Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
File: 69740d55-a842-4e2d-a267-6df47f50e20c.roa (raw, json)
Hash identifier: Qd1DT4qZozKIF6VO350jljX7eHxvgFJec8evzD2a0lM=
Subject key identifier: 21:26:2A:A4:28:7E:CD:B3:A3:0F:AC:28:34:4C:FB:FC:02:64:8F:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2630D9299CEEAA7E8D03DD7841AEECCE98DE6583
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:30:d9:29:9c:ee:aa:7e:8d:03:dd:78:41:ae:ec:ce:98:de:65:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=24c2aead471475d7a3acf74c9cfc124f7f2d3554309e3dfef6872e32233f348a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a1:c9:fb:93:d0:37:80:77:d1:e4:1a:04:c4:
f7:79:3b:42:59:ce:1b:f2:14:7a:3a:06:c2:9f:a0:
ea:18:15:59:88:3d:f8:e8:24:eb:3c:36:4a:da:a6:
40:cb:6b:67:6f:dc:7e:bd:82:24:4d:52:5c:02:0e:
55:e3:7d:35:9c:c1:27:54:1b:29:75:1c:b0:17:7a:
55:82:17:49:89:93:8f:d1:73:71:6c:24:57:88:37:
e4:33:5b:74:7c:ec:66:3f:04:9c:46:2d:52:e2:39:
29:55:ab:f5:06:84:06:8a:e7:d1:48:cc:40:a1:32:
df:c5:6d:b3:44:ea:e9:5b:1b:18:e7:6e:da:0e:4b:
0c:72:de:0b:62:a7:94:79:c8:22:f4:a6:2d:ed:85:
ba:de:e1:05:54:d5:67:1f:74:af:21:a4:d3:df:cd:
2e:0e:64:d6:1a:72:be:96:3d:8b:1e:a3:65:ec:2c:
f0:a5:ae:d3:11:54:34:2a:24:bc:44:e7:09:f1:91:
cb:7d:3f:ba:69:fb:43:4e:c3:ec:ad:82:ee:14:95:
56:93:0d:c3:1b:10:bc:f0:a4:9b:3a:68:5f:b7:ab:
01:d4:22:bb:b5:1f:37:3e:a0:b8:e9:bc:be:eb:46:
ad:97:9f:76:75:04:fa:fd:dd:87:12:50:ce:02:5a:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:26:2A:A4:28:7E:CD:B3:A3:0F:AC:28:34:4C:FB:FC:02:64:8F:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c3:2d:98:23:a4:21:dc:8f:b1:f1:d9:d7:dc:b0:0a:cc:c6:
c7:bd:6f:0b:19:99:fa:20:76:70:a3:09:ae:bd:2b:1e:67:70:
f9:17:85:3e:b1:01:b9:d0:56:31:81:ce:8a:12:a8:36:7f:9e:
0d:f6:cb:aa:d7:d6:40:bd:19:30:74:ba:7c:dd:bb:63:f0:a8:
2e:c6:f3:25:41:e9:f8:f2:76:f4:4f:37:bd:c1:dc:36:e6:7e:
aa:47:5c:ee:6a:bd:94:5f:6f:91:06:49:1b:ed:81:51:e9:08:
47:35:1f:ad:a7:e2:60:09:a5:91:b7:00:d7:4e:18:d8:61:20:
69:a2:f8:87:15:88:c6:38:3a:2b:d9:b1:50:ed:bb:83:e6:13:
78:42:07:87:e4:22:03:7c:62:e8:f3:51:d0:57:bc:dc:71:62:
22:c1:5f:68:33:55:fd:14:2e:e0:67:11:07:00:0f:59:df:0d:
60:02:d7:29:53:84:92:21:bf:ab:54:0e:fa:ea:57:a9:d7:64:
79:df:e0:5d:69:1e:ec:2b:33:2d:87:02:81:91:f8:2f:ec:15:
64:0e:84:27:37:42:44:8b:4c:41:f0:8e:44:d1:9c:35:48:6e:
a6:65:33:46:c6:2f:56:f4:5e:3e:38:f0:3d:71:89:6a:4f:a7:
5b:bc:d6:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJjDZKZzuqn6NA914Qa7szpjeZYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YzJhZWFkNDcxNDc1ZDdhM2FjZjc0YzljZmMxMjRmN2YyZDM1NTQzMDll
M2RmZWY2ODcyZTMyMjMzZjM0OGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmhyfuT0DeAd9HkGgTE93k7QlnOG/IUejoGwp+g6hgVWYg9+Ogk6zw2Stqm
QMtrZ2/cfr2CJE1SXAIOVeN9NZzBJ1QbKXUcsBd6VYIXSYmTj9FzcWwkV4g35DNb
dHzsZj8EnEYtUuI5KVWr9QaEBorn0UjMQKEy38Vts0Tq6VsbGOdu2g5LDHLeC2Kn
lHnIIvSmLe2Fut7hBVTVZx90ryGk09/NLg5k1hpyvpY9ix6jZews8KWu0xFUNCok
vETnCfGRy30/umn7Q07D7K2C7hSVVpMNwxsQvPCkmzpoX7erAdQiu7UfNz6guOm8
vutGrZefdnUE+v3dhxJQzgJacG0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQhJiqk
KH7Ns6MPrCg0TPv8AmSPvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk3NDBkNTUtYTg0Mi00ZTJkLWEyNjctNmRmNDdmNTBlMjBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAP8MtmCOkIdyPsfHZ19ywCszGx71vCxmZ+iB2cKMJ
rr0rHmdw+ReFPrEBudBWMYHOihKoNn+eDfbLqtfWQL0ZMHS6fN27Y/CoLsbzJUHp
+PJ29E83vcHcNuZ+qkdc7mq9lF9vkQZJG+2BUekIRzUfrafiYAmlkbcA104Y2GEg
aaL4hxWIxjg6K9mxUO27g+YTeEIHh+QiA3xi6PNR0Fe83HFiIsFfaDNV/RQu4GcR
BwAPWd8NYALXKVOEkiG/q1QO+upXqddked/gXWke7CszLYcCgZH4L+wVZA6EJzdC
RItMQfCORNGcNUhupmUzRsYvVvRePjjwPXGJak+nW7zWFg==
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org