Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
File: b1171dc0-a8bf-436d-9808-e316391b2b94.roa (raw, json)
Hash identifier: y6nIZvMQ9JtyCw8X44LzIUPyNC17h7f6gGf1e05u2dI=
Subject key identifier: 10:B4:FB:44:D0:B1:FA:5F:96:D2:36:D9:E2:31:31:FB:DB:ED:D7:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CA43DDB99489D4BD7BBA17DD319EF8D5E0C412A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:a4:3d:db:99:48:9d:4b:d7:bb:a1:7d:d3:19:ef:8d:5e:0c:41:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=e434d706d2797f6288cb627751e7493a8671f7f8c766d5d83eeb92dc8e71bd02, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:39:d8:ba:57:bb:5c:11:82:02:51:1d:77:62:
2d:c8:41:97:5f:40:e9:6e:b2:a3:e7:8d:a2:c9:17:
16:07:7d:b5:7d:86:52:cf:71:0d:fe:4a:af:1b:6e:
77:2c:6c:a1:ff:5c:69:d6:68:2f:06:c5:60:86:d3:
77:92:d9:d8:82:0c:ca:5f:15:e1:57:df:20:b8:b8:
cb:45:7f:1f:2e:88:3c:aa:18:ac:e2:6e:58:87:f9:
4e:fc:7e:fb:ce:d5:df:9f:6c:15:47:67:4f:ac:77:
d0:41:1d:b4:86:93:64:a6:0a:ce:65:28:bd:f4:d2:
68:a1:20:fc:57:76:3e:e3:79:5b:d4:b5:9f:24:b1:
6d:08:19:de:4c:53:67:a7:fa:4f:9b:62:5f:9e:9b:
11:ed:58:a3:8a:94:2c:db:84:8e:59:e2:47:e4:fd:
73:69:8e:d5:49:fe:1a:fc:0a:98:da:5c:20:5b:3a:
09:f1:aa:01:6a:bb:50:ae:2e:7b:8d:81:eb:e2:5f:
8e:e8:92:79:4c:56:f3:64:98:59:0d:72:29:da:68:
18:49:bc:37:1c:2d:41:23:bc:24:8d:e7:bb:27:b5:
f9:75:10:b2:1e:3e:84:2d:7d:66:88:8f:77:09:32:
6b:3b:ec:2e:60:27:d4:2c:90:61:f3:c1:98:d0:f9:
cd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B4:FB:44:D0:B1:FA:5F:96:D2:36:D9:E2:31:31:FB:DB:ED:D7:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:98:5b:82:c1:50:ed:a5:d1:cc:62:db:7d:bf:87:62:bf:fe:
d8:98:9c:c2:0a:a5:31:d7:d9:7c:d2:58:3b:62:8c:fe:27:ef:
93:ae:06:63:54:7c:44:e1:9e:0e:37:74:a8:31:84:47:be:df:
24:8c:63:1e:49:75:a6:89:a5:34:6f:5c:b2:7f:4b:74:92:74:
57:97:25:e5:1e:e1:aa:c8:c3:dd:ef:5d:f7:d7:66:3f:22:01:
86:3b:83:a1:1f:c2:31:0b:16:b5:b5:7f:bb:65:2d:fe:cc:93:
6c:0d:52:89:5e:58:41:62:bd:a4:0a:31:69:e9:4e:48:5b:d1:
3e:4c:45:34:b6:df:11:66:a3:07:86:83:25:03:47:f0:19:8b:
f9:5e:03:b2:b1:4f:e4:a6:1d:07:e0:2b:a7:e4:d3:94:5b:04:
76:6e:ae:15:28:f8:8f:0e:91:25:41:cd:f7:66:c7:b5:08:bb:
91:1b:c9:87:12:b0:16:0d:08:b7:66:c3:04:7c:92:e7:6f:0d:
de:34:f9:ed:f9:61:e7:6d:ef:8c:36:7b:c1:f6:b6:f5:9d:33:
72:ed:5a:33:12:5f:2a:47:4f:48:26:17:e1:a4:84:0f:d7:2b:
e1:95:72:eb:aa:fe:86:92:31:be:a2:31:ae:6d:08:71:ba:b5:
0e:bb:57:29
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfKQ925lInUvXu6F90xnvjV4MQSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0MzRkNzA2ZDI3OTdmNjI4OGNiNjI3NzUxZTc0OTNhODY3MWY3ZjhjNzY2
ZDVkODNlZWI5MmRjOGU3MWJkMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKs52LpXu1wRggJRHXdiLchBl19A6W6yo+eNoskXFgd9tX2GUs9xDf5Krxtu
dyxsof9cadZoLwbFYIbTd5LZ2IIMyl8V4VffILi4y0V/Hy6IPKoYrOJuWIf5Tvx+
+87V359sFUdnT6x30EEdtIaTZKYKzmUovfTSaKEg/Fd2PuN5W9S1nySxbQgZ3kxT
Z6f6T5tiX56bEe1Yo4qULNuEjlniR+T9c2mO1Un+GvwKmNpcIFs6CfGqAWq7UK4u
e42B6+JfjuiSeUxW82SYWQ1yKdpoGEm8NxwtQSO8JI3nuye1+XUQsh4+hC19ZoiP
dwkyazvsLmAn1CyQYfPBmND5zRcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQtPtE
0LH6X5bSNtniMTH72+3XKjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjExNzFkYzAtYThiZi00MzZkLTk4MDgtZTMxNjM5MWIyYjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQA9mFuCwVDtpdHMYtt9v4div/7YmJzCCqUx19l80lg7
Yoz+J++TrgZjVHxE4Z4ON3SoMYRHvt8kjGMeSXWmiaU0b1yyf0t0knRXlyXlHuGq
yMPd713312Y/IgGGO4OhH8IxCxa1tX+7ZS3+zJNsDVKJXlhBYr2kCjFp6U5IW9E+
TEU0tt8RZqMHhoMlA0fwGYv5XgOysU/kph0H4Cun5NOUWwR2bq4VKPiPDpElQc33
Zse1CLuRG8mHErAWDQi3ZsMEfJLnbw3eNPnt+WHnbe+MNnvB9rb1nTNy7VozEl8q
R09IJhfhpIQP1yvhlXLrqv6GkjG+ojGubQhxurUOu1cp
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org