Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
File: ba49e847-161e-4e06-ade5-750cb58ef3e5.roa (raw, json)
Hash identifier: Z60zIMYXZehyJuCzOuxMj/a6I4v0fWd0/dAvUEze1C8=
Subject key identifier: B7:38:C5:06:A3:AF:8E:F6:A3:8C:88:C7:E3:10:02:40:4D:4C:47:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 01D2741AE5D6A72EF65A852B5AC3BFB24E62A912
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:d2:74:1a:e5:d6:a7:2e:f6:5a:85:2b:5a:c3:bf:b2:4e:62:a9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=6f8d797c9452bc85322f5b1ae62c0153db152717acf70e00e092d798636a34dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:c4:94:ac:92:da:ff:14:ce:f7:64:f8:0e:
a2:22:31:ec:1e:b7:f3:99:c0:74:9a:4f:30:92:25:
08:b4:9d:b7:47:55:97:63:34:b8:04:82:d0:0c:0c:
f2:f7:89:43:5e:d1:6c:ab:13:9a:ae:f4:29:94:4b:
c0:77:25:27:e5:6d:49:98:fe:52:e3:eb:ac:f3:9e:
51:c8:ea:9d:42:18:b3:80:6f:94:4d:e7:b2:23:1d:
73:04:bb:58:e0:bf:d6:29:85:72:f0:60:50:8b:6b:
80:65:0f:c1:7d:56:09:0f:19:8e:d4:f5:26:e9:c8:
5e:9f:cd:ca:19:1b:6a:3c:25:00:73:f3:6e:e1:53:
7a:c9:b3:6c:96:dd:c4:6c:d9:08:6e:5f:d4:2e:a5:
d2:22:c3:0d:ba:e9:9e:4d:54:33:b9:2d:6f:7a:21:
98:4f:d1:82:58:28:b0:ec:ee:ca:88:79:aa:a9:8d:
cc:8b:04:76:dd:19:02:a9:8c:8f:c7:bc:2e:9a:03:
cb:73:b5:fd:81:8b:fe:cb:86:1c:56:21:2b:98:9e:
a9:2d:39:73:26:2c:a7:11:54:df:e7:af:40:9c:e3:
7b:60:09:11:06:c4:c2:3c:18:3b:f0:9c:ec:b0:bf:
63:dc:3e:49:aa:d0:dc:eb:a9:e5:1e:56:25:ae:37:
46:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:38:C5:06:A3:AF:8E:F6:A3:8C:88:C7:E3:10:02:40:4D:4C:47:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
67:a9:e9:b1:9c:c6:22:db:df:83:c9:12:ab:80:a9:14:f7:bf:
9e:4d:6d:e2:e4:db:b1:1e:2f:2e:c7:82:bc:39:2d:39:5b:89:
30:c6:a8:1a:c1:3b:6c:59:ce:1d:62:d3:b2:95:d0:77:9c:a1:
80:4d:b0:2a:59:f9:a6:04:ef:5c:4c:e9:ac:25:8e:2d:b3:43:
9a:d8:b8:8c:42:1d:33:e1:bc:81:a1:76:d3:5b:76:d2:d7:65:
0e:92:b1:74:3b:c4:8f:ee:bf:f3:21:b5:ec:48:94:e1:fe:dd:
a4:45:bc:78:ad:b7:2f:d3:94:08:c3:9d:dc:fb:92:d5:de:82:
70:f8:c9:aa:3f:2e:b2:8a:46:82:07:ea:bf:63:86:4c:37:1d:
af:99:e0:97:b2:0e:69:f6:6e:30:a9:ee:c6:28:2b:78:62:55:
40:91:87:64:65:27:65:93:03:dc:f4:8e:87:ed:1f:11:a0:9e:
65:d7:68:b6:1c:54:52:1e:22:c1:fc:30:c4:52:e7:1d:0e:3d:
6a:fb:ef:57:c8:1e:d3:e4:5c:cc:b2:0d:42:90:b7:86:d7:b6:
23:20:8a:90:33:e8:d1:bb:a2:0f:fd:83:27:17:04:42:0d:26:
90:d8:29:e8:5d:bb:de:0b:fe:7a:16:17:06:19:ff:3d:51:62:
7e:f9:bb:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAdJ0GuXWpy72WoUrWsO/sk5iqRIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmOGQ3OTdjOTQ1MmJjODUzMjJmNWIxYWU2MmMwMTUzZGIxNTI3MTdhY2Y3
MGUwMGUwOTJkNzk4NjM2YTM0ZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKo+xJSsktr/FM73ZPgOoiIx7B6385nAdJpPMJIlCLSdt0dVl2M0uASC0AwM
8veJQ17RbKsTmq70KZRLwHclJ+VtSZj+UuPrrPOeUcjqnUIYs4BvlE3nsiMdcwS7
WOC/1imFcvBgUItrgGUPwX1WCQ8ZjtT1JunIXp/NyhkbajwlAHPzbuFTesmzbJbd
xGzZCG5f1C6l0iLDDbrpnk1UM7ktb3ohmE/RglgosOzuyoh5qqmNzIsEdt0ZAqmM
j8e8LpoDy3O1/YGL/suGHFYhK5ieqS05cyYspxFU3+evQJzje2AJEQbEwjwYO/Cc
7LC/Y9w+SarQ3Oup5R5WJa43RoMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3OMUG
o6+O9qOMiMfjEAJATUxH8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmE0OWU4NDctMTYxZS00ZTA2LWFkZTUtNzUwY2I1OGVmM2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAZ6npsZzGItvfg8kSq4CpFPe/nk1t4uTbsR4vLseC
vDktOVuJMMaoGsE7bFnOHWLTspXQd5yhgE2wKln5pgTvXEzprCWOLbNDmti4jEId
M+G8gaF201t20tdlDpKxdDvEj+6/8yG17EiU4f7dpEW8eK23L9OUCMOd3PuS1d6C
cPjJqj8usopGggfqv2OGTDcdr5ngl7IOafZuMKnuxigreGJVQJGHZGUnZZMD3PSO
h+0fEaCeZddothxUUh4iwfwwxFLnHQ49avvvV8ge0+RczLINQpC3hte2IyCKkDPo
0buiD/2DJxcEQg0mkNgp6F273gv+ehYXBhn/PVFifvm7DA==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org