Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: R5b8I1uWGp74TJ0YQf3+OW4iF7x6ZXAq1J7mAF+PLlw=
Subject key identifier: F5:28:62:5A:30:81:61:ED:0B:11:88:06:98:1E:F7:3F:55:6F:5E:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0398D8709512CB4DB9064F4CF71CFF8CAB1BBEBB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:98:d8:70:95:12:cb:4d:b9:06:4f:4c:f7:1c:ff:8c:ab:1b:be:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=fd7c193da14d6a1b2755ce247c1819feaa9ecdd250cb1db0e7ec8efc9ae89656, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:6a:cb:60:d4:67:04:5a:50:14:fc:02:21:
4f:b6:4a:ff:7c:f9:fb:9e:d0:75:b8:c1:fa:c2:4a:
14:cb:47:e4:92:be:2d:dc:22:35:f2:b2:2f:33:e2:
d5:ba:cb:a2:be:63:c2:ac:d2:1c:71:e2:2b:5e:25:
4f:ae:b5:5e:9b:e3:dd:c4:8e:20:e1:df:cf:51:50:
c0:e7:44:8d:bc:05:4f:80:9f:2a:b6:95:5f:87:6e:
21:2c:ed:fb:aa:11:c8:53:be:e5:a6:b1:8f:2b:1f:
cb:c4:ed:f5:1a:ca:07:6e:ca:d6:1e:fa:39:a2:ec:
c6:eb:09:31:7a:8e:ac:ce:72:3d:71:33:9d:9b:61:
9e:9c:1b:2f:a6:e9:68:e9:35:69:75:2d:bf:d7:9b:
1b:74:d0:f5:63:6b:52:d7:25:a7:1b:6f:c1:5c:4d:
34:10:f9:9c:a5:26:ec:f8:21:e3:70:14:5e:12:ac:
f3:b1:32:ad:d8:77:ca:76:72:b5:0f:ec:8f:26:45:
8a:6d:f0:92:30:d0:5e:4f:57:04:f4:b8:9d:4c:a8:
17:e1:37:29:b9:04:31:80:2b:f3:c5:15:40:ea:8a:
88:0b:55:ac:e0:2c:9e:6a:28:3e:77:ea:70:d5:69:
d3:59:c0:39:4c:b4:8f:34:75:7b:64:49:52:7b:f2:
e4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:28:62:5A:30:81:61:ED:0B:11:88:06:98:1E:F7:3F:55:6F:5E:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
74:5c:8e:7a:20:d5:28:ea:be:7f:79:94:06:b9:65:19:45:eb:
f9:00:e2:f2:ac:d9:ba:29:5e:3d:43:f0:99:b6:f2:3c:f0:91:
59:e3:3e:bc:91:5b:e2:df:a6:c3:fd:d3:31:da:66:71:1f:8e:
6d:e8:34:7e:c8:24:58:97:46:28:72:01:4d:a5:ce:5e:b3:85:
60:cb:03:4b:1d:17:28:92:94:d5:6e:67:2b:62:01:5d:31:1f:
82:8c:44:33:9d:9a:ae:fe:9a:9a:0d:17:00:2a:fb:d6:37:df:
ea:e5:2c:d8:e7:c5:d6:99:7d:7a:45:43:3f:11:eb:48:d5:93:
28:af:06:20:33:32:a3:47:30:f4:75:61:d9:64:af:50:45:43:
f9:dc:a1:e4:32:75:50:64:1c:64:b5:30:3c:e5:4d:a7:10:d1:
01:31:8b:75:26:30:a4:94:40:a1:7c:ec:6b:42:cc:78:3f:b2:
08:c1:0b:15:a3:fd:0b:51:48:5d:39:83:0d:75:bf:a7:29:67:
49:61:58:8c:01:87:e7:3b:5c:f3:e2:50:eb:05:7d:bf:8e:b4:
3b:c0:ef:7d:24:99:c6:28:39:d4:9e:1f:6f:2c:21:f9:10:4c:
44:03:83:59:43:c2:16:c0:df:09:56:23:81:2e:4c:90:a7:0a:
cf:01:d6:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA5jYcJUSy025Bk9M9xz/jKsbvrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkN2MxOTNkYTE0ZDZhMWIyNzU1Y2UyNDdjMTgxOWZlYWE5ZWNkZDI1MGNi
MWRiMGU3ZWM4ZWZjOWFlODk2NTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/6astg1GcEWlAU/AIhT7ZK/3z5+57QdbjB+sJKFMtH5JK+LdwiNfKyLzPi
1brLor5jwqzSHHHiK14lT661Xpvj3cSOIOHfz1FQwOdEjbwFT4CfKraVX4duISzt
+6oRyFO+5aaxjysfy8Tt9RrKB27K1h76OaLsxusJMXqOrM5yPXEznZthnpwbL6bp
aOk1aXUtv9ebG3TQ9WNrUtclpxtvwVxNNBD5nKUm7Pgh43AUXhKs87Eyrdh3ynZy
tQ/sjyZFim3wkjDQXk9XBPS4nUyoF+E3KbkEMYAr88UVQOqKiAtVrOAsnmooPnfq
cNVp01nAOUy0jzR1e2RJUnvy5B0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT1KGJa
MIFh7QsRiAaYHvc/VW9e5DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAdFyOeiDVKOq+f3mUBrllGUXr+QDi8qzZuilePUPw
mbbyPPCRWeM+vJFb4t+mw/3TMdpmcR+Obeg0fsgkWJdGKHIBTaXOXrOFYMsDSx0X
KJKU1W5nK2IBXTEfgoxEM52arv6amg0XACr71jff6uUs2OfF1pl9ekVDPxHrSNWT
KK8GIDMyo0cw9HVh2WSvUEVD+dyh5DJ1UGQcZLUwPOVNpxDRATGLdSYwpJRAoXzs
a0LMeD+yCMELFaP9C1FIXTmDDXW/pylnSWFYjAGH5ztc8+JQ6wV9v460O8DvfSSZ
xig51J4fbywh+RBMRAODWUPCFsDfCVYjgS5MkKcKzwHWYA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org