Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
File: c3f70d8a-f35a-4409-8c26-390948a7b181.roa (raw, json)
Hash identifier: LbWS5nd8L+fSwCqCHInHZ6pqZjD2fFiILxeRcB5GOaw=
Subject key identifier: BF:52:E9:F6:6D:E1:ED:3C:04:1C:42:DC:78:9E:81:30:B4:7D:AC:37
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19ED3FCBACC52F741B4342F5AC088E07AF7708C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:ed:3f:cb:ac:c5:2f:74:1b:43:42:f5:ac:08:8e:07:af:77:08:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=225483ba1e0f29107f85396943b1d82941f31065a54df832f8ffa8987846a8c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:af:52:46:64:ab:cb:19:f1:b0:d6:dc:a0:d8:
4c:15:cb:cc:d4:50:ef:e3:91:82:17:b7:ef:d3:eb:
18:0a:27:59:f0:3d:7b:b1:49:94:de:c9:58:45:00:
ba:bd:ea:3c:63:18:60:60:14:9b:5d:f3:6e:a7:5e:
4e:60:c0:e0:47:d2:d0:b9:fa:d5:1f:3c:5a:71:17:
52:e7:32:cf:5c:7a:eb:58:76:5d:7a:71:f2:c3:fb:
27:d5:35:1a:0d:2a:a7:ae:26:5e:c2:05:b8:37:80:
20:a3:df:65:bf:04:03:71:57:9a:9a:b1:0a:dd:90:
78:fb:f4:31:4f:83:6f:38:72:1e:12:8d:15:5c:0a:
8f:34:b6:04:55:d7:b9:1b:83:20:70:3d:a3:2e:14:
e6:df:76:d7:1a:1c:0c:4d:9a:93:31:ba:13:3d:d0:
2d:56:83:79:57:37:ed:7c:55:cb:ea:37:44:34:62:
4f:1f:c3:cf:db:49:3e:97:97:05:3c:e7:b8:08:6b:
74:13:f0:f4:0b:c9:4a:f7:cc:b7:a0:9b:ea:af:d2:
76:be:7f:c9:98:a5:ec:d7:0b:75:89:94:9a:b1:00:
4e:7d:f3:a1:7a:44:24:28:91:74:9d:1b:bd:6d:37:
7d:6d:3c:3a:f4:9d:f9:f1:88:e3:38:eb:ed:18:1b:
95:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:52:E9:F6:6D:E1:ED:3C:04:1C:42:DC:78:9E:81:30:B4:7D:AC:37
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
80:7a:cf:3e:76:74:cc:71:56:f6:7d:8b:ca:17:a9:a7:63:96:
c8:f9:d5:e8:c1:9d:ca:da:e2:bf:6b:fb:d2:21:97:21:89:dc:
a2:57:19:eb:6b:49:03:13:bb:63:50:c3:4d:10:71:09:e4:05:
07:8b:88:7a:96:cd:0f:48:ab:de:fa:0b:48:4e:54:d1:cc:43:
52:70:23:60:73:66:fe:83:2c:eb:fd:0d:84:b6:09:35:e4:64:
c3:a8:72:4f:51:14:ae:c3:e5:10:8a:86:03:7a:c9:c9:91:3e:
dd:99:17:f2:d7:91:6e:ea:be:1c:57:5c:79:0c:23:3f:4a:5e:
e0:57:f4:cc:09:33:55:c0:16:fa:3c:76:09:f6:57:a7:28:25:
dc:a6:a3:f2:27:98:d3:a2:e0:67:af:14:84:46:8d:6e:45:68:
21:a2:d5:ab:9d:2c:c8:72:ba:25:2f:ff:8f:64:e8:9d:be:49:
06:b6:ce:c4:b8:a8:10:2a:0f:4a:e5:13:9c:d9:c2:eb:3e:56:
4c:4e:9e:e9:fb:f8:b3:2f:6c:c3:8d:7f:48:a9:42:be:a1:38:
c4:1c:29:d5:af:b2:c9:53:35:26:95:8b:f7:30:4f:20:e4:4d:
85:72:c8:24:9d:28:97:81:fd:28:04:fb:21:6e:51:b5:fa:6a:
4b:81:38:34
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGe0/y6zFL3QbQ0L1rAiOB693CMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNTQ4M2JhMWUwZjI5MTA3Zjg1Mzk2OTQzYjFkODI5NDFmMzEwNjVhNTRk
ZjgzMmY4ZmZhODk4Nzg0NmE4YzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKvUkZkq8sZ8bDW3KDYTBXLzNRQ7+ORghe379PrGAonWfA9e7FJlN7JWEUA
ur3qPGMYYGAUm13zbqdeTmDA4EfS0Ln61R88WnEXUucyz1x661h2XXpx8sP7J9U1
Gg0qp64mXsIFuDeAIKPfZb8EA3FXmpqxCt2QePv0MU+DbzhyHhKNFVwKjzS2BFXX
uRuDIHA9oy4U5t921xocDE2akzG6Ez3QLVaDeVc37XxVy+o3RDRiTx/Dz9tJPpeX
BTznuAhrdBPw9AvJSvfMt6Cb6q/Sdr5/yZil7NcLdYmUmrEATn3zoXpEJCiRdJ0b
vW03fW08OvSd+fGI4zjr7RgblRcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS/Uun2
beHtPAQcQtx4noEwtH2sNzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzNmNzBkOGEtZjM1YS00NDA5LThjMjYtMzkwOTQ4YTdiMTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAgHrPPnZ0zHFW9n2Lyhepp2OWyPnV6MGdytriv2v7
0iGXIYncolcZ62tJAxO7Y1DDTRBxCeQFB4uIepbND0ir3voLSE5U0cxDUnAjYHNm
/oMs6/0NhLYJNeRkw6hyT1EUrsPlEIqGA3rJyZE+3ZkX8teRbuq+HFdceQwjP0pe
4Ff0zAkzVcAW+jx2CfZXpygl3Kaj8ieY06LgZ68UhEaNbkVoIaLVq50syHK6JS//
j2Tonb5JBrbOxLioECoPSuUTnNnC6z5WTE6e6fv4sy9sw41/SKlCvqE4xBwp1a+y
yVM1JpWL9zBPIORNhXLIJJ0ol4H9KAT7IW5RtfpqS4E4NA==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org