Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8184de91-4284-44f8-acc1-0d319b511ea5.roa
File: 8184de91-4284-44f8-acc1-0d319b511ea5.roa (raw, json)
Hash identifier: NpK1dWwv+8PrjPd9ta3qbBo5r9A1mwT0Jm6CoM7a++Q=
Subject key identifier: 84:C7:30:D1:E7:7A:13:76:19:56:75:A4:27:7D:9D:F0:2F:3F:5E:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 794C5F2DEE2B97C9AD8A02E883FEE5B642EACD99
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8184de91-4284-44f8-acc1-0d319b511ea5.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:4c:5f:2d:ee:2b:97:c9:ad:8a:02:e8:83:fe:e5:b6:42:ea:cd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=a1746cdae81475bc8f4cce659e8b89f5694a76424cd4f9939e61c4ed9b79fb31, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a1:d2:01:52:bf:e0:08:d5:11:03:28:17:5c:
31:17:77:e5:e9:02:5e:0d:32:83:4b:79:19:76:08:
76:b2:54:23:28:ee:60:31:86:06:15:30:44:fb:2c:
89:e5:df:b0:58:d9:a3:06:05:30:8d:0c:fa:d5:f3:
b1:97:23:ab:40:6d:1e:14:3b:30:c3:aa:bc:f3:34:
6e:23:c5:59:a3:af:c5:cf:79:ea:28:a0:48:2f:a7:
02:d5:a0:c0:35:07:d4:5d:20:cd:bd:f2:ec:ef:7c:
bf:7c:07:8a:88:8f:e1:9b:ee:ef:1b:3e:4b:f1:bd:
08:55:35:8d:3a:8c:e5:67:15:1b:52:ec:c8:d3:e1:
20:b9:b6:86:bd:e3:be:68:2a:ed:5f:0d:73:94:0a:
48:3d:c9:ac:59:08:f3:08:c5:e2:fb:42:ce:69:1b:
94:1f:b2:5b:ac:b7:0d:3a:f1:12:7c:05:f2:be:8a:
fd:5a:bd:82:5a:d3:91:2f:54:9d:ad:31:31:98:e1:
1c:f1:ea:44:8b:31:07:42:2c:91:e5:c6:4e:03:41:
06:e3:70:71:32:1a:ac:fe:3b:fe:c4:d9:ab:f9:91:
b2:20:33:ef:15:38:31:bd:9f:07:35:3f:03:d0:fd:
22:73:d0:36:f6:5a:d9:38:dd:1e:1b:a6:13:20:12:
c3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C7:30:D1:E7:7A:13:76:19:56:75:A4:27:7D:9D:F0:2F:3F:5E:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8184de91-4284-44f8-acc1-0d319b511ea5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
32:8b:fe:08:d5:d9:37:3b:72:7f:c9:a2:a7:4a:6b:15:eb:54:
fb:93:93:c3:73:b3:e9:f6:f4:3c:a3:a5:b0:1b:86:f8:a9:5e:
11:4f:8d:09:8f:62:f0:ab:c5:12:44:25:c8:7f:70:7b:1b:c2:
8e:27:89:42:dc:61:38:5d:51:90:e4:31:c3:15:c3:af:dd:d3:
fe:a1:09:e4:e1:30:6d:a0:9d:fc:45:5d:1b:5b:21:f5:47:dc:
90:ad:32:29:80:f3:0c:a5:0b:80:82:21:bc:0b:74:9a:44:0f:
97:31:41:ba:f7:22:fd:56:65:2c:a2:9d:85:a4:f1:16:a5:0c:
7d:60:3f:bb:25:a4:6c:bf:27:a2:0d:39:66:b3:d3:0c:74:ec:
12:93:e5:88:15:c9:69:d9:c2:dc:c4:cd:a6:b2:84:15:4d:34:
67:30:46:f1:d9:d8:0b:1d:a7:60:07:17:f9:36:6b:14:20:fd:
a5:48:b3:a5:56:5b:af:40:4b:de:73:98:1d:e4:9a:94:2e:ab:
8c:35:4c:b2:6f:19:32:4c:d7:a1:6f:5e:53:c9:58:e6:40:cd:
a5:d4:64:07:d6:f6:1a:31:f6:b8:48:76:56:fc:e3:30:0d:5b:
3b:e5:34:d5:95:c7:1e:c0:f5:43:36:04:10:9f:67:65:78:7f:
be:a2:55:5d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeUxfLe4rl8mtigLog/7ltkLqzZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNzQ2Y2RhZTgxNDc1YmM4ZjRjY2U2NTllOGI4OWY1Njk0YTc2NDI0Y2Q0
Zjk5MzllNjFjNGVkOWI3OWZiMzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2h0gFSv+AI1REDKBdcMRd35ekCXg0yg0t5GXYIdrJUIyjuYDGGBhUwRPss
ieXfsFjZowYFMI0M+tXzsZcjq0BtHhQ7MMOqvPM0biPFWaOvxc956iigSC+nAtWg
wDUH1F0gzb3y7O98v3wHioiP4Zvu7xs+S/G9CFU1jTqM5WcVG1LsyNPhILm2hr3j
vmgq7V8Nc5QKSD3JrFkI8wjF4vtCzmkblB+yW6y3DTrxEnwF8r6K/Vq9glrTkS9U
na0xMZjhHPHqRIsxB0IskeXGTgNBBuNwcTIarP47/sTZq/mRsiAz7xU4Mb2fBzU/
A9D9InPQNvZa2TjdHhumEyASw3kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSExzDR
53oTdhlWdaQnfZ3wLz9eJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODE4NGRlOTEtNDI4NC00NGY4LWFjYzEtMGQzMTliNTExZWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAMov+CNXZNztyf8mip0prFetU+5OTw3Oz6fb0PKOl
sBuG+KleEU+NCY9i8KvFEkQlyH9wexvCjieJQtxhOF1RkOQxwxXDr93T/qEJ5OEw
baCd/EVdG1sh9UfckK0yKYDzDKULgIIhvAt0mkQPlzFBuvci/VZlLKKdhaTxFqUM
fWA/uyWkbL8nog05ZrPTDHTsEpPliBXJadnC3MTNprKEFU00ZzBG8dnYCx2nYAcX
+TZrFCD9pUizpVZbr0BL3nOYHeSalC6rjDVMsm8ZMkzXoW9eU8lY5kDNpdRkB9b2
GjH2uEh2VvzjMA1bO+U01ZXHHsD1QzYEEJ9nZXh/vqJVXQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org