Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
File: fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa (raw, json)
Hash identifier: jQ8OmRf4IH7N3B+44i1r3pL7IEBu3KkRSR10dp2K3I4=
Subject key identifier: 21:F5:C4:AB:A7:60:BF:30:78:6F:FB:75:54:41:FA:B3:97:06:3A:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BE923DC459A5C11BB8A4EEFCB614BB92C250BE6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:e9:23:dc:45:9a:5c:11:bb:8a:4e:ef:cb:61:4b:b9:2c:25:0b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=cf1dd5ba7702b906a1ec7abfd9fd5140ec5845cca8158b085dee73b01e928cdd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d6:4a:d8:43:1d:1f:8c:19:60:5d:a6:22:dc:
4c:48:a8:6f:b2:80:a0:aa:34:70:0b:90:af:05:fd:
82:aa:4f:4b:08:90:23:9f:ef:ac:b1:b1:14:b4:0f:
71:ff:3c:f3:a7:1c:6a:9b:d3:06:8b:de:77:75:fb:
ee:00:61:8d:4e:65:e5:0b:bd:54:48:6a:8a:e6:b4:
47:26:7c:f1:2b:82:b5:71:5e:91:b2:b1:0e:27:09:
19:8f:53:ca:f6:c1:ab:3c:64:af:e9:a0:67:59:61:
46:5c:2b:a2:61:5c:a4:af:12:fa:f3:1e:a2:b7:be:
04:6d:0f:10:7d:1d:77:e4:d9:8f:69:01:fa:b7:24:
23:50:ee:f7:b3:05:98:dd:b6:ab:f6:c6:7c:85:fa:
bf:92:c0:28:25:e5:89:28:4b:6c:d8:63:fa:00:22:
33:a9:dc:90:d5:63:46:fd:7b:3d:99:b6:3d:c2:c4:
07:37:63:79:47:65:0d:2f:90:af:45:80:47:63:fc:
8b:7b:1a:7f:49:ba:bf:d2:a6:3c:97:d9:ea:16:80:
8b:89:43:74:75:27:a3:4b:a1:8a:c3:7b:e0:84:74:
50:f7:9d:1e:f7:0b:78:52:e5:52:09:4e:93:e7:b3:
f2:ec:ba:ef:a6:03:35:26:6d:77:06:47:d0:86:89:
e4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F5:C4:AB:A7:60:BF:30:78:6F:FB:75:54:41:FA:B3:97:06:3A:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
48:32:a5:29:bf:6c:a2:03:5c:6b:96:bd:ff:75:f6:9f:24:6e:
45:c3:c4:f5:58:57:c4:50:43:cc:3e:dd:31:16:5e:5b:95:3e:
1b:48:93:00:c6:f0:2b:48:12:fd:89:b7:b1:a0:84:27:d4:79:
73:e1:6b:98:c1:e7:f4:fd:8e:45:b1:59:8c:7b:4a:88:f0:8e:
bd:1f:5a:3e:35:72:b2:c9:c0:f2:1f:d9:45:4e:5d:63:4c:96:
e6:8b:4f:9c:9a:1b:1b:e5:f8:fa:84:ee:65:24:d7:a1:37:d4:
30:e3:75:58:37:61:6c:24:e0:cc:ef:2c:2f:3d:fe:e1:50:2c:
c4:fb:15:8c:93:1d:99:70:a3:70:69:46:8d:ee:ec:87:71:61:
c7:3e:5f:f0:7b:62:26:c7:0e:a0:f8:05:9a:03:78:3b:bc:34:
2e:3a:b6:eb:4f:be:23:4c:fd:5b:bc:b3:4a:d1:b8:30:0f:ab:
a6:ad:0f:a9:78:50:c8:6b:e8:e6:6d:9a:79:88:16:a1:b3:82:
97:53:2b:93:d9:7e:b4:f4:c0:7e:f5:8e:d1:42:53:42:4e:87:
26:1a:a6:85:63:57:b0:32:b0:89:d7:8b:e8:a3:5c:b1:e0:bb:
54:7d:ec:ea:8a:46:93:e6:89:e8:3a:93:9e:17:73:79:d4:0c:
2e:b1:3f:70
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUS+kj3EWaXBG7ik7vy2FLuSwlC+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmMWRkNWJhNzcwMmI5MDZhMWVjN2FiZmQ5ZmQ1MTQwZWM1ODQ1Y2NhODE1
OGIwODVkZWU3M2IwMWU5MjhjZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTWSthDHR+MGWBdpiLcTEiob7KAoKo0cAuQrwX9gqpPSwiQI5/vrLGxFLQP
cf8886ccapvTBoved3X77gBhjU5l5Qu9VEhqiua0RyZ88SuCtXFekbKxDicJGY9T
yvbBqzxkr+mgZ1lhRlwromFcpK8S+vMeore+BG0PEH0dd+TZj2kB+rckI1Du97MF
mN22q/bGfIX6v5LAKCXliShLbNhj+gAiM6nckNVjRv17PZm2PcLEBzdjeUdlDS+Q
r0WAR2P8i3saf0m6v9KmPJfZ6haAi4lDdHUno0uhisN74IR0UPedHvcLeFLlUglO
k+ez8uy676YDNSZtdwZH0IaJ5EUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQh9cSr
p2C/MHhv+3VUQfqzlwY68jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU5NmY2ZTYtNzRiMS00ZjY5LWJiMTgtMmQ5YWFlMzU0ZDhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEASDKlKb9sogNca5a9/3X2nyRuRcPE9VhXxFBDzD7d
MRZeW5U+G0iTAMbwK0gS/Ym3saCEJ9R5c+FrmMHn9P2ORbFZjHtKiPCOvR9aPjVy
ssnA8h/ZRU5dY0yW5otPnJobG+X4+oTuZSTXoTfUMON1WDdhbCTgzO8sLz3+4VAs
xPsVjJMdmXCjcGlGje7sh3Fhxz5f8HtiJscOoPgFmgN4O7w0Ljq260++I0z9W7yz
StG4MA+rpq0PqXhQyGvo5m2aeYgWobOCl1Mrk9l+tPTAfvWO0UJTQk6HJhqmhWNX
sDKwideL6KNcseC7VH3s6opGk+aJ6DqTnhdzedQMLrE/cA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org