Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
File: 4291e769-5d4c-4010-818f-64c1716d6e54.roa (raw, json)
Hash identifier: SeOubB7mjf12Qg2MBVROPxZ8PGbWUriwsmlrlv5sZFY=
Subject key identifier: 50:98:17:74:CA:94:47:7B:EF:01:0C:D9:0E:56:0A:56:37:F1:84:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37027662EDE3F1D5932CF8406CE7816EBFAFA4EF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:02:76:62:ed:e3:f1:d5:93:2c:f8:40:6c:e7:81:6e:bf:af:a4:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=711d6abbec284b5b8c64a8a495c5d594f32c843fdbe16162eab20b61ab4200d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:38:9b:43:21:d8:75:d0:e2:b6:91:dc:d9:13:
e3:38:bf:ce:6b:ed:2d:fe:cb:b2:8f:6d:64:29:9f:
c5:9c:db:bb:87:01:88:4d:24:8d:77:bb:76:0d:ba:
5d:1a:81:78:96:8d:29:94:67:cc:a8:5c:92:10:ca:
ea:d4:f1:dd:c6:25:64:1c:95:51:60:f4:63:51:61:
23:24:80:61:13:6c:e4:51:ce:b8:e5:b2:46:8c:2d:
92:f0:9a:87:e5:8d:d3:1c:f5:cf:a5:ce:79:f5:3e:
75:25:f5:66:79:c8:30:b4:4b:8c:7a:6c:e0:82:32:
2e:26:01:07:24:c9:0d:a1:df:5b:a1:58:d0:40:ae:
a5:b0:11:30:08:f9:e4:18:71:c7:d7:b8:b4:f8:4a:
cf:f3:75:1a:64:6f:51:5c:17:3a:7b:0a:ad:76:c0:
0c:5a:8d:16:5c:b5:86:19:3f:40:67:3a:06:0a:15:
1c:52:33:97:cb:02:39:bd:bb:b5:df:c3:cb:d9:15:
af:8f:27:ac:5f:39:fa:66:91:13:e3:92:56:33:86:
12:40:f7:87:5f:70:b8:6e:9c:ba:54:26:80:43:b7:
76:b9:74:6a:19:61:9a:dc:d7:57:b5:09:75:2f:c3:
75:ae:07:dc:58:0c:47:de:d6:d7:01:d2:24:95:13:
b9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:98:17:74:CA:94:47:7B:EF:01:0C:D9:0E:56:0A:56:37:F1:84:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:4b:ff:02:74:8a:f4:0c:84:59:bc:a3:da:5d:cc:b1:76:60:
fe:78:51:0a:d4:f8:42:72:13:44:7d:c2:3b:28:0e:59:03:5f:
90:6f:03:ba:fd:e0:a9:e8:ff:00:35:3f:98:97:db:46:1b:28:
c4:8b:58:75:42:ab:a8:34:52:6a:f4:f7:3b:dd:2d:38:d2:01:
31:15:73:cd:8b:0e:f9:d8:68:83:b7:14:3b:95:50:21:f4:4b:
67:b7:d5:84:25:86:67:d3:1e:a7:05:38:38:8c:eb:ce:d4:bc:
67:c4:6a:bc:31:74:f2:ad:a7:18:05:ae:1a:cb:70:4c:80:fb:
61:ac:4e:60:f3:53:16:1b:78:9e:f8:05:ec:18:b8:1a:f0:38:
ea:8e:b8:ff:38:36:97:c0:ee:4d:88:47:e2:50:ff:8d:41:21:
5e:d0:48:96:63:6c:e5:7d:76:8b:84:01:de:b8:30:4a:9f:21:
89:b9:8f:21:21:27:c7:e0:a4:16:87:f6:92:1b:c0:8d:92:8c:
42:2f:f9:d6:1b:58:cc:bd:98:e5:94:1d:06:97:59:f2:41:9e:
1d:0c:aa:71:50:a3:fd:6a:0b:2e:97:d4:41:b8:50:e1:50:32:
33:7e:6d:e2:43:2d:28:77:4c:40:3d:08:1e:bd:e9:3b:b7:27:
ee:80:5f:a3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNwJ2Yu3j8dWTLPhAbOeBbr+vpO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxMWQ2YWJiZWMyODRiNWI4YzY0YThhNDk1YzVkNTk0ZjMyYzg0M2ZkYmUx
NjE2MmVhYjIwYjYxYWI0MjAwZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJg4m0Mh2HXQ4raR3NkT4zi/zmvtLf7Lso9tZCmfxZzbu4cBiE0kjXe7dg26
XRqBeJaNKZRnzKhckhDK6tTx3cYlZByVUWD0Y1FhIySAYRNs5FHOuOWyRowtkvCa
h+WN0xz1z6XOefU+dSX1ZnnIMLRLjHps4IIyLiYBByTJDaHfW6FY0ECupbARMAj5
5Bhxx9e4tPhKz/N1GmRvUVwXOnsKrXbADFqNFly1hhk/QGc6BgoVHFIzl8sCOb27
td/Dy9kVr48nrF85+maRE+OSVjOGEkD3h19wuG6culQmgEO3drl0ahlhmtzXV7UJ
dS/Dda4H3FgMR97W1wHSJJUTuT8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRQmBd0
ypRHe+8BDNkOVgpWN/GEpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDI5MWU3NjktNWQ0Yy00MDEwLTgxOGYtNjRjMTcxNmQ2ZTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtUv/AnSK9AyEWbyj2l3MsXZg/nhRCtT4QnITRH3C
OygOWQNfkG8Duv3gqej/ADU/mJfbRhsoxItYdUKrqDRSavT3O90tONIBMRVzzYsO
+dhog7cUO5VQIfRLZ7fVhCWGZ9MepwU4OIzrztS8Z8RqvDF08q2nGAWuGstwTID7
YaxOYPNTFht4nvgF7Bi4GvA46o64/zg2l8DuTYhH4lD/jUEhXtBIlmNs5X12i4QB
3rgwSp8hibmPISEnx+CkFof2khvAjZKMQi/51htYzL2Y5ZQdBpdZ8kGeHQyqcVCj
/WoLLpfUQbhQ4VAyM35t4kMtKHdMQD0IHr3pO7cn7oBfow==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:23 2024 by rpki-client on console-fra.rpki-client.org