Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/61a46a0f-9dd7-44e2-afee-9bf568e2e018.roa
File: 61a46a0f-9dd7-44e2-afee-9bf568e2e018.roa (raw, json)
Hash identifier: 8guUq1L1g88Hu4yHzow1LX5CpiyyKrkn+B7dU9Q94Sc=
Subject key identifier: 27:39:FC:34:CC:4F:24:39:AF:25:9F:5F:D7:1A:78:B6:1A:87:4A:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4740F2EBA4A99C9F9331D5380C1C6C5DEF2D55D2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/61a46a0f-9dd7-44e2-afee-9bf568e2e018.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:40:f2:eb:a4:a9:9c:9f:93:31:d5:38:0c:1c:6c:5d:ef:2d:55:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=bd7129f5e98df6161c74613e065055ed3c8042a1f8c57f02a2162b1a12ed87f7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c3:5c:4d:5f:66:f3:46:d1:ad:bc:01:5b:53:
ab:5e:68:77:15:4e:33:19:69:c3:d0:6a:db:0c:96:
5c:81:f9:99:0a:c5:85:1b:60:ef:28:f6:91:28:68:
37:d0:2e:1e:d4:1c:fb:df:79:3d:39:09:0a:ed:d3:
04:55:21:a2:28:35:56:ab:e9:99:e7:42:30:70:05:
61:1f:b5:ce:49:fb:56:bf:8a:ca:11:09:20:d7:e1:
3f:08:20:b7:38:43:02:99:ca:f7:f5:e0:ef:b4:ac:
7c:9c:bf:a3:4e:86:39:96:c0:87:5a:cf:3c:32:64:
99:59:8e:7a:f9:b4:e3:b6:61:54:11:31:9e:4d:67:
07:81:01:3b:8e:e1:33:d2:2a:8d:d1:2a:3d:a9:23:
12:13:8f:73:e2:01:7a:67:a6:8b:a3:ad:f8:31:73:
d8:a5:8b:af:64:a9:fe:83:3e:dd:57:f2:2f:39:48:
34:45:08:51:dc:89:14:5c:e6:09:39:82:4f:be:2e:
26:9c:54:a0:62:8d:cd:68:9d:68:93:75:fc:f2:89:
be:75:fe:43:8f:00:3b:a8:c7:fa:68:25:4e:a7:82:
68:a6:99:e0:a7:1c:59:99:39:c9:f9:78:17:bc:a5:
00:4c:94:c5:96:8d:17:21:69:21:23:82:8e:ca:04:
cc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:39:FC:34:CC:4F:24:39:AF:25:9F:5F:D7:1A:78:B6:1A:87:4A:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/61a46a0f-9dd7-44e2-afee-9bf568e2e018.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
08:33:b0:8e:14:26:67:d4:54:d6:3b:12:e4:3d:8b:20:06:31:
62:53:50:79:fb:0a:37:3f:4c:ee:c9:2b:02:7e:06:82:72:23:
76:05:54:0e:c0:55:82:ea:fb:d2:f7:37:5b:70:71:34:51:4d:
28:ff:2b:da:a2:c1:65:8a:d7:8e:71:4a:36:d0:01:e6:d0:4e:
75:0f:55:c6:1c:8d:35:ab:28:42:25:0b:ae:a9:eb:6c:15:ab:
cc:45:dc:80:8d:d1:c7:ac:0b:9a:5e:41:b4:68:85:70:35:37:
2e:4b:21:be:c2:c1:b1:d2:bb:c2:e9:1b:fc:8b:7a:70:d6:64:
bf:f9:3f:97:7c:61:ce:db:52:21:89:17:74:25:6d:59:d1:dd:
fc:22:4a:e0:fb:25:ff:c5:34:f5:97:f9:be:04:a7:81:fd:92:
1a:ee:05:5b:18:ec:f3:40:8a:99:0e:52:47:41:97:47:ec:34:
5d:33:8f:39:e0:50:7b:64:cf:4d:39:e3:c1:98:b0:be:6a:b7:
de:a4:a3:8e:91:f8:2b:fe:7b:5e:d5:c8:6d:95:e2:90:9d:fc:
2f:92:ea:64:6b:fa:4c:38:ca:66:fc:ed:e9:20:77:25:f2:56:
72:cc:d4:04:08:ac:b3:94:ba:f8:79:13:72:0e:69:ae:ba:29:
c3:5f:90:39
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR0Dy66SpnJ+TMdU4DBxsXe8tVdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNzEyOWY1ZTk4ZGY2MTYxYzc0NjEzZTA2NTA1NWVkM2M4MDQyYTFmOGM1
N2YwMmEyMTYyYjFhMTJlZDg3ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTDXE1fZvNG0a28AVtTq15odxVOMxlpw9Bq2wyWXIH5mQrFhRtg7yj2kSho
N9AuHtQc+995PTkJCu3TBFUhoig1VqvpmedCMHAFYR+1zkn7Vr+KyhEJINfhPwgg
tzhDApnK9/Xg77SsfJy/o06GOZbAh1rPPDJkmVmOevm047ZhVBExnk1nB4EBO47h
M9IqjdEqPakjEhOPc+IBememi6Ot+DFz2KWLr2Sp/oM+3VfyLzlINEUIUdyJFFzm
CTmCT74uJpxUoGKNzWidaJN1/PKJvnX+Q48AO6jH+mglTqeCaKaZ4KccWZk5yfl4
F7ylAEyUxZaNFyFpISOCjsoEzI0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQnOfw0
zE8kOa8ln1/XGni2GodKJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjFhNDZhMGYtOWRkNy00NGUyLWFmZWUtOWJmNTY4ZTJlMDE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEACDOwjhQmZ9RU1jsS5D2LIAYxYlNQefsKNz9M7skr
An4GgnIjdgVUDsBVgur70vc3W3BxNFFNKP8r2qLBZYrXjnFKNtAB5tBOdQ9VxhyN
NasoQiULrqnrbBWrzEXcgI3Rx6wLml5BtGiFcDU3LkshvsLBsdK7wukb/It6cNZk
v/k/l3xhzttSIYkXdCVtWdHd/CJK4Psl/8U09Zf5vgSngf2SGu4FWxjs80CKmQ5S
R0GXR+w0XTOPOeBQe2TPTTnjwZiwvmq33qSjjpH4K/57XtXIbZXikJ38L5LqZGv6
TDjKZvzt6SB3JfJWcszUBAiss5S6+HkTcg5prropw1+QOQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org