Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: JYp0ZrrhUtF1J+QX6spE6scTykUNuzl0pVt/PKVp+fA=
Subject key identifier: F3:5D:B7:2F:C8:6C:84:13:DA:61:87:CE:05:90:B7:BB:71:B6:48:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7C5637E80F2F5D78717990FC77B1B4CF62986419
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:56:37:e8:0f:2f:5d:78:71:79:90:fc:77:b1:b4:cf:62:98:64:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=359236aba274d806118617dab509413dc05ee2eb415d4426e5ee6c008935b44a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8d:d7:d5:2d:f3:8f:c0:f5:2c:73:0f:79:c1:
9a:4a:cf:b1:84:ac:90:9c:7e:d6:ce:1a:5f:b2:3c:
f4:df:08:f7:ee:0b:70:8e:e6:c1:b9:55:6d:2e:7f:
32:25:cd:1c:f0:73:42:fc:05:e2:9a:c7:46:10:79:
4b:ec:e6:7d:bf:fa:4a:d7:95:70:ca:dd:ca:51:6e:
28:46:9f:38:fa:0c:fc:35:a5:e5:bb:b9:a3:fb:db:
f6:89:0a:4f:c0:45:0d:63:a9:06:66:30:e5:3f:c0:
cb:87:a2:b6:29:c2:04:92:16:f5:c6:d9:15:c3:8e:
92:47:31:62:3c:30:68:49:e2:8b:22:74:c8:d0:0b:
f6:36:c9:7f:0d:38:29:08:58:51:4e:5d:aa:61:75:
69:54:64:1d:19:69:52:48:a0:8f:4d:81:73:e4:32:
bb:8e:2a:dc:08:c4:32:c4:c2:51:05:c3:cd:63:43:
12:25:6d:84:49:a8:78:fc:c8:fe:1a:7d:a5:3d:4c:
66:e2:4b:8a:53:0a:1b:be:5b:1d:17:ae:11:b4:f6:
1e:be:62:ea:39:1f:96:c5:a3:39:87:1f:ca:f1:1e:
d7:87:15:37:80:65:b0:c6:5b:88:55:d6:b4:a1:a8:
24:70:00:90:83:a1:1b:8f:ce:d5:4b:af:19:16:d6:
7b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5D:B7:2F:C8:6C:84:13:DA:61:87:CE:05:90:B7:BB:71:B6:48:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:7b:7b:89:82:3e:d9:37:09:0f:ed:5b:6b:8a:b7:05:cc:b8:
22:95:d8:ff:27:1a:42:76:26:49:89:1c:a4:b7:50:f3:c7:43:
5a:e7:6d:93:21:6c:3f:f1:f2:48:3b:05:31:64:c0:fc:51:d6:
bc:d3:8d:21:b5:7e:7a:32:bc:d5:e6:d5:f8:70:50:eb:ad:97:
93:4f:4e:aa:bc:62:d8:53:e1:50:a9:e0:cb:1d:5b:fc:ec:16:
fb:ab:78:b9:3d:ea:a0:62:7e:09:6c:1a:40:6c:2e:b6:a5:0d:
40:ee:08:79:1a:8c:4b:77:c7:18:98:50:87:24:b0:28:92:a1:
97:f6:c2:0c:67:cf:b8:1b:7e:62:1b:f0:0a:15:fb:76:84:99:
2d:a9:15:4e:28:92:da:cf:d3:2b:81:c9:04:ac:a0:b5:e7:6e:
e0:5f:42:69:8e:8d:e4:f0:e0:15:1d:99:ee:e2:29:a4:7d:2e:
5b:71:6a:88:02:23:c1:cb:37:73:69:cb:aa:ba:ce:9c:34:5a:
c0:71:28:31:21:ac:7f:fd:e0:f3:10:42:4e:4c:36:a1:f0:2b:
28:15:9e:4b:05:a4:b4:fb:34:42:45:22:ca:b8:26:bc:1d:8d:
bb:5e:b6:24:1b:82:f3:89:ec:d0:27:2b:ec:67:20:17:37:0e:
24:a5:f8:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfFY36A8vXXhxeZD8d7G0z2KYZBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1OTIzNmFiYTI3NGQ4MDYxMTg2MTdkYWI1MDk0MTNkYzA1ZWUyZWI0MTVk
NDQyNmU1ZWU2YzAwODkzNWI0NGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6N19Ut84/A9SxzD3nBmkrPsYSskJx+1s4aX7I89N8I9+4LcI7mwblVbS5/
MiXNHPBzQvwF4prHRhB5S+zmfb/6SteVcMrdylFuKEafOPoM/DWl5bu5o/vb9okK
T8BFDWOpBmYw5T/Ay4eitinCBJIW9cbZFcOOkkcxYjwwaEniiyJ0yNAL9jbJfw04
KQhYUU5dqmF1aVRkHRlpUkigj02Bc+Qyu44q3AjEMsTCUQXDzWNDEiVthEmoePzI
/hp9pT1MZuJLilMKG75bHReuEbT2Hr5i6jkflsWjOYcfyvEe14cVN4BlsMZbiFXW
tKGoJHAAkIOhG4/O1UuvGRbWe78CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTzXbcv
yGyEE9phh84FkLe7cbZIxDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQCee3uJgj7ZNwkP7VtrircFzLgildj/JxpCdiZJiRyk
t1Dzx0Na522TIWw/8fJIOwUxZMD8Uda8040htX56MrzV5tX4cFDrrZeTT06qvGLY
U+FQqeDLHVv87Bb7q3i5PeqgYn4JbBpAbC62pQ1A7gh5GoxLd8cYmFCHJLAokqGX
9sIMZ8+4G35iG/AKFft2hJktqRVOKJLaz9MrgckErKC1527gX0Jpjo3k8OAVHZnu
4imkfS5bcWqIAiPByzdzacuqus6cNFrAcSgxIax//eDzEEJOTDah8CsoFZ5LBaS0
+zRCRSLKuCa8HY27XrYkG4LziezQJyvsZyAXNw4kpfif
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org