Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: L3wGVxW2w0LgLAZR5TvZWWHBDlhG6m9moYCdIPMTL50=
Subject key identifier: 9E:AF:62:1F:2B:40:83:03:B8:50:93:EE:11:3A:9F:0F:64:A2:9B:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DE8223BF0E3ED8A9CA11AC67EA083E990B9A711
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:e8:22:3b:f0:e3:ed:8a:9c:a1:1a:c6:7e:a0:83:e9:90:b9:a7:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=61afe4ac28b72e96a74d17d02563eced2f588d32bc4dcc30ddbca002ada2599f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:08:3e:57:b6:df:42:9d:c2:f5:ec:2f:bf:c2:
3d:39:87:39:a6:ed:91:fa:bd:17:bc:38:a7:55:13:
ec:a9:da:f6:36:f4:6b:f3:fb:e0:3a:df:8c:ed:49:
53:c1:a9:d5:0c:5c:68:4f:98:d8:87:05:f9:bd:21:
db:1f:16:1f:c3:01:26:9d:c5:a1:28:0b:14:b7:08:
08:1b:4f:d5:1c:72:d9:d9:4c:fb:6b:15:d6:4f:7b:
58:2b:dc:c6:10:bd:62:0b:13:47:b6:ae:00:d9:73:
92:de:fc:88:27:f9:9d:40:cd:89:c3:1e:c1:62:1d:
dc:c6:fe:b9:b6:4a:ca:71:ba:21:54:0e:11:b4:c5:
a0:3b:5e:31:ef:7d:8e:ab:e4:3c:36:1c:65:b9:10:
e8:78:53:28:9b:98:bf:4f:49:27:12:ff:11:39:c5:
19:63:b4:bc:9b:a0:c7:e2:9f:ab:ce:a1:6f:b3:b9:
6e:c7:fb:77:6e:05:54:52:c0:f4:19:59:2c:b0:f8:
98:56:6b:87:5e:b0:a2:17:27:24:2f:45:6d:22:f5:
2a:da:b5:45:04:07:7c:03:68:31:b9:e5:f3:5d:0e:
7e:ac:a8:82:a4:84:db:72:1d:80:df:13:f5:30:33:
c6:a0:b0:57:3e:86:75:f9:cf:8c:a7:fd:66:d4:57:
5d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AF:62:1F:2B:40:83:03:B8:50:93:EE:11:3A:9F:0F:64:A2:9B:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:7b:75:8f:70:5a:81:44:cc:d5:8e:d5:e3:a6:00:8a:da:2d:
8c:b6:14:ac:cd:e7:60:58:86:ba:15:48:c1:88:8b:9d:29:20:
dc:94:32:3f:51:e0:50:33:14:d6:6a:a3:09:e8:60:ff:fb:6d:
d7:ee:7a:d3:37:4b:d4:0f:c3:f2:97:bb:3e:62:47:63:36:9b:
bb:41:bd:10:2a:7c:f1:4e:5c:4c:c4:69:31:43:c4:ae:5c:5b:
03:b1:be:16:da:bd:9d:e0:06:29:a6:3b:66:34:ea:6d:b6:75:
bf:0c:7a:31:b7:fb:0a:41:70:ac:f9:eb:f5:ff:7b:40:13:cd:
4e:ef:10:d9:91:ec:b1:5a:ef:28:55:a7:94:b4:cf:0f:f6:03:
97:10:49:69:67:16:67:e9:a6:20:82:35:af:93:c3:18:dd:b3:
38:2f:49:43:b3:a9:06:2f:95:f6:24:03:24:af:46:44:35:8e:
8a:12:ef:92:f4:ab:43:58:cb:f8:4a:1b:1b:3d:fa:88:d0:b8:
25:32:5c:d1:a8:44:db:d5:08:62:7c:c1:1e:8e:15:29:32:cb:
f1:9b:fe:02:c3:fc:f1:00:54:0d:df:df:35:ef:2b:3c:40:d7:
2e:d1:13:b9:99:b8:02:38:a4:9e:91:d6:51:7d:78:5c:ba:c0:
e9:9f:34:fc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDegiO/Dj7YqcoRrGfqCD6ZC5pxEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxYWZlNGFjMjhiNzJlOTZhNzRkMTdkMDI1NjNlY2VkMmY1ODhkMzJiYzRk
Y2MzMGRkYmNhMDAyYWRhMjU5OWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEIPle230KdwvXsL7/CPTmHOabtkfq9F7w4p1UT7Kna9jb0a/P74DrfjO1J
U8Gp1QxcaE+Y2IcF+b0h2x8WH8MBJp3FoSgLFLcICBtP1Rxy2dlM+2sV1k97WCvc
xhC9YgsTR7auANlzkt78iCf5nUDNicMewWId3Mb+ubZKynG6IVQOEbTFoDteMe99
jqvkPDYcZbkQ6HhTKJuYv09JJxL/ETnFGWO0vJugx+Kfq86hb7O5bsf7d24FVFLA
9BlZLLD4mFZrh16wohcnJC9FbSL1Ktq1RQQHfANoMbnl810OfqyogqSE23IdgN8T
9TAzxqCwVz6GdfnPjKf9ZtRXXTkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSer2If
K0CDA7hQk+4ROp8PZKKbeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAmnt1j3BagUTM1Y7V46YAitotjLYUrM3nYFiGuhVI
wYiLnSkg3JQyP1HgUDMU1mqjCehg//tt1+560zdL1A/D8pe7PmJHYzabu0G9ECp8
8U5cTMRpMUPErlxbA7G+Ftq9neAGKaY7ZjTqbbZ1vwx6Mbf7CkFwrPnr9f97QBPN
Tu8Q2ZHssVrvKFWnlLTPD/YDlxBJaWcWZ+mmIII1r5PDGN2zOC9JQ7OpBi+V9iQD
JK9GRDWOihLvkvSrQ1jL+EobGz36iNC4JTJc0ahE29UIYnzBHo4VKTLL8Zv+AsP8
8QBUDd/fNe8rPEDXLtETuZm4AjiknpHWUX14XLrA6Z80/A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org