Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
File: 6983da84-161e-42b3-9b20-728d967cf78a.roa (raw, json)
Hash identifier: 1J3bRBCUeCsayQmtZuh90UUCEzI0BPwZiAM7cPXiMYk=
Subject key identifier: F2:F0:B7:DF:C0:A5:EF:22:E5:C9:E6:C9:62:0B:95:61:F4:97:2D:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E227D6222047828D4E04D93D120F2E64A06480D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:22:7d:62:22:04:78:28:d4:e0:4d:93:d1:20:f2:e6:4a:06:48:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=393c97a42445f19d26acf2c14b90d198bb5c9a39f207515cdbeda5d74768d666, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9f:89:c5:87:ac:d6:8b:58:97:0e:48:5e:33:
f0:2f:51:6d:cd:f7:44:5d:3e:9d:d6:73:e9:05:7c:
47:4c:63:bb:e0:da:c2:90:dc:a4:76:ac:41:7a:72:
32:d1:27:4f:56:c6:eb:9e:93:2c:07:6e:17:4d:fc:
73:14:74:7f:75:9c:af:b2:cd:b1:86:91:ac:23:0e:
f8:16:11:8a:dd:ae:d8:b1:0c:04:09:5b:bc:9a:90:
22:31:29:71:38:9a:1c:f1:e2:35:95:23:c2:85:57:
c8:17:8f:5c:62:69:63:2f:ce:62:fb:4a:35:f6:d8:
a0:41:f6:73:a2:46:22:54:ce:7e:61:58:04:71:b6:
2f:33:37:36:0c:75:d5:3c:40:a8:1b:4b:b9:bb:17:
00:f1:60:df:bd:09:24:c9:65:9f:46:c8:ed:9d:f3:
9b:e5:a5:d6:aa:84:81:dd:d2:a9:28:59:a7:4f:47:
8e:ef:ed:cd:b0:56:02:16:cd:51:a7:43:b0:24:ff:
2b:b1:9e:82:de:20:af:bd:43:de:69:09:2f:28:71:
d1:a8:91:31:c3:f6:67:71:6f:2f:88:fe:2f:84:82:
ab:79:be:4e:08:e7:25:60:41:88:51:98:01:7a:95:
82:99:c5:8d:c1:e4:48:2f:3e:7d:6a:97:75:4d:18:
ed:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F0:B7:DF:C0:A5:EF:22:E5:C9:E6:C9:62:0B:95:61:F4:97:2D:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:eb:94:6f:8f:1c:06:ec:79:44:2c:16:b0:10:f5:10:2b:52:
6c:af:01:63:f6:08:b7:9b:23:a0:15:b3:c8:16:8f:0a:79:97:
89:a4:80:12:38:2a:68:f9:19:61:22:19:e3:e2:f8:be:82:05:
fa:70:1d:de:1a:a9:d5:e9:db:ce:ad:b0:b3:94:97:7b:eb:6a:
89:a4:2c:af:6e:d3:f3:36:f4:8a:ae:2e:0e:05:49:c9:9b:3c:
56:50:c6:2c:41:e1:70:d9:9c:1a:1d:61:de:c1:f8:49:3c:11:
83:95:0c:a1:18:18:eb:b4:19:ce:14:ba:1e:b7:2b:52:d8:09:
4f:1e:d2:a7:75:63:a2:b0:55:90:fe:93:2a:89:0f:67:22:f1:
98:31:b9:64:26:8d:9b:04:2d:19:dc:f7:a5:71:f9:24:ee:ac:
34:aa:dc:5f:1d:4a:7c:19:d2:df:d7:2d:f8:12:27:12:16:cb:
f4:59:a1:e6:2f:c6:18:a2:ec:6a:ec:19:4a:f7:8d:ce:64:93:
b7:4e:62:dc:ab:24:06:b5:18:a0:12:67:b3:a5:a3:bf:8d:89:
a1:16:cf:58:88:00:6e:14:81:fd:c5:5f:96:98:56:81:54:14:
5f:8e:c1:5e:0b:07:a1:b2:07:36:69:31:f2:06:04:1d:69:6a:
09:a4:ac:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbiJ9YiIEeCjU4E2T0SDy5koGSA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5M2M5N2E0MjQ0NWYxOWQyNmFjZjJjMTRiOTBkMTk4YmI1YzlhMzlmMjA3
NTE1Y2RiZWRhNWQ3NDc2OGQ2NjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWficWHrNaLWJcOSF4z8C9Rbc33RF0+ndZz6QV8R0xju+DawpDcpHasQXpy
MtEnT1bG656TLAduF038cxR0f3Wcr7LNsYaRrCMO+BYRit2u2LEMBAlbvJqQIjEp
cTiaHPHiNZUjwoVXyBePXGJpYy/OYvtKNfbYoEH2c6JGIlTOfmFYBHG2LzM3Ngx1
1TxAqBtLubsXAPFg370JJMlln0bI7Z3zm+Wl1qqEgd3SqShZp09Hju/tzbBWAhbN
UadDsCT/K7Gegt4gr71D3mkJLyhx0aiRMcP2Z3FvL4j+L4SCq3m+TgjnJWBBiFGY
AXqVgpnFjcHkSC8+fWqXdU0Y7UsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTy8Lff
wKXvIuXJ5sliC5Vh9JctcTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk4M2RhODQtMTYxZS00MmIzLTliMjAtNzI4ZDk2N2NmNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQAn65RvjxwG7HlELBawEPUQK1JsrwFj9gi3myOgFbPI
Fo8KeZeJpIASOCpo+RlhIhnj4vi+ggX6cB3eGqnV6dvOrbCzlJd762qJpCyvbtPz
NvSKri4OBUnJmzxWUMYsQeFw2ZwaHWHewfhJPBGDlQyhGBjrtBnOFLoetytS2AlP
HtKndWOisFWQ/pMqiQ9nIvGYMblkJo2bBC0Z3Pelcfkk7qw0qtxfHUp8GdLf1y34
EicSFsv0WaHmL8YYouxq7BlK943OZJO3TmLcqyQGtRigEmezpaO/jYmhFs9YiABu
FIH9xV+WmFaBVBRfjsFeCwehsgc2aTHyBgQdaWoJpKzg
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org