Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: kcdksJkLwkrRcbuNcvwTqTBFGsVD+vLX4l75VHjYU5Y=
Subject key identifier: C5:E5:9B:2A:46:04:AD:76:57:63:65:91:C3:8C:7B:6E:AB:59:17:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F1FCB28E04560FF6E3E6C4F5B91213D134D7DB8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:1f:cb:28:e0:45:60:ff:6e:3e:6c:4f:5b:91:21:3d:13:4d:7d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=da79a14c41133bacf0cfb577b4ddb7ea40ba5396e7b0a833440914ebda785c2a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:71:d4:e4:1e:96:9f:9a:72:ba:8b:28:98:3c:
df:be:de:ca:d7:bf:33:36:8f:9b:b8:56:47:1b:ed:
9f:ac:f2:ec:4e:9b:ec:ef:01:6a:9b:1d:61:62:4e:
5a:59:26:95:57:8d:ce:81:c7:78:72:4d:f6:34:9c:
72:69:57:9b:54:b7:d1:40:53:02:a9:01:6c:26:80:
62:5d:89:ba:5a:46:61:95:59:71:0d:f5:5f:f9:f1:
d0:29:f2:14:9d:82:f7:98:5d:17:e8:2c:a2:34:d7:
e9:c7:b4:6e:1a:0d:67:39:66:83:16:df:9b:a1:7f:
c6:60:e3:e5:c9:5d:b8:04:03:49:ff:34:67:90:26:
51:de:cd:1e:cf:b3:0f:f2:da:c5:1d:25:c9:e8:4c:
84:14:4e:f3:e1:bb:92:1f:01:5a:3c:80:3c:00:27:
3f:b0:3d:b1:a0:55:df:ed:9a:d5:2a:5e:43:b2:6c:
32:9f:41:96:f3:1f:29:fc:f2:50:11:31:64:de:5d:
2c:8a:f8:f2:b2:ca:a5:1b:a4:5d:99:9b:6d:98:ba:
bf:96:39:f4:1d:8e:2b:27:cf:ce:02:e5:d2:a4:8b:
13:91:ac:b3:92:dc:45:51:f3:4d:58:a7:52:da:b2:
55:2a:0d:16:24:20:7e:91:83:d7:38:13:e1:b3:f0:
8c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E5:9B:2A:46:04:AD:76:57:63:65:91:C3:8C:7B:6E:AB:59:17:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:96:24:0b:d7:38:df:92:6c:66:db:b0:f5:6d:0a:eb:0f:7a:
f4:5a:84:05:e3:c5:1e:32:c3:de:94:5b:13:0c:ed:8d:0d:80:
e3:c3:28:49:12:6b:0b:a7:f6:eb:97:6f:07:b5:78:5f:c1:7e:
e6:87:b1:d6:56:07:b2:66:65:7f:0c:2e:fb:2a:53:83:43:ca:
3a:8a:3a:41:85:8a:87:5d:05:d6:da:97:b3:87:16:16:73:77:
f6:10:ea:96:5f:df:dc:ad:e6:a4:8a:1b:6d:90:1e:b2:12:53:
4c:4f:68:2d:39:a2:47:b6:3c:b2:2d:b1:9d:a9:25:00:ae:25:
b8:26:10:e6:40:69:96:24:21:8a:dd:12:f4:9e:6e:b2:cc:67:
48:a4:91:f4:0a:c3:c1:c3:87:7f:0a:2e:66:b3:34:64:92:c7:
ab:7a:39:6b:9c:27:b8:4b:7e:cc:3d:18:6f:4f:06:92:03:56:
72:84:64:15:93:1d:c5:35:4a:2e:31:49:18:ad:8c:57:b6:ef:
84:95:e1:41:19:92:26:97:68:86:68:d9:e0:c0:a8:86:a2:9e:
27:a8:4f:25:89:2c:a8:4c:bc:d8:34:a1:33:c7:42:4a:6d:9e:
92:f8:97:12:b4:53:2c:42:dc:e5:39:40:77:2b:db:ad:eb:e1:
0c:e9:8f:2b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTx/LKOBFYP9uPmxPW5EhPRNNfbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNzlhMTRjNDExMzNiYWNmMGNmYjU3N2I0ZGRiN2VhNDBiYTUzOTZlN2Iw
YTgzMzQ0MDkxNGViZGE3ODVjMmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxx1OQelp+acrqLKJg8377eyte/MzaPm7hWRxvtn6zy7E6b7O8BapsdYWJO
WlkmlVeNzoHHeHJN9jSccmlXm1S30UBTAqkBbCaAYl2JulpGYZVZcQ31X/nx0Cny
FJ2C95hdF+gsojTX6ce0bhoNZzlmgxbfm6F/xmDj5clduAQDSf80Z5AmUd7NHs+z
D/LaxR0lyehMhBRO8+G7kh8BWjyAPAAnP7A9saBV3+2a1SpeQ7JsMp9BlvMfKfzy
UBExZN5dLIr48rLKpRukXZmbbZi6v5Y59B2OKyfPzgLl0qSLE5Gss5LcRVHzTVin
UtqyVSoNFiQgfpGD1zgT4bPwjKMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTF5Zsq
RgStdldjZZHDjHtuq1kX8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAa5YkC9c435JsZtuw9W0K6w969FqEBePFHjLD3pRb
EwztjQ2A48MoSRJrC6f265dvB7V4X8F+5oex1lYHsmZlfwwu+ypTg0PKOoo6QYWK
h10F1tqXs4cWFnN39hDqll/f3K3mpIobbZAeshJTTE9oLTmiR7Y8si2xnaklAK4l
uCYQ5kBpliQhit0S9J5ussxnSKSR9ArDwcOHfwouZrM0ZJLHq3o5a5wnuEt+zD0Y
b08GkgNWcoRkFZMdxTVKLjFJGK2MV7bvhJXhQRmSJpdohmjZ4MCohqKeJ6hPJYks
qEy82DShM8dCSm2ekviXErRTLELc5TlAdyvbrevhDOmPKw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org