Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: tTdGiWmfu8aiMqZymE1oB0yfBYzcXskNB5AfCK+3mOI=
Subject key identifier: 00:5F:1C:DB:8D:84:8E:3B:12:15:80:20:2D:A5:A3:DD:45:EA:A2:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E215FCAB4BB3D5FD9462F757A767F6E31AC442A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:21:5f:ca:b4:bb:3d:5f:d9:46:2f:75:7a:76:7f:6e:31:ac:44:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=8130d0e116d8b281d30e5c7f9d8c251bff2bb9e2e9e1a8811ef024d27671a8d4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dc:05:56:d0:49:d8:e5:ba:16:55:dc:80:2d:
4b:22:d9:ac:d1:d5:c6:da:7d:72:b6:8c:46:ec:09:
1a:6c:94:9a:1a:ae:ca:83:3d:ce:32:db:54:ac:e6:
62:37:0f:78:6a:2e:dc:b2:be:eb:4b:86:02:69:a2:
81:43:d3:50:d9:08:39:bf:b6:a4:9d:b2:51:27:9b:
52:f8:ac:38:72:15:9a:dc:f5:44:5a:75:32:e4:93:
02:c8:81:21:fb:fd:e3:a3:5a:1d:0c:d1:7b:fd:75:
23:08:3d:30:ff:bc:4d:b6:7a:05:83:2b:c2:4d:df:
d5:a4:47:b3:74:d0:0c:c8:aa:1e:1f:ea:84:1c:59:
7f:8b:42:63:3f:f9:cc:28:75:d3:3e:13:8b:d2:8d:
68:ee:4d:c6:b2:18:37:e3:77:ac:7b:21:78:55:d5:
93:ef:22:9a:cc:67:73:a5:b6:d7:58:c2:cf:55:f2:
96:34:80:e1:69:78:5d:15:f7:cb:b2:80:f5:73:88:
da:cd:6b:0d:62:09:e7:fd:f9:79:e2:e4:b8:09:3f:
7a:07:73:28:9c:f6:3e:7c:01:50:7b:52:43:a9:49:
56:df:a0:a2:76:f0:71:2f:81:6c:2e:cf:42:20:a1:
e4:51:54:2b:55:4f:d3:82:94:46:18:b0:1b:42:27:
84:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5F:1C:DB:8D:84:8E:3B:12:15:80:20:2D:A5:A3:DD:45:EA:A2:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:96:2e:7d:27:b4:d7:9a:fc:bc:8b:ec:8a:56:00:48:b2:ba:
72:4e:5c:5a:f8:3e:a7:9f:c0:fb:83:ac:02:2f:d6:4f:aa:a1:
17:95:f0:11:a4:f1:49:97:29:e1:a5:1e:4a:f3:3e:43:6e:98:
9b:c8:f5:d1:c5:01:11:72:ca:4e:19:b7:b3:ac:73:52:33:72:
05:1f:24:16:3f:10:f2:4e:7f:fd:da:33:ee:b3:4f:ca:14:10:
08:da:ce:68:0c:a2:90:86:7e:74:4b:8f:a8:ec:46:d5:cd:d8:
b3:d2:64:20:b3:84:c7:9c:b5:8b:1c:a4:1b:72:5b:01:94:d9:
51:e5:e1:91:02:5e:08:16:47:1c:00:1b:21:28:ad:49:4f:1e:
45:7d:fb:f5:ed:ec:9f:94:32:46:3b:7d:91:83:17:36:fe:40:
f0:5d:a0:c9:ae:33:d6:ff:94:0f:8a:9b:f6:f0:a1:a3:84:96:
46:67:c3:1e:92:8d:7f:a4:54:ee:15:2a:1f:1f:b8:d5:9e:26:
f4:91:68:94:0f:c5:e0:75:91:79:98:14:84:8e:5a:42:82:04:
f4:5f:40:6d:28:eb:90:a7:53:ff:a0:ec:fb:34:f6:80:8f:f5:
8f:9a:f9:b9:b2:ec:69:db:e0:d2:46:9a:24:e6:11:6c:e1:c3:
98:df:3e:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHiFfyrS7PV/ZRi91enZ/bjGsRCowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMzBkMGUxMTZkOGIyODFkMzBlNWM3ZjlkOGMyNTFiZmYyYmI5ZTJlOWUx
YTg4MTFlZjAyNGQyNzY3MWE4ZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzcBVbQSdjluhZV3IAtSyLZrNHVxtp9craMRuwJGmyUmhquyoM9zjLbVKzm
YjcPeGou3LK+60uGAmmigUPTUNkIOb+2pJ2yUSebUvisOHIVmtz1RFp1MuSTAsiB
Ifv946NaHQzRe/11Iwg9MP+8TbZ6BYMrwk3f1aRHs3TQDMiqHh/qhBxZf4tCYz/5
zCh10z4Ti9KNaO5NxrIYN+N3rHsheFXVk+8imsxnc6W211jCz1XyljSA4Wl4XRX3
y7KA9XOI2s1rDWIJ5/35eeLkuAk/egdzKJz2PnwBUHtSQ6lJVt+gonbwcS+BbC7P
QiCh5FFUK1VP04KURhiwG0InhDECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQAXxzb
jYSOOxIVgCAtpaPdReqiATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAzpYufSe015r8vIvsilYASLK6ck5cWvg+p5/A+4Os
Ai/WT6qhF5XwEaTxSZcp4aUeSvM+Q26Ym8j10cUBEXLKThm3s6xzUjNyBR8kFj8Q
8k5//doz7rNPyhQQCNrOaAyikIZ+dEuPqOxG1c3Ys9JkILOEx5y1ixykG3JbAZTZ
UeXhkQJeCBZHHAAbISitSU8eRX379e3sn5QyRjt9kYMXNv5A8F2gya4z1v+UD4qb
9vCho4SWRmfDHpKNf6RU7hUqHx+41Z4m9JFolA/F4HWReZgUhI5aQoIE9F9AbSjr
kKdT/6Ds+zT2gI/1j5r5ubLsadvg0kaaJOYRbOHDmN8+VA==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org