Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: XbtcP6444R/TxM+Erxvypkze/uIE+2GEr5+8O7piQu4=
Subject key identifier: 73:40:05:73:57:EE:03:7A:37:1B:A6:67:F4:E5:DA:34:51:CF:7A:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35FAD1644CD46F67ADE6E8F869B0B220FF97801D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:fa:d1:64:4c:d4:6f:67:ad:e6:e8:f8:69:b0:b2:20:ff:97:80:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=ba574b5b68b21371ae6a4dfa8b4d41f3abdedac74e7d49f6b2d9adcd6bab4bc8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:50:f0:3d:cc:c8:cd:26:0d:26:8a:71:fa:d6:
88:ff:35:57:9e:b4:f8:c6:a5:65:3c:5f:7c:20:90:
ef:f0:3a:d6:11:7b:c2:2f:5a:7d:1c:64:61:0d:b0:
91:93:57:5a:62:65:de:62:3a:08:48:83:95:be:7c:
2d:86:c1:e2:90:dd:4c:45:78:c1:6a:df:5b:2b:28:
c2:eb:be:b6:12:43:c2:1d:8e:1b:41:f1:03:b7:a1:
0d:16:e8:6a:be:cc:26:d0:b5:f8:26:96:44:30:9e:
38:29:c3:57:dd:2c:11:1d:ee:06:00:f3:65:39:23:
27:c5:6c:f7:50:85:2e:80:4f:0c:72:52:ca:09:8b:
b5:e2:71:f4:9f:71:c9:2f:33:45:00:66:10:4f:22:
ba:fd:a6:cc:f7:8e:d6:d9:20:b5:11:11:8f:4f:7b:
c3:7b:55:bd:35:b6:ce:8f:e3:50:ad:e4:ae:77:2e:
02:88:ef:85:30:0b:b6:f7:d8:da:c7:7b:ac:57:3f:
01:96:21:d2:d5:7e:4f:b6:aa:98:e8:ad:e7:81:2f:
3e:2a:0f:f3:1c:4b:c0:2c:fa:37:9b:cf:1a:d5:16:
bb:b2:48:3c:7a:4c:1f:fb:66:e5:d9:08:23:cb:46:
3c:1e:cc:96:b1:54:cd:21:0e:16:81:db:d8:c1:a2:
d8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:40:05:73:57:EE:03:7A:37:1B:A6:67:F4:E5:DA:34:51:CF:7A:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
95:79:3d:57:d2:0c:9f:e0:2c:bd:43:12:60:60:41:ea:1e:7b:
4a:ec:3c:e2:13:cc:19:65:b6:b2:99:30:c8:4b:d3:6a:3f:39:
17:c8:bb:8e:99:0c:91:38:6e:b4:15:66:4f:ab:8f:b7:56:1a:
85:40:54:cc:d3:6a:30:d5:75:7f:91:18:a3:fe:9b:27:8f:4b:
8a:5f:e9:e1:39:40:ab:87:e4:a8:be:0e:56:08:0d:d5:c4:ee:
7b:26:56:59:68:1a:93:63:fe:3a:90:53:d8:6b:1e:b7:a1:e8:
4a:6b:a7:c8:4b:22:6e:32:7c:93:39:1f:b0:53:ba:04:33:0f:
e5:e6:0c:c3:66:60:2f:db:61:94:4f:54:7e:04:e9:36:a4:b2:
c3:79:73:40:76:e6:b9:ce:ce:86:e2:39:ae:74:34:92:54:a6:
0c:4d:a3:da:46:49:0e:e1:05:7c:7d:15:cb:f7:9d:00:12:97:
e0:d1:cb:36:b3:0b:aa:1e:72:af:a0:e7:3a:ee:08:4b:25:01:
5b:02:bd:65:75:ba:e2:44:c0:a8:8a:42:76:bc:05:fb:2f:fc:
a3:82:55:df:61:72:fb:4d:d0:f0:c5:7a:2f:10:ed:6c:2b:73:
26:99:7e:b9:8d:a3:d3:e7:b9:88:30:66:51:13:37:7a:aa:40:
77:f5:c1:d9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNfrRZEzUb2et5uj4abCyIP+XgB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhNTc0YjViNjhiMjEzNzFhZTZhNGRmYThiNGQ0MWYzYWJkZWRhYzc0ZTdk
NDlmNmIyZDlhZGNkNmJhYjRiYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOVQ8D3MyM0mDSaKcfrWiP81V560+MalZTxffCCQ7/A61hF7wi9afRxkYQ2w
kZNXWmJl3mI6CEiDlb58LYbB4pDdTEV4wWrfWysowuu+thJDwh2OG0HxA7ehDRbo
ar7MJtC1+CaWRDCeOCnDV90sER3uBgDzZTkjJ8Vs91CFLoBPDHJSygmLteJx9J9x
yS8zRQBmEE8iuv2mzPeO1tkgtRERj097w3tVvTW2zo/jUK3krncuAojvhTALtvfY
2sd7rFc/AZYh0tV+T7aqmOit54EvPioP8xxLwCz6N5vPGtUWu7JIPHpMH/tm5dkI
I8tGPB7MlrFUzSEOFoHb2MGi2GUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRzQAVz
V+4Dejcbpmf05do0Uc96kzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAlXk9V9IMn+AsvUMSYGBB6h57Suw84hPMGWW2spkw
yEvTaj85F8i7jpkMkThutBVmT6uPt1YahUBUzNNqMNV1f5EYo/6bJ49Lil/p4TlA
q4fkqL4OVggN1cTueyZWWWgak2P+OpBT2Gset6HoSmunyEsibjJ8kzkfsFO6BDMP
5eYMw2ZgL9thlE9UfgTpNqSyw3lzQHbmuc7OhuI5rnQ0klSmDE2j2kZJDuEFfH0V
y/edABKX4NHLNrMLqh5yr6DnOu4ISyUBWwK9ZXW64kTAqIpCdrwF+y/8o4JV32Fy
+03Q8MV6LxDtbCtzJpl+uY2j0+e5iDBmURM3eqpAd/XB2Q==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org