Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
File: 69740d55-a842-4e2d-a267-6df47f50e20c.roa (raw, json)
Hash identifier: 6kEvmdgcseXLrZHRDjj45REBOSDnNjtv9q+ZEWKd3/w=
Subject key identifier: 1A:0E:F9:73:78:23:C9:55:39:1A:68:3E:AB:7D:0E:DB:31:03:AF:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3885E7242E390E950FC65CD78673E3A9F00D433E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:85:e7:24:2e:39:0e:95:0f:c6:5c:d7:86:73:e3:a9:f0:0d:43:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=329f4093c146fc4e59673cc43a71ed8296b5f5295a2ded3cdbe106f3e3363223, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:88:3a:8f:4e:0b:c0:0e:0b:33:4a:c1:ee:e3:
68:5c:3e:25:f0:34:33:1f:83:3a:9c:b2:3b:2c:b5:
eb:05:f0:b7:51:14:3e:00:80:11:8f:67:73:59:50:
09:f6:dd:ff:69:85:98:f6:95:8f:95:55:86:01:8e:
99:ea:3d:69:ad:75:fe:77:f3:9f:65:19:b1:bd:a8:
fb:71:46:3d:56:4d:97:6f:3c:8e:42:ef:11:9f:12:
36:6c:c7:91:de:5d:1f:e4:6d:39:ac:08:c4:91:af:
cf:8e:82:72:a8:90:4f:61:2a:44:eb:a2:36:35:14:
b6:c9:31:ba:d0:46:65:b5:e3:9d:29:55:5a:06:dd:
4e:a1:c1:eb:6d:88:2b:7f:4e:3f:1e:dd:ce:b8:6d:
d8:af:70:4c:8b:21:7c:35:49:41:2e:6d:b6:b8:86:
94:e9:18:0e:b7:bc:fe:72:be:95:0d:58:3c:20:7b:
24:b2:c5:26:86:c8:eb:b8:45:7b:f4:13:39:a6:d9:
69:c4:a3:fa:81:de:e9:da:47:4c:a4:f3:4b:08:e4:
5b:f5:5e:37:78:c6:53:6e:e5:69:e2:84:4d:28:58:
a5:3e:88:d8:f0:33:89:4d:07:1d:f3:44:a4:4f:94:
16:ef:ae:06:86:95:25:6d:56:a1:11:50:42:1e:81:
aa:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0E:F9:73:78:23:C9:55:39:1A:68:3E:AB:7D:0E:DB:31:03:AF:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
97:1e:21:79:36:81:67:99:dc:3b:6d:e7:02:94:49:1f:db:53:
05:e3:1b:ff:4a:03:a5:e4:02:b7:4d:b4:ae:93:83:8a:6f:28:
fe:b0:a8:94:38:63:f7:0a:95:2b:6d:2a:41:9d:d9:b6:66:6a:
e3:b2:99:75:7f:db:c8:8c:f3:88:f1:6b:ec:ba:2c:0a:58:b8:
33:63:b3:f8:f3:b6:c9:ea:f1:f0:a9:d5:be:7f:51:a9:60:d8:
14:c9:2c:a0:57:41:4b:8f:4c:35:37:9f:44:5f:ec:a2:2e:6e:
eb:e6:29:d1:e4:83:3b:b1:b9:61:40:94:72:d7:fc:0f:7a:df:
f8:86:bd:a8:ac:80:4d:71:06:45:76:d1:03:7b:b3:79:e0:fb:
d2:7b:71:fd:59:80:10:03:2f:eb:f0:f4:1d:1d:71:96:1e:0c:
f9:88:6c:d7:83:24:97:f6:14:d8:8a:98:46:fa:04:1b:f4:97:
82:2c:09:9f:35:81:73:e1:d2:55:54:27:0e:03:7e:ab:c2:fc:
19:a7:2a:3d:bb:61:fe:1a:6f:90:8f:f1:ec:b8:76:15:9a:b6:
d9:2c:48:a5:74:95:43:b9:04:c0:7b:a2:ae:aa:bb:c1:93:f8:
44:a8:c6:76:a3:b1:d9:ad:0f:29:5a:aa:5e:5e:37:01:41:e6:
1d:4d:16:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOIXnJC45DpUPxlzXhnPjqfANQz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyOWY0MDkzYzE0NmZjNGU1OTY3M2NjNDNhNzFlZDgyOTZiNWY1Mjk1YTJk
ZWQzY2RiZTEwNmYzZTMzNjMyMjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWIOo9OC8AOCzNKwe7jaFw+JfA0Mx+DOpyyOyy16wXwt1EUPgCAEY9nc1lQ
Cfbd/2mFmPaVj5VVhgGOmeo9aa11/nfzn2UZsb2o+3FGPVZNl288jkLvEZ8SNmzH
kd5dH+RtOawIxJGvz46CcqiQT2EqROuiNjUUtskxutBGZbXjnSlVWgbdTqHB622I
K39OPx7dzrht2K9wTIshfDVJQS5ttriGlOkYDre8/nK+lQ1YPCB7JLLFJobI67hF
e/QTOabZacSj+oHe6dpHTKTzSwjkW/VeN3jGU27laeKETShYpT6I2PAziU0HHfNE
pE+UFu+uBoaVJW1WoRFQQh6BqksCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQaDvlz
eCPJVTkaaD6rfQ7bMQOvOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk3NDBkNTUtYTg0Mi00ZTJkLWEyNjctNmRmNDdmNTBlMjBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAlx4heTaBZ5ncO23nApRJH9tTBeMb/0oDpeQCt020
rpODim8o/rColDhj9wqVK20qQZ3ZtmZq47KZdX/byIzziPFr7LosCli4M2Oz+PO2
yerx8KnVvn9RqWDYFMksoFdBS49MNTefRF/soi5u6+Yp0eSDO7G5YUCUctf8D3rf
+Ia9qKyATXEGRXbRA3uzeeD70ntx/VmAEAMv6/D0HR1xlh4M+Yhs14Mkl/YU2IqY
RvoEG/SXgiwJnzWBc+HSVVQnDgN+q8L8GacqPbth/hpvkI/x7Lh2FZq22SxIpXSV
Q7kEwHuirqq7wZP4RKjGdqOx2a0PKVqqXl43AUHmHU0WmA==
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:44 2024 by rpki-client on console-ams.rpki-client.org