Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
File: 981b1661-99b8-42c3-8da0-4a3ec14aab72.roa (raw, json)
Hash identifier: FvnLQzyr+PTHrJ07uQdReJbdtnW7ZvsZcfq/PpAux9s=
Subject key identifier: 0E:1E:83:5F:61:DA:6B:CE:43:2B:B2:0F:B7:E4:55:7B:2C:F5:D3:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 578EA5150A44955EF542F709A671267AC810B867
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:8e:a5:15:0a:44:95:5e:f5:42:f7:09:a6:71:26:7a:c8:10:b8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=3bf17679e7a74ca3420459eca30d2cb30f2fc36d88640014ad5ea1e133fe9ef5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:13:49:27:82:62:2d:73:65:47:8a:c6:70:e5:
cd:cf:b7:e1:48:d4:0b:b0:bd:14:b8:50:3d:9c:e4:
24:e5:5c:10:bd:9f:f9:24:95:3b:1c:49:ea:fd:4e:
61:77:08:c8:6d:d8:86:19:b5:00:0a:c6:89:b6:c8:
04:01:30:5d:f2:c5:8a:02:15:e3:2c:22:f2:b1:f5:
04:45:f7:1e:b9:04:48:64:47:a1:33:c1:c3:b4:28:
c1:64:de:cd:ae:ee:f7:49:91:cb:18:c0:5c:f2:5b:
f1:d4:46:14:e3:0f:4c:2c:7c:37:95:5a:f9:34:fa:
7c:4d:02:f0:bb:4d:48:55:b1:86:7c:fa:36:c3:8f:
f8:7a:fe:b8:de:91:82:5a:9c:92:a9:2e:64:74:68:
aa:8a:12:83:86:9a:a5:c8:2d:c8:a9:f1:de:2c:cf:
35:e5:5d:f8:f9:44:01:a3:62:a6:3b:88:69:73:b3:
f7:e5:12:2b:9c:de:ee:d1:e2:e3:17:1c:09:55:81:
0f:1c:7b:ed:f2:21:e5:60:70:a4:e4:9d:59:bb:7d:
7a:ea:93:27:98:bc:a1:59:3b:d8:01:eb:e8:8d:a4:
da:a4:95:52:7f:5c:93:b3:3e:f6:5d:0b:bc:04:a7:
2d:56:01:5d:9a:bc:fb:f9:2f:bd:89:98:60:ef:3c:
87:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1E:83:5F:61:DA:6B:CE:43:2B:B2:0F:B7:E4:55:7B:2C:F5:D3:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
34:3f:0c:3a:06:34:de:b8:f0:de:1a:f7:b2:82:db:13:90:da:
bb:f6:b4:df:36:5b:f5:75:b4:a5:8e:d8:4a:00:6f:cd:43:e4:
2f:84:b7:8c:85:dd:ba:c8:81:c5:0f:32:a6:ae:86:ad:7d:27:
e4:ab:a4:28:e9:4d:b4:d2:e8:42:e6:fa:4d:31:fa:5f:04:d0:
ed:54:bb:f7:b7:15:96:12:86:fa:d7:82:ee:5f:ab:97:6b:63:
2d:61:54:9d:bb:05:6c:63:d4:ed:27:92:69:b9:9e:5e:5b:52:
57:dc:18:72:03:34:71:ea:c5:c4:31:f7:9f:39:8f:e2:0a:cb:
3b:9c:71:12:e1:76:10:1d:4b:53:d9:1c:82:88:35:24:54:ae:
32:bf:4e:98:de:01:b2:be:68:fc:df:dd:1e:4f:85:93:e1:66:
bb:e4:98:e2:90:00:f2:46:b3:e5:55:77:2a:62:85:29:89:a1:
90:f0:ee:d7:7b:e5:40:f8:0a:8e:63:88:29:2f:cc:1f:9a:cd:
c5:27:b0:fa:3e:36:82:bb:32:85:bf:fd:f0:28:0d:9f:97:2f:
2b:a9:86:40:8a:e7:fb:f1:dd:7d:6f:fa:63:dc:af:76:4e:49:
b4:75:ab:cc:1d:9f:5b:70:68:32:67:6c:a2:b6:2f:89:68:5d:
ff:63:9a:fa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV46lFQpElV71QvcJpnEmesgQuGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiZjE3Njc5ZTdhNzRjYTM0MjA0NTllY2EzMGQyY2IzMGYyZmMzNmQ4ODY0
MDAxNGFkNWVhMWUxMzNmZTllZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMETSSeCYi1zZUeKxnDlzc+34UjUC7C9FLhQPZzkJOVcEL2f+SSVOxxJ6v1O
YXcIyG3Yhhm1AArGibbIBAEwXfLFigIV4ywi8rH1BEX3HrkESGRHoTPBw7QowWTe
za7u90mRyxjAXPJb8dRGFOMPTCx8N5Va+TT6fE0C8LtNSFWxhnz6NsOP+Hr+uN6R
glqckqkuZHRoqooSg4aapcgtyKnx3izPNeVd+PlEAaNipjuIaXOz9+USK5ze7tHi
4xccCVWBDxx77fIh5WBwpOSdWbt9euqTJ5i8oVk72AHr6I2k2qSVUn9ck7M+9l0L
vASnLVYBXZq8+/kvvYmYYO88hz8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQOHoNf
YdprzkMrsg+35FV7LPXT8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTgxYjE2NjEtOTliOC00MmMzLThkYTAtNGEzZWMxNGFhYjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAND8MOgY03rjw3hr3soLbE5Dau/a03zZb9XW0pY7Y
SgBvzUPkL4S3jIXdusiBxQ8ypq6GrX0n5KukKOlNtNLoQub6TTH6XwTQ7VS797cV
lhKG+teC7l+rl2tjLWFUnbsFbGPU7SeSabmeXltSV9wYcgM0cerFxDH3nzmP4grL
O5xxEuF2EB1LU9kcgog1JFSuMr9OmN4Bsr5o/N/dHk+Fk+Fmu+SY4pAA8kaz5VV3
KmKFKYmhkPDu13vlQPgKjmOIKS/MH5rNxSew+j42grsyhb/98CgNn5cvK6mGQIrn
+/HdfW/6Y9yvdk5JtHWrzB2fW3BoMmdsorYviWhd/2Oa+g==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org