Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: j0RqUVHspEqBThJNa+sfQVBQiS6J9fThbjbWmlDtmyc=
Subject key identifier: 6C:DF:05:BF:4B:B7:07:B4:D5:B3:22:3D:DE:CE:6B:F3:18:47:2B:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27E36557EA0DF737B1C3D28505DA6CF4E6E60759
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:e3:65:57:ea:0d:f7:37:b1:c3:d2:85:05:da:6c:f4:e6:e6:07:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f3b31ea1eb40b3f4f8d6b3a464146cb60715cd7735c78978a622845dbcfd3769, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:47:9f:52:9d:d5:27:05:50:3e:6c:83:2e:a6:
4b:df:ce:b0:ce:35:83:ba:55:59:6a:87:0a:74:2f:
fc:56:75:a9:81:06:78:09:28:85:d9:9a:ce:47:ce:
e3:3d:1a:39:b3:35:98:2e:01:c6:97:7c:51:32:fe:
83:70:fe:82:16:f7:d7:81:8e:b4:45:06:25:9d:a3:
51:9a:38:11:2a:07:f7:a4:13:5e:de:10:c7:b3:cb:
6b:4b:dd:a8:8c:ea:e9:8d:c7:dc:b2:c8:54:42:ea:
7d:3d:de:05:19:f3:32:74:c2:06:ad:ef:38:33:7c:
9b:d5:cf:a2:36:65:4c:85:9b:99:6d:d0:d7:7b:41:
8c:ba:fa:5e:7c:d4:93:5d:ce:c9:90:dc:4c:43:89:
29:d0:4c:97:6e:7a:cb:79:5a:9d:58:9a:3a:81:5c:
75:86:22:32:d8:8b:66:af:3b:48:53:41:64:5d:57:
a0:94:16:e4:54:97:6f:69:7d:c8:85:7a:70:f7:a4:
42:2d:ef:ee:1e:4c:24:1c:00:da:24:ce:75:51:cf:
c3:e1:63:3d:a2:01:d2:90:24:44:ad:c5:c9:ff:3b:
ad:9b:fb:e3:20:bd:b7:c3:25:b7:d7:f0:43:d5:05:
2a:c6:96:5c:a9:fc:f8:54:cb:94:33:d2:c1:c8:e5:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:DF:05:BF:4B:B7:07:B4:D5:B3:22:3D:DE:CE:6B:F3:18:47:2B:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:9b:af:0b:9b:77:90:07:eb:77:d3:59:2f:94:7a:1a:c3:7d:
1b:90:ab:fb:60:d6:aa:2f:07:c6:f8:87:29:17:db:50:77:35:
c8:44:11:5b:c2:f6:8e:04:93:94:84:20:89:c0:53:ec:e0:e7:
ac:57:01:d0:c1:a6:78:ca:99:c2:60:0f:44:0b:32:de:7e:fc:
bd:d0:df:69:bf:a9:cc:70:4f:d1:38:58:33:bf:9d:ed:13:c5:
e4:8b:3e:b7:ef:07:71:25:e5:0e:ff:5e:6f:36:b1:1c:8d:5f:
fa:8b:e9:0f:e4:ed:db:0e:7a:17:8f:67:47:27:4b:84:b1:a4:
da:79:a9:b7:3d:88:a2:22:27:ff:c2:59:5b:56:47:eb:ca:81:
d8:bd:a3:d8:3b:17:32:f7:33:70:d2:0f:08:40:01:ac:84:b7:
eb:03:24:d3:07:06:07:60:71:97:c2:63:ad:4a:29:80:64:15:
05:f7:76:c6:ee:92:a2:bf:fa:db:3c:5a:18:7b:a1:5c:ff:1f:
98:2d:e8:43:f9:94:b3:ed:bc:f4:d2:1b:e6:a7:b1:f4:40:3b:
d4:d8:ec:70:d8:e4:d5:c7:1f:fe:65:a9:ed:57:2e:fe:a1:4f:
b8:c9:9d:5c:71:1e:60:a2:53:a1:b5:bc:89:f5:05:d8:29:82:
f4:6e:e5:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ+NlV+oN9zexw9KFBdps9ObmB1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYjMxZWExZWI0MGIzZjRmOGQ2YjNhNDY0MTQ2Y2I2MDcxNWNkNzczNWM3
ODk3OGE2MjI4NDVkYmNmZDM3NjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIJHn1Kd1ScFUD5sgy6mS9/OsM41g7pVWWqHCnQv/FZ1qYEGeAkohdmazkfO
4z0aObM1mC4Bxpd8UTL+g3D+ghb314GOtEUGJZ2jUZo4ESoH96QTXt4Qx7PLa0vd
qIzq6Y3H3LLIVELqfT3eBRnzMnTCBq3vODN8m9XPojZlTIWbmW3Q13tBjLr6XnzU
k13OyZDcTEOJKdBMl256y3lanViaOoFcdYYiMtiLZq87SFNBZF1XoJQW5FSXb2l9
yIV6cPekQi3v7h5MJBwA2iTOdVHPw+FjPaIB0pAkRK3Fyf87rZv74yC9t8Mlt9fw
Q9UFKsaWXKn8+FTLlDPSwcjl590CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRs3wW/
S7cHtNWzIj3ezmvzGEcrfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQCPm68Lm3eQB+t301kvlHoaw30bkKv7YNaqLwfG+Icp
F9tQdzXIRBFbwvaOBJOUhCCJwFPs4OesVwHQwaZ4ypnCYA9ECzLefvy90N9pv6nM
cE/ROFgzv53tE8Xkiz637wdxJeUO/15vNrEcjV/6i+kP5O3bDnoXj2dHJ0uEsaTa
eam3PYiiIif/wllbVkfryoHYvaPYOxcy9zNw0g8IQAGshLfrAyTTBwYHYHGXwmOt
SimAZBUF93bG7pKiv/rbPFoYe6Fc/x+YLehD+ZSz7bz00hvmp7H0QDvU2Oxw2OTV
xx/+ZantVy7+oU+4yZ1ccR5golOhtbyJ9QXYKYL0buVx
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org