Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
File: a92f2152-65f4-45b1-b1ba-aeb6af713988.roa (raw, json)
Hash identifier: hlkc2yeO2iNkZP4mtTF0LBYBzdcXcDN9YRhsGfn1+Lw=
Subject key identifier: 4A:9B:93:A7:92:1A:DF:F4:16:B0:29:4B:3B:74:E5:87:8D:4E:28:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E793FEDBD623942EBDE0E430E5AA8BA2B7B23B4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
Signing time: Tue 20 Aug 2024 00:00:00 +0000
ROA not before: Tue 20 Aug 2024 00:00:00 +0000
ROA not after: Tue 24 Sep 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:79:3f:ed:bd:62:39:42:eb:de:0e:43:0e:5a:a8:ba:2b:7b:23:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 20 00:00:00 2024 GMT
Not After : Sep 24 23:59:59 2024 GMT
Subject: serialNumber=c13575f68dfdb117cc3f4ad545531645d1ef59e26fd1975edd199c1f7171d273, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cb:7b:40:b7:9b:89:b8:ff:b9:0a:46:cf:40:
b0:cd:41:f5:15:90:9e:2a:1b:c6:6f:10:59:14:9c:
69:6e:7b:41:1d:10:7f:9b:a5:9c:6e:e7:89:e2:0f:
31:3a:90:6e:20:2c:e5:80:1e:b7:51:5d:69:fa:79:
47:ad:63:f0:92:06:07:f6:97:41:3e:09:97:50:d6:
80:82:f4:01:bc:00:2f:92:cc:41:80:cd:e0:8e:dc:
c7:a0:a6:32:8e:40:5a:16:a4:51:82:94:29:ea:7f:
ef:30:34:ba:62:d9:df:ee:6f:8d:bb:3a:93:26:15:
69:07:c8:a3:11:29:08:0b:9f:0b:53:2e:8a:0e:f2:
c3:5d:b0:32:8e:82:79:12:9b:4a:96:c0:91:6d:9e:
77:18:93:a3:59:7f:1c:a0:6a:b8:44:c3:18:69:6a:
dc:f0:ac:6c:ff:3d:23:d6:13:1f:51:37:72:8a:24:
bc:46:23:ab:5d:e4:4a:f7:19:88:1f:45:96:63:f4:
c9:36:cb:6a:ee:f5:1a:2b:46:ad:7e:c3:49:b6:94:
b6:1c:3b:2d:c4:64:30:c8:60:73:b9:7c:ec:d3:53:
75:37:22:f2:b2:c5:18:c1:bd:9c:0e:a8:dc:d0:3a:
f7:cd:7a:36:d8:f8:c2:4d:1a:77:76:3d:99:ed:12:
4e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9B:93:A7:92:1A:DF:F4:16:B0:29:4B:3B:74:E5:87:8D:4E:28:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.171.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c9:ff:28:ec:67:2b:6e:2b:2f:54:5e:ca:cb:b9:e3:f5:64:
3a:34:b9:f9:53:2f:85:87:e2:08:fc:ac:1e:b1:64:48:3f:d4:
cf:f5:a2:e8:7d:ab:8e:ea:26:b1:f9:54:45:ac:cc:0f:8f:0b:
a4:5d:48:a0:f5:f2:81:c6:4c:f2:37:4c:06:fd:ed:70:14:59:
af:83:ef:73:cd:43:a2:cd:1d:61:a3:e1:1d:cd:d7:a6:ac:b2:
68:bc:12:e9:72:32:2e:c9:f5:07:d8:e6:01:2a:44:2b:b2:d6:
79:30:21:a9:91:fb:e7:4e:8a:85:8d:9c:c8:31:d5:dc:e7:aa:
f4:ff:6f:eb:db:86:45:5e:e8:d8:a2:8f:37:56:25:28:74:4f:
8d:0a:9a:b5:c3:57:60:5a:61:04:48:ac:f3:46:7d:f6:f6:b4:
6d:11:c6:3b:32:cc:e7:18:40:49:f3:8b:8e:18:df:34:e2:27:
71:4c:a1:02:8e:14:d8:cf:24:af:80:93:0d:5d:e2:ff:fd:66:
da:34:d5:a1:f3:9f:54:b4:d7:e9:bd:37:9a:2d:82:13:ad:43:
cf:04:3a:f2:45:4c:a4:cb:66:f6:e1:2d:d2:27:cd:e5:74:94:
76:7f:37:3f:3b:3c:91:11:d0:99:c8:dd:8f:e7:1e:06:b0:a9:
56:42:2f:03
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHnk/7b1iOULr3g5DDlqouit7I7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA4MjAwMDAwMDBaFw0yNDA5MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMzU3NWY2OGRmZGIxMTdjYzNmNGFkNTQ1NTMxNjQ1ZDFlZjU5ZTI2ZmQx
OTc1ZWRkMTk5YzFmNzE3MWQyNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDLe0C3m4m4/7kKRs9AsM1B9RWQniobxm8QWRScaW57QR0Qf5ulnG7nieIP
MTqQbiAs5YAet1Fdafp5R61j8JIGB/aXQT4Jl1DWgIL0AbwAL5LMQYDN4I7cx6Cm
Mo5AWhakUYKUKep/7zA0umLZ3+5vjbs6kyYVaQfIoxEpCAufC1Muig7yw12wMo6C
eRKbSpbAkW2edxiTo1l/HKBquETDGGlq3PCsbP89I9YTH1E3cookvEYjq13kSvcZ
iB9FlmP0yTbLau71GitGrX7DSbaUthw7LcRkMMhgc7l87NNTdTci8rLFGMG9nA6o
3NA69816Ntj4wk0ad3Y9me0STvsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKm5On
khrf9BawKUs7dOWHjU4oojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTkyZjIxNTItNjVmNC00NWIxLWIxYmEtYWViNmFmNzEzOTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qzAN
BgkqhkiG9w0BAQsFAAOCAQEAYMn/KOxnK24rL1Reysu54/VkOjS5+VMvhYfiCPys
HrFkSD/Uz/Wi6H2rjuomsflURazMD48LpF1IoPXygcZM8jdMBv3tcBRZr4Pvc81D
os0dYaPhHc3XpqyyaLwS6XIyLsn1B9jmASpEK7LWeTAhqZH7506KhY2cyDHV3Oeq
9P9v69uGRV7o2KKPN1YlKHRPjQqatcNXYFphBEis80Z99va0bRHGOzLM5xhASfOL
jhjfNOIncUyhAo4U2M8kr4CTDV3i//1m2jTVofOfVLTX6b03mi2CE61DzwQ68kVM
pMtm9uEt0ifN5XSUdn83Pzs8kRHQmcjdj+ceBrCpVkIvAw==
-----END CERTIFICATE-----
Generated at Sat Sep 7 19:17:38 2024 by rpki-client on console-fra.rpki-client.org