Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: h3rSny3zTCf3U38gZyFuNZ6mzks9mGmVFTVz7a2cj/0=
Subject key identifier: 12:8C:FD:61:75:1E:81:C5:F4:9E:CA:33:05:C8:ED:09:DF:F2:01:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2FC16940E857A017872BD69D6906375C740D1650
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:c1:69:40:e8:57:a0:17:87:2b:d6:9d:69:06:37:5c:74:0d:16:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=b149dd7e9bc54f1e8e68fd27ccf183aad2b585aa398087b9f55d102a84f5b35d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:11:fa:61:9c:11:3c:41:ff:3a:e2:bc:3f:bb:
9e:9f:a4:3a:87:73:e1:15:53:ae:5a:6c:2b:36:8a:
a0:6f:9b:36:1e:ac:69:b2:db:02:2e:18:1e:50:bf:
9a:f0:91:49:aa:4e:cc:8f:cf:32:72:27:1e:35:23:
d2:f4:2a:76:db:be:2b:c6:26:07:33:17:e8:72:0d:
e4:59:1f:35:1a:14:ba:cc:c1:8f:91:57:fb:89:9f:
05:1f:4e:ac:e3:bc:f2:4d:c1:e7:f1:b3:62:a2:dd:
de:b8:20:a6:d8:52:30:94:b5:56:38:66:fb:9c:9e:
b1:af:e5:48:99:b3:e9:4c:ae:23:6a:72:0d:6e:ec:
03:a9:4d:07:4f:de:79:10:56:c8:8e:06:9b:a6:73:
ae:b2:de:b2:58:09:ae:f7:28:67:65:cb:1f:d2:c9:
2c:ac:67:55:2b:36:f0:74:23:aa:0d:1a:1b:2a:eb:
fc:80:96:37:70:12:21:42:ca:ef:ab:c8:e4:91:5d:
d3:82:6b:aa:42:a2:6f:3a:c7:5c:04:71:f6:50:4f:
ca:7d:b3:53:22:c1:f7:a0:d9:08:3a:78:c2:eb:68:
c1:7c:f8:4d:7f:2c:7a:dc:75:07:2a:64:44:47:1d:
14:5a:5b:f0:41:fd:ab:3b:b5:49:2e:33:5d:4c:4a:
3c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8C:FD:61:75:1E:81:C5:F4:9E:CA:33:05:C8:ED:09:DF:F2:01:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
08:a1:db:89:40:b8:a6:30:56:7b:35:e8:18:6c:d4:52:f9:77:
0f:62:fe:63:3e:65:44:ee:f7:29:73:ea:4e:16:4b:cb:37:c5:
07:ea:70:43:a9:d4:81:ce:d1:c7:cd:12:03:1f:b4:d1:ac:9f:
2a:da:ed:50:00:00:65:0b:b0:0e:df:93:9d:81:63:1f:66:d3:
ba:60:8f:13:0c:b9:09:1a:47:97:01:0b:85:6e:10:b5:cd:fe:
d9:e3:ae:38:45:44:96:34:79:c5:7f:b6:6e:0f:05:7e:c7:f2:
88:98:79:07:b5:0a:a9:5f:9f:4e:c9:0e:84:35:4e:6a:12:f5:
b2:c3:02:f3:5e:00:8d:e3:c8:57:54:89:79:39:4c:94:ce:6a:
d8:22:f0:44:7b:cc:12:5e:b1:b2:a9:fd:8c:fb:3a:31:77:c7:
b8:83:b1:44:3f:29:2a:d2:04:8d:e2:5d:09:8f:74:5f:f0:4b:
40:b7:8b:d5:d9:94:57:90:6a:00:62:0e:1d:33:af:46:c7:d4:
c2:2b:b1:f0:66:a2:de:96:0b:66:a0:77:77:7f:86:2c:d1:5f:
dc:19:06:5d:76:b0:d0:fa:91:39:0b:13:6d:9a:ed:f7:cb:13:
71:ad:f9:ef:74:ba:5c:a0:0f:c2:aa:32:ee:d3:c8:32:15:df:
e1:b4:f7:40
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL8FpQOhXoBeHK9adaQY3XHQNFlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNDlkZDdlOWJjNTRmMWU4ZTY4ZmQyN2NjZjE4M2FhZDJiNTg1YWEzOTgw
ODdiOWY1NWQxMDJhODRmNWIzNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0R+mGcETxB/zrivD+7np+kOodz4RVTrlpsKzaKoG+bNh6sabLbAi4YHlC/
mvCRSapOzI/PMnInHjUj0vQqdtu+K8YmBzMX6HIN5FkfNRoUuszBj5FX+4mfBR9O
rOO88k3B5/GzYqLd3rggpthSMJS1Vjhm+5yesa/lSJmz6UyuI2pyDW7sA6lNB0/e
eRBWyI4Gm6ZzrrLeslgJrvcoZ2XLH9LJLKxnVSs28HQjqg0aGyrr/ICWN3ASIULK
76vI5JFd04JrqkKibzrHXARx9lBPyn2zUyLB96DZCDp4wutowXz4TX8setx1Bypk
REcdFFpb8EH9qzu1SS4zXUxKPBMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQSjP1h
dR6BxfSeyjMFyO0J3/IB+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEACKHbiUC4pjBWezXoGGzUUvl3D2L+Yz5lRO73KXPq
ThZLyzfFB+pwQ6nUgc7Rx80SAx+00ayfKtrtUAAAZQuwDt+TnYFjH2bTumCPEwy5
CRpHlwELhW4Qtc3+2eOuOEVEljR5xX+2bg8FfsfyiJh5B7UKqV+fTskOhDVOahL1
ssMC814AjePIV1SJeTlMlM5q2CLwRHvMEl6xsqn9jPs6MXfHuIOxRD8pKtIEjeJd
CY90X/BLQLeL1dmUV5BqAGIOHTOvRsfUwiux8Gai3pYLZqB3d3+GLNFf3BkGXXaw
0PqROQsTbZrt98sTca3573S6XKAPwqoy7tPIMhXf4bT3QA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org