwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM4YTU0ZTYtOWM2NS00YWQ1LWFiZDQtZDgyYmEzYTU0ZWYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQBu9c+Fb5Kkrez/GCKDLiEZwjB73xwaqx9Y4hd/dL9o
zFwg/1a0whRhfhAwRIr+748UfrEOl+KDBtIaCILZJcBPxhuF9PbQe9gS5PJH0Zwq
69nSl3cqSrXFA4gPpzMFcaQQxlaRrBFhqZoT42F80GX7YtvVrQkvXQj+xfmGbEtw
bmofS1boB1a45Aivux/t6uxl8dNjwQUUMdlQWG9rpt876+aRQb1yDUM6+NeeMfuM
7h6mKCJWcT6fKUcQxnSkNbr9Nd3HNSUxkYxX7kIzYilnQ09NqU0Ptz/Gd90J6DQx
+JZnEToh88pi07zSLAakdyZlt7D2qTJAis9pzHtJeogh
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org