Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
File: 5bf13655-f776-45ba-8cff-e3d853dce89d.roa (raw, json)
Hash identifier: JjQa59IbKgFH4yRKA+7DcuTZ6WGsOYxNHcm0uZb2ybw=
Subject key identifier: 6F:2D:ED:D7:7A:72:AE:7E:84:DD:73:6C:56:19:F2:DD:45:24:FC:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05726F7E6980215E4070F1421211310B17E66278
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:72:6f:7e:69:80:21:5e:40:70:f1:42:12:11:31:0b:17:e6:62:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=a91304290697d3d08c0ea520afbf7b9d875328f1ecae8b5a5aaa460b866f9699, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fd:31:ed:a5:ab:ed:17:5e:ba:17:3d:dc:36:
3f:cc:0f:aa:6b:84:60:19:72:3d:e7:0e:dd:66:ca:
0b:71:d9:1b:69:8a:1a:c7:f1:16:0d:d0:73:05:94:
1d:1b:fe:b1:78:84:bc:44:98:02:5c:a2:d9:61:0b:
63:46:1f:6b:53:ee:d3:dc:7c:7f:b8:03:81:3c:6a:
1c:76:24:8d:05:29:d9:bd:9d:76:7e:43:2b:03:c9:
7e:40:1f:d9:70:34:c1:20:e0:dc:40:50:03:3a:8c:
73:fa:d4:13:c9:4b:65:0f:5c:5d:62:ac:7b:77:18:
d3:d6:d3:b8:d7:b0:48:0c:7c:58:3e:ed:70:51:9c:
92:78:59:86:5c:7d:70:33:b6:da:f6:a1:79:7f:87:
7b:7d:6d:53:8e:e2:78:cd:b9:c3:12:7b:0c:16:aa:
c4:6a:d9:08:5a:6e:bb:bc:3b:57:12:c3:59:23:6e:
93:1c:f0:09:c3:7d:ba:57:d6:d8:6a:73:57:a2:bb:
24:a8:38:ea:13:8a:fc:c0:2a:28:54:66:95:30:49:
a7:c6:cc:2b:91:d6:9e:a7:88:d5:51:fe:d0:f4:3d:
a5:89:a1:aa:9b:d7:d2:bf:2f:49:0b:b8:4b:11:45:
5e:d7:e0:bd:8c:19:98:21:92:9e:cf:8e:55:4a:e4:
d9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2D:ED:D7:7A:72:AE:7E:84:DD:73:6C:56:19:F2:DD:45:24:FC:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:a0:ee:06:da:24:ec:8d:b5:7f:d1:9a:8b:a3:62:b6:1d:e2:
c2:9f:e8:4f:ee:f1:c9:70:99:aa:9d:fb:b8:14:a7:7e:85:2b:
4d:cf:dd:4d:cf:a7:08:3e:c5:c8:d5:3a:df:b5:92:93:76:86:
1e:3f:35:5d:7e:0d:f0:61:67:ac:48:1c:8e:0f:2a:db:f9:c8:
70:0d:07:db:65:2b:f3:90:56:1f:57:c1:a8:e0:69:97:75:af:
aa:08:ff:0b:d5:ef:11:b7:c8:b3:1c:12:c2:09:0c:74:57:13:
de:85:6b:10:62:be:52:73:68:bf:76:64:77:17:09:eb:eb:64:
33:9e:5c:70:0f:16:3f:ef:15:61:33:ce:69:1c:0a:c7:b1:d1:
ae:6a:0b:c7:e6:cf:fe:37:4b:33:d1:c9:55:19:88:e2:c4:5c:
8c:e5:31:d6:b3:ea:cc:b9:90:5a:ad:51:8a:c7:45:61:c2:f4:
7c:2d:6e:f9:a5:e8:34:c3:5f:ee:7c:8e:32:65:08:2a:f9:f3:
c7:d3:d7:42:77:63:ce:3c:4f:6b:5d:0d:be:f6:06:e4:5a:8a:
04:7a:ae:66:f5:7b:fe:1e:a5:fb:8b:d1:25:61:fd:df:bc:18:
96:54:f2:42:bc:32:8e:da:1e:08:59:3d:29:ce:35:15:53:57:
29:be:3c:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBXJvfmmAIV5AcPFCEhExCxfmYngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5MTMwNDI5MDY5N2QzZDA4YzBlYTUyMGFmYmY3YjlkODc1MzI4ZjFlY2Fl
OGI1YTVhYWE0NjBiODY2Zjk2OTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL39Me2lq+0XXroXPdw2P8wPqmuEYBlyPecO3WbKC3HZG2mKGsfxFg3QcwWU
HRv+sXiEvESYAlyi2WELY0Yfa1Pu09x8f7gDgTxqHHYkjQUp2b2ddn5DKwPJfkAf
2XA0wSDg3EBQAzqMc/rUE8lLZQ9cXWKse3cY09bTuNewSAx8WD7tcFGcknhZhlx9
cDO22vaheX+He31tU47ieM25wxJ7DBaqxGrZCFpuu7w7VxLDWSNukxzwCcN9ulfW
2GpzV6K7JKg46hOK/MAqKFRmlTBJp8bMK5HWnqeI1VH+0PQ9pYmhqpvX0r8vSQu4
SxFFXtfgvYwZmCGSns+OVUrk2QsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRvLe3X
enKufoTdc2xWGfLdRST8wTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWJmMTM2NTUtZjc3Ni00NWJhLThjZmYtZTNkODUzZGNlODlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAD6DuBtok7I21f9Gai6Nith3iwp/oT+7xyXCZqp37
uBSnfoUrTc/dTc+nCD7FyNU637WSk3aGHj81XX4N8GFnrEgcjg8q2/nIcA0H22Ur
85BWH1fBqOBpl3Wvqgj/C9XvEbfIsxwSwgkMdFcT3oVrEGK+UnNov3ZkdxcJ6+tk
M55ccA8WP+8VYTPOaRwKx7HRrmoLx+bP/jdLM9HJVRmI4sRcjOUx1rPqzLmQWq1R
isdFYcL0fC1u+aXoNMNf7nyOMmUIKvnzx9PXQndjzjxPa10NvvYG5FqKBHquZvV7
/h6l+4vRJWH937wYllTyQrwyjtoeCFk9Kc41FVNXKb48fg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org