Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
File: c0680170-a405-45c9-bf7f-03cb2e587884.roa (raw, json)
Hash identifier: FzCMnCZ9ucwt2Fh/ypP8odcHRJ2Pi+LyqhodFTnRY3A=
Subject key identifier: EB:FF:BD:50:1A:04:3B:6C:5D:DF:91:E5:05:9D:DE:5C:85:E3:8B:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F462D3FDDCCC5841075D21A25727469D06C5B40
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:46:2d:3f:dd:cc:c5:84:10:75:d2:1a:25:72:74:69:d0:6c:5b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3cc5d413c5b104b261a47e2d017e6b57ea1fd389316705bee793c74c08dba3e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ff:b2:54:98:17:50:37:04:d0:c2:c1:a5:04:
c1:90:d5:05:8e:bf:7c:41:25:0f:9e:13:59:a0:e3:
57:40:40:67:13:da:73:4e:c6:50:83:a2:ba:7d:f5:
28:e8:75:e0:4f:7d:7e:d5:6c:80:82:3c:0a:24:41:
a9:e4:8a:e2:9c:d2:28:1c:4c:f2:92:f2:f0:b2:77:
5c:7d:f2:1e:8b:2f:2c:84:dd:2a:01:6c:4c:8e:4a:
3e:a7:82:a1:ef:1d:52:c7:07:fb:14:07:6d:09:70:
9d:38:6c:7f:27:21:94:07:56:c6:59:f6:e0:e8:2e:
97:f6:b6:57:68:bf:77:c1:22:54:2c:35:cb:70:a7:
d5:b4:28:8d:84:91:50:37:3e:f3:27:5d:1a:14:f0:
f2:75:68:5a:84:6c:46:26:1d:75:d4:be:90:59:bb:
d7:c1:2f:0e:95:9b:45:05:7b:d1:c3:9d:fd:6a:43:
1c:17:a7:16:98:7e:16:16:d4:3e:4d:4d:59:54:76:
84:77:65:29:41:b7:a1:df:db:2b:16:63:d6:20:08:
36:36:06:dd:59:18:b1:0e:14:e0:ce:a0:e4:00:63:
15:84:52:da:0b:59:26:6b:9a:c7:04:a8:7e:01:65:
c5:f8:a5:36:e5:fd:85:2f:09:be:d7:d9:32:41:a1:
a5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:FF:BD:50:1A:04:3B:6C:5D:DF:91:E5:05:9D:DE:5C:85:E3:8B:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:a4:55:59:36:81:2e:2f:0c:d8:2c:94:fa:2a:14:dc:12:24:
01:64:8c:d0:7a:ac:9d:85:87:fa:8a:c1:6e:ff:5b:62:f6:c8:
4f:e6:ba:28:81:53:da:77:67:d3:9d:fd:7b:ec:ac:24:4a:25:
eb:f5:e1:6b:ca:5c:64:bf:be:e2:d3:4e:a2:03:3d:c1:c9:a9:
c6:cd:c9:b7:67:de:3f:3e:cd:d3:b9:c2:ad:f6:93:dc:55:16:
b9:0f:fc:2c:5e:11:f4:a7:61:95:22:5d:89:85:9d:ae:96:cf:
29:fb:2c:19:09:9f:4d:52:66:e2:62:a4:03:ea:bd:bb:94:47:
74:f2:b0:93:78:2f:54:57:3a:db:d3:ed:c2:12:00:f8:4a:9f:
00:c4:f0:2f:f9:72:3f:79:e0:f8:04:65:8b:e5:25:0a:20:2b:
89:c9:d4:0c:01:5a:c9:e9:fb:a8:8f:3f:3a:2b:a7:7c:7e:08:
c3:cb:09:cf:2c:27:2b:2c:1f:92:85:62:0f:71:f0:9d:da:28:
d2:3b:81:c1:56:21:eb:be:79:57:fe:cc:7b:cd:0a:54:a4:52:
f8:45:e0:f6:25:eb:cc:9d:d5:3b:e9:87:21:78:0a:d6:90:dc:
7e:08:86:5f:2b:3b:d9:91:6e:ab:3c:ec:e3:2e:e7:9e:a9:a8:
e4:b8:73:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb0YtP93MxYQQddIaJXJ0adBsW0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjYzVkNDEzYzViMTA0YjI2MWE0N2UyZDAxN2U2YjU3ZWExZmQzODkzMTY3
MDViZWU3OTNjNzRjMDhkYmEzZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALn/slSYF1A3BNDCwaUEwZDVBY6/fEElD54TWaDjV0BAZxPac07GUIOiun31
KOh14E99ftVsgII8CiRBqeSK4pzSKBxM8pLy8LJ3XH3yHosvLITdKgFsTI5KPqeC
oe8dUscH+xQHbQlwnThsfychlAdWxln24Ogul/a2V2i/d8EiVCw1y3Cn1bQojYSR
UDc+8yddGhTw8nVoWoRsRiYdddS+kFm718EvDpWbRQV70cOd/WpDHBenFph+FhbU
Pk1NWVR2hHdlKUG3od/bKxZj1iAINjYG3VkYsQ4U4M6g5ABjFYRS2gtZJmuaxwSo
fgFlxfilNuX9hS8JvtfZMkGhpQECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTr/71Q
GgQ7bF3fkeUFnd5cheOLFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA2ODAxNzAtYTQwNS00NWM5LWJmN2YtMDNjYjJlNTg3ODg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQCIpFVZNoEuLwzYLJT6KhTcEiQBZIzQeqydhYf6isFu
/1ti9shP5roogVPad2fTnf177KwkSiXr9eFrylxkv77i006iAz3ByanGzcm3Z94/
Ps3TucKt9pPcVRa5D/wsXhH0p2GVIl2JhZ2uls8p+ywZCZ9NUmbiYqQD6r27lEd0
8rCTeC9UVzrb0+3CEgD4Sp8AxPAv+XI/eeD4BGWL5SUKICuJydQMAVrJ6fuojz86
K6d8fgjDywnPLCcrLB+ShWIPcfCd2ijSO4HBViHrvnlX/sx7zQpUpFL4ReD2JevM
ndU76YcheArWkNx+CIZfKzvZkW6rPOzjLueeqajkuHP4
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org