Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
File: a10761b8-e85e-4339-a45c-82ab3615108d.roa (raw, json)
Hash identifier: eYMQF1mWS549yyRva6TkOrqe5RKIgGu5E08LH3KqhJ0=
Subject key identifier: 14:60:E0:C4:EF:F8:F8:56:B2:62:6A:3D:70:46:C4:AB:71:4C:DB:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59CE9EF7BC0B1CC7A5E95E133A94F5B87B5D18FD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:ce:9e:f7:bc:0b:1c:c7:a5:e9:5e:13:3a:94:f5:b8:7b:5d:18:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=cd2952425b4911b4ad20ab5c8ee2c7f2a69596e4e8b3889c55320409edc1d75b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:73:f0:c6:68:54:91:1b:55:d4:4e:0a:cb:e4:
75:8d:79:7c:08:25:50:59:14:f5:6b:0b:24:74:53:
8e:b9:f5:1e:de:9a:25:c4:69:61:40:8d:67:dd:4a:
2e:bd:77:3e:4f:2d:50:ad:a6:03:82:f8:29:4a:45:
70:af:97:c6:bb:13:98:06:a6:bb:50:55:bc:5d:04:
21:48:3d:ac:70:c4:d4:47:a3:13:fe:fc:ba:60:f4:
1f:21:a9:ea:47:df:4e:55:8b:30:09:b2:5b:43:1f:
47:51:af:ee:bf:17:16:29:0c:03:74:ee:c9:b8:7e:
ec:d2:d4:e7:2e:68:ce:b2:ae:40:0b:c1:0c:dc:5f:
c0:28:8a:54:51:56:7b:12:f3:a8:f7:a1:61:58:63:
a2:6e:72:40:32:2f:24:53:84:c1:96:97:58:fa:5c:
c8:b3:2c:ab:c8:7a:3f:4e:36:28:9f:d1:40:c3:e1:
f8:a0:eb:e6:52:ae:4d:47:d4:28:e1:d7:db:44:87:
78:54:fd:ab:e5:aa:4f:c7:89:f3:04:72:0c:13:ef:
f8:57:f8:ea:ed:7d:ad:78:05:05:e9:67:11:e2:2c:
04:3a:b4:08:d5:f6:e8:fd:30:f3:80:10:44:e1:12:
50:e2:48:d5:1c:c2:e7:cb:e8:3d:b6:e8:92:0d:39:
ed:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:60:E0:C4:EF:F8:F8:56:B2:62:6A:3D:70:46:C4:AB:71:4C:DB:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a10761b8-e85e-4339-a45c-82ab3615108d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:6c:47:2d:53:00:e2:74:2b:5e:3d:75:04:6c:c4:87:20:fa:
8b:25:f6:55:77:71:d1:f6:17:54:4e:d3:95:7f:8b:a3:b2:c4:
4f:ec:4e:52:ce:6d:a8:37:75:94:89:35:24:02:a7:52:6a:44:
97:c2:5c:78:85:e0:21:a6:84:da:4f:2d:d9:dd:22:bd:31:b5:
77:9a:c3:3d:a1:8c:91:35:c8:1c:e9:42:6f:0c:95:58:26:27:
12:92:1b:f9:62:dd:45:51:78:a6:eb:73:14:40:02:fa:1f:4b:
b9:f6:2d:3b:32:af:b4:22:5c:83:b2:1f:c9:61:69:f1:af:4e:
90:b8:e9:00:c2:fc:d7:e5:97:c3:78:a0:2c:18:4a:2f:36:65:
a2:20:ba:5e:63:fb:00:24:92:09:39:ba:1d:63:c1:90:b7:d8:
4c:6b:07:eb:21:a9:e4:5c:7e:cd:72:68:91:c7:41:92:9f:cb:
73:70:d1:dc:4b:2b:30:d7:34:9e:40:31:bb:c5:8e:7f:a1:d7:
14:20:da:52:98:61:a6:b6:72:94:2a:e6:1f:21:4d:f0:82:b9:
3c:ec:11:2d:e9:13:b7:ef:73:f5:43:6c:8d:1c:41:2a:d8:1d:
5f:df:10:0e:92:bf:58:2e:de:1f:f1:55:16:3f:b6:24:47:a4:
9d:87:d4:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWc6e97wLHMel6V4TOpT1uHtdGP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkMjk1MjQyNWI0OTExYjRhZDIwYWI1YzhlZTJjN2YyYTY5NTk2ZTRlOGIz
ODg5YzU1MzIwNDA5ZWRjMWQ3NWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVz8MZoVJEbVdROCsvkdY15fAglUFkU9WsLJHRTjrn1Ht6aJcRpYUCNZ91K
Lr13Pk8tUK2mA4L4KUpFcK+XxrsTmAamu1BVvF0EIUg9rHDE1EejE/78umD0HyGp
6kffTlWLMAmyW0MfR1Gv7r8XFikMA3Tuybh+7NLU5y5ozrKuQAvBDNxfwCiKVFFW
exLzqPehYVhjom5yQDIvJFOEwZaXWPpcyLMsq8h6P042KJ/RQMPh+KDr5lKuTUfU
KOHX20SHeFT9q+WqT8eJ8wRyDBPv+Ff46u19rXgFBelnEeIsBDq0CNX26P0w84AQ
ROESUOJI1RzC58voPbbokg057X0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQUYODE
7/j4VrJiaj1wRsSrcUzbOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTEwNzYxYjgtZTg1ZS00MzM5LWE0NWMtODJhYjM2MTUxMDhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQCXbEctUwDidCtePXUEbMSHIPqLJfZVd3HR9hdUTtOV
f4ujssRP7E5Szm2oN3WUiTUkAqdSakSXwlx4heAhpoTaTy3Z3SK9MbV3msM9oYyR
Ncgc6UJvDJVYJicSkhv5Yt1FUXim63MUQAL6H0u59i07Mq+0IlyDsh/JYWnxr06Q
uOkAwvzX5ZfDeKAsGEovNmWiILpeY/sAJJIJObodY8GQt9hMawfrIankXH7NcmiR
x0GSn8tzcNHcSysw1zSeQDG7xY5/odcUINpSmGGmtnKUKuYfIU3wgrk87BEt6RO3
73P1Q2yNHEEq2B1f3xAOkr9YLt4f8VUWP7YkR6Sdh9SG
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org