Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
File: ba49e847-161e-4e06-ade5-750cb58ef3e5.roa (raw, json)
Hash identifier: DEqFtxfWthlm1IdqspGZsSk3eM9x+YfPDHgKlwD9SSY=
Subject key identifier: 07:62:63:78:FA:C1:A9:4C:CD:3A:70:5F:29:4F:5E:CE:8E:EC:74:22
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F8AEE187DB7BAA08AF47E4BEEB96825FA4303F3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:8a:ee:18:7d:b7:ba:a0:8a:f4:7e:4b:ee:b9:68:25:fa:43:03:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=50aba30a8b5ca9c98f122e763dd0bcb20c126dbb41c49d3f3be32117fd1f5bfd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2f:91:b2:f2:a9:4c:01:47:08:7a:34:1f:1d:
21:00:6d:82:d7:5f:a5:ac:f8:23:48:1d:42:ba:84:
16:8c:ba:49:5f:c7:ac:dd:42:ee:66:e4:3b:91:78:
b5:f8:e0:aa:10:ff:86:d7:6f:fa:c1:6b:75:40:0e:
81:d9:83:c0:a6:0b:09:4e:5e:1c:e2:42:cf:fd:b7:
56:a9:84:e8:b7:7c:46:cd:c8:e3:03:7c:57:34:af:
70:12:61:0a:72:ff:05:f7:4c:8d:2e:a0:38:8e:62:
69:ee:8f:c2:ce:a3:8a:21:e7:65:a9:c6:bd:82:81:
08:a7:54:c7:73:c5:c0:a1:9e:45:85:0d:e7:8e:f6:
ac:b3:5c:83:a8:98:77:d7:7e:c1:97:ee:5a:f5:6c:
f3:46:dc:9f:00:12:c3:67:c0:a8:8e:f4:2f:4d:91:
39:cc:e6:8c:10:6b:6d:31:01:91:d0:33:7c:97:4d:
03:18:74:65:dc:fc:85:da:96:f3:36:6c:8e:bf:ef:
06:d5:74:34:1d:95:45:fa:bc:a3:fb:90:f3:e2:ef:
02:6d:fe:14:c8:8d:46:15:ad:21:d4:08:1b:05:23:
d8:15:cd:f2:bb:4c:7b:fc:18:43:31:7d:6a:a2:f2:
89:97:fa:66:97:a1:48:b5:78:c7:b7:49:1d:1f:d7:
0d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:62:63:78:FA:C1:A9:4C:CD:3A:70:5F:29:4F:5E:CE:8E:EC:74:22
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
28:c1:91:1a:bf:0f:0b:79:85:96:d0:c6:53:48:f0:3a:b6:99:
9e:5f:09:12:16:37:2e:6f:a2:dc:33:09:20:5c:15:ae:f4:9b:
63:a2:2a:46:f1:bc:50:11:ed:93:94:71:bd:3f:93:9c:66:3c:
45:05:78:67:28:d1:b9:ec:ba:b8:71:61:4c:d4:f5:3a:30:97:
cb:b9:74:73:ce:f8:f7:e6:78:e0:e5:93:cc:a6:bb:2b:50:3a:
7f:e1:b4:6f:b0:d0:95:09:6b:fe:55:49:d6:d4:d5:cd:1f:5f:
11:c9:53:35:6c:54:6d:90:87:b9:ac:03:0c:17:66:33:95:47:
c1:4e:cc:0f:47:5d:93:f8:32:c8:5e:68:ff:77:de:de:52:35:
b2:e0:7f:f2:6d:0c:95:57:4e:f4:33:17:7a:73:64:83:aa:9d:
19:98:1d:5b:84:c7:10:f0:7a:b6:8b:ad:82:6b:26:34:f3:da:
fc:ad:1b:45:ff:7c:30:a7:5f:00:e0:6c:59:5b:64:66:ad:6b:
26:95:5d:39:4d:8c:db:90:2d:42:71:36:64:b6:97:0b:a9:77:
5d:f7:46:72:ba:9d:7e:a4:d6:75:61:61:2f:23:7b:5a:56:61:
13:fc:b7:ac:7d:63:6d:92:7d:13:69:75:da:ad:f1:91:77:0e:
7b:45:bd:35
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUT4ruGH23uqCK9H5L7rloJfpDA/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwYWJhMzBhOGI1Y2E5Yzk4ZjEyMmU3NjNkZDBiY2IyMGMxMjZkYmI0MWM0
OWQzZjNiZTMyMTE3ZmQxZjViZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0vkbLyqUwBRwh6NB8dIQBtgtdfpaz4I0gdQrqEFoy6SV/HrN1C7mbkO5F4
tfjgqhD/htdv+sFrdUAOgdmDwKYLCU5eHOJCz/23VqmE6Ld8Rs3I4wN8VzSvcBJh
CnL/BfdMjS6gOI5iae6Pws6jiiHnZanGvYKBCKdUx3PFwKGeRYUN5472rLNcg6iY
d9d+wZfuWvVs80bcnwASw2fAqI70L02ROczmjBBrbTEBkdAzfJdNAxh0Zdz8hdqW
8zZsjr/vBtV0NB2VRfq8o/uQ8+LvAm3+FMiNRhWtIdQIGwUj2BXN8rtMe/wYQzF9
aqLyiZf6ZpehSLV4x7dJHR/XDeUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQHYmN4
+sGpTM06cF8pT17Ojux0IjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmE0OWU4NDctMTYxZS00ZTA2LWFkZTUtNzUwY2I1OGVmM2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAKMGRGr8PC3mFltDGU0jwOraZnl8JEhY3Lm+i3DMJ
IFwVrvSbY6IqRvG8UBHtk5RxvT+TnGY8RQV4ZyjRuey6uHFhTNT1OjCXy7l0c874
9+Z44OWTzKa7K1A6f+G0b7DQlQlr/lVJ1tTVzR9fEclTNWxUbZCHuawDDBdmM5VH
wU7MD0ddk/gyyF5o/3fe3lI1suB/8m0MlVdO9DMXenNkg6qdGZgdW4THEPB6tout
gmsmNPPa/K0bRf98MKdfAOBsWVtkZq1rJpVdOU2M25AtQnE2ZLaXC6l3XfdGcrqd
fqTWdWFhLyN7WlZhE/y3rH1jbZJ9E2l12q3xkXcOe0W9NQ==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org