Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: K2J8TgPoYKMzgmjpc0iSmIXzexQBwRdznHDupVJXrlo=
Subject key identifier: B6:A7:13:26:87:31:83:63:FB:C2:F6:16:BE:7A:61:C5:72:EE:8E:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7006D663E6A3A6443E1486D678D57E3F1C64EA20
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Tue 26 Mar 2024 00:00:00 +0000
ROA not before: Tue 26 Mar 2024 00:00:00 +0000
ROA not after: Tue 30 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:06:d6:63:e6:a3:a6:44:3e:14:86:d6:78:d5:7e:3f:1c:64:ea:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 26 00:00:00 2024 GMT
Not After : Apr 30 23:59:59 2024 GMT
Subject: serialNumber=806407496150bcd6d52baf026f56964706b2d70a7fa3f7b53fbecf8884f9bd9d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1d:a8:04:1f:08:6e:1f:14:c1:79:c3:9d:8c:
2b:9a:1a:85:c7:5a:0d:82:ba:be:eb:6c:48:ef:1a:
c0:07:39:6e:2c:88:d9:a5:83:9f:1e:d3:4a:1d:89:
fc:a8:7e:1b:49:a0:2b:50:51:d1:ed:28:f9:1f:f6:
87:33:51:1f:07:ab:7b:19:12:00:10:92:b6:f1:aa:
3e:ce:95:db:61:11:0c:3a:dd:5a:9a:a9:a7:c0:e6:
0c:f4:3a:9d:75:47:3e:d3:d5:52:a4:69:bf:de:df:
83:9b:6b:c4:89:7c:d8:ef:ba:c9:6d:81:d5:fb:da:
05:f4:b9:ca:90:6f:46:4f:34:f2:5e:82:be:c0:b5:
27:ee:84:5b:54:fd:f9:15:1a:90:22:5d:c8:3a:3f:
76:de:c3:d6:b0:de:2b:9d:f6:f4:dc:40:5b:ee:45:
b3:8c:68:ad:9a:e9:53:4a:7d:f4:57:48:29:2d:52:
c8:0f:56:aa:5a:84:c9:58:a6:d9:83:9f:f9:90:b3:
9f:11:8e:8e:23:43:58:ca:b6:4c:b3:40:40:08:36:
c7:c9:c8:ec:8e:ff:94:89:8e:6e:4a:63:df:ac:65:
67:9a:37:5c:89:17:17:9b:fc:8e:2c:07:62:47:4f:
0a:40:81:44:ce:10:f5:cf:e9:41:73:0f:86:4d:0f:
09:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A7:13:26:87:31:83:63:FB:C2:F6:16:BE:7A:61:C5:72:EE:8E:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:eb:36:6f:92:aa:27:69:25:b2:1d:af:a8:f8:65:de:dc:38:
2a:9d:01:4b:49:c7:d2:48:69:69:d9:9c:7a:ac:f0:87:fa:db:
71:16:33:d3:59:e4:0d:f0:35:5c:01:fe:34:d9:a1:eb:e1:94:
e8:4f:c4:a7:43:2c:5e:cb:b6:82:e4:eb:5d:ae:57:b8:15:2b:
25:1c:73:d3:37:65:36:73:01:05:df:8c:26:f1:4a:2a:61:67:
73:31:ce:cb:f3:1b:8f:0a:de:79:0c:f3:fe:26:1c:a9:70:d1:
e3:5c:0c:25:1b:91:5d:f1:1d:ae:1c:56:14:16:ad:7b:be:03:
df:01:c3:e3:66:11:df:25:b8:20:dc:bb:d6:51:3c:0d:43:fd:
9c:c0:d3:2e:fd:b7:ad:0f:2f:38:ff:9d:47:b7:ac:37:45:ed:
62:2a:66:14:85:36:68:d2:15:16:7d:71:ab:95:c5:33:84:a6:
b0:2f:38:a6:2b:8a:28:29:4b:ab:12:1f:a6:c9:3a:a5:70:a3:
df:bb:21:58:43:bf:5c:cd:70:23:1f:83:5b:16:0c:eb:07:fc:
11:58:b7:5e:aa:38:be:30:33:18:ee:1f:f6:78:75:0e:7d:54:
6f:8c:10:13:d1:9f:5d:0c:9b:d1:88:00:fb:e6:27:f2:2a:29:
bf:e6:01:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcAbWY+ajpkQ+FIbWeNV+Pxxk6iAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjYwMDAwMDBaFw0yNDA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNjQwNzQ5NjE1MGJjZDZkNTJiYWYwMjZmNTY5NjQ3MDZiMmQ3MGE3ZmEz
ZjdiNTNmYmVjZjg4ODRmOWJkOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsdqAQfCG4fFMF5w52MK5oahcdaDYK6vutsSO8awAc5biyI2aWDnx7TSh2J
/Kh+G0mgK1BR0e0o+R/2hzNRHwerexkSABCStvGqPs6V22ERDDrdWpqpp8DmDPQ6
nXVHPtPVUqRpv97fg5trxIl82O+6yW2B1fvaBfS5ypBvRk808l6CvsC1J+6EW1T9
+RUakCJdyDo/dt7D1rDeK5329NxAW+5Fs4xorZrpU0p99FdIKS1SyA9WqlqEyVim
2YOf+ZCznxGOjiNDWMq2TLNAQAg2x8nI7I7/lImObkpj36xlZ5o3XIkXF5v8jiwH
YkdPCkCBRM4Q9c/pQXMPhk0PCWMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2pxMm
hzGDY/vC9ha+emHFcu6OMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQAC6zZvkqonaSWyHa+o+GXe3DgqnQFLScfSSGlp2Zx6
rPCH+ttxFjPTWeQN8DVcAf402aHr4ZToT8SnQyxey7aC5Otdrle4FSslHHPTN2U2
cwEF34wm8UoqYWdzMc7L8xuPCt55DPP+JhypcNHjXAwlG5Fd8R2uHFYUFq17vgPf
AcPjZhHfJbgg3LvWUTwNQ/2cwNMu/betDy84/51Ht6w3Re1iKmYUhTZo0hUWfXGr
lcUzhKawLzimK4ooKUurEh+myTqlcKPfuyFYQ79czXAjH4NbFgzrB/wRWLdeqji+
MDMY7h/2eHUOfVRvjBAT0Z9dDJvRiAD75ifyKim/5gEH
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org