Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: 6zpQcIfYp74nnlOp5kmNmpx1/lF8Q2XQrMdhIlAojRU=
Subject key identifier: 3D:E7:F1:D2:47:8D:20:DB:4E:15:33:54:57:B5:A9:89:D9:9C:EF:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4690B6BB5A496C2C24A8326789722130CC76E792
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:90:b6:bb:5a:49:6c:2c:24:a8:32:67:89:72:21:30:cc:76:e7:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=d9e48bf40766c4311c4721e3aaca6ed2c102a164648c96edd0ee91e3b37a47ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:6b:7b:fc:04:36:cf:44:88:3f:32:0d:5b:
c2:08:a1:9e:eb:6a:7e:d9:80:04:78:a2:13:9a:0a:
d2:fa:e3:6d:b6:d7:b0:77:8a:5d:46:fb:3a:1f:69:
36:60:c4:75:3a:87:b3:6b:48:95:7c:70:84:89:83:
cc:8d:0b:f3:93:fd:a2:83:82:73:61:26:71:d1:b8:
aa:e5:61:bd:a4:4e:b1:c6:a1:18:3f:e3:3c:3b:c4:
4f:d4:7b:d1:9f:61:77:fa:b3:ec:f3:58:57:49:91:
7a:17:9c:9f:a1:ad:7a:43:77:e4:f6:0d:8c:fd:53:
dd:cc:b8:72:53:d1:f3:25:6b:ad:7a:19:ad:9e:4a:
6e:69:c6:66:2a:30:d1:40:80:88:9b:18:7c:d7:ba:
4b:48:5d:62:8d:4f:6b:39:3b:44:57:51:89:01:b4:
d6:d0:39:54:20:16:4c:2d:40:25:44:1a:2b:f0:df:
9a:1c:7b:36:05:12:79:b5:95:62:86:15:eb:05:da:
1f:ae:96:4a:e4:de:38:05:c7:21:aa:0a:b6:33:d3:
5c:c8:be:05:59:22:51:81:07:bd:07:28:72:78:07:
d7:0e:dc:3c:6a:26:16:bb:ca:d6:36:d6:00:ad:d0:
7d:a8:a1:87:d3:9c:31:ed:63:52:e6:ba:71:d6:7c:
78:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E7:F1:D2:47:8D:20:DB:4E:15:33:54:57:B5:A9:89:D9:9C:EF:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:47:2e:65:7b:76:00:77:fe:8a:60:44:a6:a1:03:0f:37:a7:
52:65:cb:dc:3a:8a:b2:46:f4:27:19:67:f0:09:a0:57:bb:bf:
5e:93:10:76:e6:3c:93:86:a2:21:ea:f5:ea:01:b3:25:84:a1:
af:c3:93:13:60:2c:dc:69:40:b3:14:e1:ac:77:4d:80:3d:99:
c3:0f:02:97:8c:f0:e9:c8:7a:e3:a7:80:63:eb:1f:58:f4:bd:
53:25:ae:f9:6a:bd:33:55:a9:5c:61:73:3c:ba:19:17:3a:63:
72:f3:f3:91:6d:96:3a:37:81:cb:42:23:1d:df:77:f6:40:ab:
24:9b:07:11:c0:ac:fa:5f:2e:52:55:f0:c7:79:8c:62:77:38:
15:88:7f:20:7b:6a:14:12:b5:d0:8e:f3:37:be:3a:b4:4b:57:
4f:9f:29:d0:bc:b4:0c:ce:be:07:7d:cc:c7:fe:3b:15:ce:c3:
26:33:11:35:81:c5:60:54:85:b8:3a:ba:8e:95:50:66:56:f1:
0b:35:df:ca:94:33:ad:90:10:22:ed:6a:ed:dd:c6:55:ad:8a:
a7:a0:5c:23:71:65:6a:09:d7:7f:9c:2e:d1:16:fd:d2:1c:3b:
cb:25:8a:7f:4d:bb:52:1e:d7:46:3c:ea:37:d8:8c:86:dc:63:
f0:28:91:e7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURpC2u1pJbCwkqDJniXIhMMx255IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5ZTQ4YmY0MDc2NmM0MzExYzQ3MjFlM2FhY2E2ZWQyYzEwMmExNjQ2NDhj
OTZlZGQwZWU5MWUzYjM3YTQ3YWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALICa3v8BDbPRIg/Mg1bwgihnutqftmABHiiE5oK0vrjbbbXsHeKXUb7Oh9p
NmDEdTqHs2tIlXxwhImDzI0L85P9ooOCc2EmcdG4quVhvaROscahGD/jPDvET9R7
0Z9hd/qz7PNYV0mRehecn6GtekN35PYNjP1T3cy4clPR8yVrrXoZrZ5KbmnGZiow
0UCAiJsYfNe6S0hdYo1Pazk7RFdRiQG01tA5VCAWTC1AJUQaK/Dfmhx7NgUSebWV
YoYV6wXaH66WSuTeOAXHIaoKtjPTXMi+BVkiUYEHvQcocngH1w7cPGomFrvK1jbW
AK3Qfaihh9OcMe1jUua6cdZ8eNkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ95/HS
R40g204VM1RXtamJ2ZzvjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAfEcuZXt2AHf+imBEpqEDDzenUmXL3DqKskb0Jxln
8AmgV7u/XpMQduY8k4aiIer16gGzJYShr8OTE2As3GlAsxThrHdNgD2Zww8Cl4zw
6ch646eAY+sfWPS9UyWu+Wq9M1WpXGFzPLoZFzpjcvPzkW2WOjeBy0IjHd939kCr
JJsHEcCs+l8uUlXwx3mMYnc4FYh/IHtqFBK10I7zN746tEtXT58p0Ly0DM6+B33M
x/47Fc7DJjMRNYHFYFSFuDq6jpVQZlbxCzXfypQzrZAQIu1q7d3GVa2Kp6BcI3Fl
agnXf5wu0Rb90hw7yyWKf027Uh7XRjzqN9iMhtxj8CiR5w==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org