Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
File: 6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa (raw, json)
Hash identifier: FJAA45r7x1IBljmYriJirIomguHhe38UHcSAp5uigqI=
Subject key identifier: 0F:96:C2:2C:F3:B9:AE:AA:22:32:A9:3E:46:51:4E:43:1B:B6:B3:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 396F10135ACA46E667969E4AED26D576E53B18E5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:6f:10:13:5a:ca:46:e6:67:96:9e:4a:ed:26:d5:76:e5:3b:18:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2025d974ea81fa90405299abe586ab51e4bfa0481fa5edaf906c85aebdd0ccf7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:77:ea:0c:64:9f:57:c1:cf:ca:ae:2c:6c:d5:
a4:f5:95:88:61:ab:18:29:45:bb:1b:93:97:05:e7:
5b:76:d2:63:f7:39:ae:d2:b3:77:f6:0c:77:9a:ee:
9b:d5:6d:b3:0c:16:17:e1:82:bf:28:77:42:55:f2:
c2:fb:03:60:63:b9:3b:42:5e:54:59:fa:25:e8:10:
9d:c2:cd:60:75:be:f7:d5:70:2d:9d:95:86:26:20:
c3:a0:db:71:0c:e4:7d:f0:e9:89:f2:22:76:f5:28:
fa:03:6f:a8:7c:0b:94:ff:fd:c4:41:c6:ea:32:8e:
e8:de:8d:4b:a7:a5:30:66:f3:e0:51:f5:ba:c6:2a:
6e:df:e6:03:7e:d8:67:9d:bb:12:34:01:4b:8f:f4:
96:05:5e:0d:49:c0:70:aa:66:4f:dc:c7:9f:fd:8b:
a1:2d:31:e6:5a:fb:76:d1:19:9d:05:b7:9b:c5:a6:
ab:e6:ad:ec:a7:57:29:29:4e:10:ff:a1:55:b5:06:
2d:30:fd:dd:c5:95:70:97:9d:e0:d4:59:39:0d:7b:
d8:61:f6:b6:2c:68:52:55:4e:64:88:fc:63:e7:ef:
65:9c:bc:f2:36:90:cf:89:b3:95:6d:5d:07:9b:c5:
83:d1:8d:68:66:89:71:9f:b8:29:b3:fa:63:31:72:
cc:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:96:C2:2C:F3:B9:AE:AA:22:32:A9:3E:46:51:4E:43:1B:B6:B3:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6ce1a59c-1bfd-4b5e-ad34-d3f4f07a46f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:30:15:34:ed:47:36:36:4d:64:3f:64:55:88:0e:2a:bc:0f:
9b:13:fa:f8:32:78:38:41:f1:2e:51:d2:cb:fb:c8:be:55:41:
fe:ad:5e:d7:29:93:b4:9f:8a:c2:9b:c8:a4:d5:b1:08:94:03:
79:6c:16:53:3f:f2:8b:e4:16:75:8d:3d:17:98:18:ab:5c:15:
da:2d:55:5e:cb:76:0a:62:70:a0:cc:75:e9:aa:d5:18:b3:e4:
0b:64:d5:d4:46:c9:33:6e:32:61:d2:af:5a:ae:7b:ad:71:21:
8d:22:2f:4c:83:f0:1e:24:b3:eb:5a:36:43:b8:bc:56:59:57:
88:a6:6d:b7:23:90:bf:82:5f:eb:c1:c4:46:ee:1d:47:34:8a:
bd:a8:1a:aa:9b:5e:73:5a:96:52:e6:59:58:52:48:5d:eb:21:
f6:59:c7:95:cc:18:d0:af:8e:a5:c4:c7:c2:83:53:8c:5b:6b:
64:b6:e5:3d:c4:4e:a5:4e:26:58:dd:4d:f4:9f:d5:98:c3:29:
eb:12:18:4f:6e:f1:66:a8:45:ed:84:7f:84:0a:5f:e2:d2:4d:
c7:85:16:f1:6e:89:d6:2a:10:ef:68:fb:7c:a6:7c:24:36:04:
bb:c7:a0:00:6c:f5:9f:c7:94:58:75:76:7b:44:ca:26:16:cc:
3b:ea:7f:2d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOW8QE1rKRuZnlp5K7SbVduU7GOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwMjVkOTc0ZWE4MWZhOTA0MDUyOTlhYmU1ODZhYjUxZTRiZmEwNDgxZmE1
ZWRhZjkwNmM4NWFlYmRkMGNjZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK536gxkn1fBz8quLGzVpPWViGGrGClFuxuTlwXnW3bSY/c5rtKzd/YMd5ru
m9VtswwWF+GCvyh3QlXywvsDYGO5O0JeVFn6JegQncLNYHW+99VwLZ2VhiYgw6Db
cQzkffDpifIidvUo+gNvqHwLlP/9xEHG6jKO6N6NS6elMGbz4FH1usYqbt/mA37Y
Z527EjQBS4/0lgVeDUnAcKpmT9zHn/2LoS0x5lr7dtEZnQW3m8Wmq+at7KdXKSlO
EP+hVbUGLTD93cWVcJed4NRZOQ172GH2tixoUlVOZIj8Y+fvZZy88jaQz4mzlW1d
B5vFg9GNaGaJcZ+4KbP6YzFyzO8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPlsIs
87muqiIyqT5GUU5DG7azFDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmNlMWE1OWMtMWJmZC00YjVlLWFkMzQtZDNmNGYwN2E0NmY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEADzAVNO1HNjZNZD9kVYgOKrwPmxP6+DJ4OEHxLlHS
y/vIvlVB/q1e1ymTtJ+KwpvIpNWxCJQDeWwWUz/yi+QWdY09F5gYq1wV2i1VXst2
CmJwoMx16arVGLPkC2TV1EbJM24yYdKvWq57rXEhjSIvTIPwHiSz61o2Q7i8VllX
iKZttyOQv4Jf68HERu4dRzSKvagaqptec1qWUuZZWFJIXesh9lnHlcwY0K+OpcTH
woNTjFtrZLblPcROpU4mWN1N9J/VmMMp6xIYT27xZqhF7YR/hApf4tJNx4UW8W6J
1ioQ72j7fKZ8JDYEu8egAGz1n8eUWHV2e0TKJhbMO+p/LQ==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org