Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
File: bd71a746-3cc9-4570-bf5d-cc70358205b8.roa (raw, json)
Hash identifier: EPP+dhd30nj2kotiyr0jigbGoo3DI/yqDKZM/kaBzLM=
Subject key identifier: 78:E7:FF:C6:DC:44:B4:CD:27:12:2C:9E:E6:E9:D7:1E:FD:AB:B4:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1EE0E019FD2BD06FAB4AED28B48D0F3BC6230E79
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:e0:e0:19:fd:2b:d0:6f:ab:4a:ed:28:b4:8d:0f:3b:c6:23:0e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=803b7737be5137f9c505254f9eac23a3f13b959b6f6479d9d894e3d3aee96fae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:9f:e0:13:0b:4a:68:b1:73:da:53:22:a2:
ac:4e:0f:b7:c3:1d:e6:59:06:d4:5a:6a:2b:50:52:
5d:cf:56:bb:da:ad:f8:fa:44:93:64:ff:11:2c:b8:
a1:e1:e8:88:a6:f0:43:7e:d2:de:fe:db:4d:95:9d:
cc:31:60:b7:fe:c5:74:43:dc:7d:07:52:09:3d:3b:
16:5b:93:7e:54:6c:11:a8:16:20:a8:ea:db:bf:71:
c2:46:4d:38:eb:ed:e4:5b:ed:c2:00:7a:7d:c2:60:
76:40:44:34:dc:c6:4b:a5:55:1a:f9:35:96:40:aa:
24:b5:f5:bc:ba:7f:f6:21:89:e9:bf:31:e4:b5:a1:
67:14:87:7e:78:eb:e5:09:33:2f:aa:d3:71:37:d4:
85:9b:47:1f:f5:d9:4b:eb:42:31:47:75:a1:f5:7e:
e1:79:17:8c:d5:f4:de:5f:96:76:c6:42:29:67:5d:
3c:21:f7:97:5f:98:59:04:af:b9:ec:a8:bc:b6:ab:
37:64:40:e5:37:19:11:ca:04:66:4c:63:65:a1:90:
ea:70:29:cb:73:4a:c8:91:2f:38:9f:63:bb:d0:1f:
e2:eb:af:b2:47:c8:6c:c1:5f:78:11:33:52:ee:f8:
bd:a6:2c:78:9a:de:26:ed:60:ee:77:7c:25:9c:32:
d7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E7:FF:C6:DC:44:B4:CD:27:12:2C:9E:E6:E9:D7:1E:FD:AB:B4:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
d0:5a:6c:4c:33:ea:e1:34:7a:35:9d:41:12:c8:0d:f5:08:29:
63:f5:f2:09:90:e9:e4:50:14:02:c9:08:ea:2b:cd:72:25:e8:
e7:12:b7:4e:5b:c4:23:93:82:99:36:9f:ba:89:69:51:83:33:
21:de:3c:1a:06:ef:e7:e5:b6:6f:34:0c:15:f8:a9:93:e2:09:
2f:64:c1:e7:8a:89:92:2a:03:c6:3d:30:52:6f:b0:53:9c:27:
8b:18:b1:6e:b2:74:b8:0a:8a:a0:cf:13:a3:98:15:77:93:bc:
64:12:0c:32:94:b1:2c:43:d3:15:a1:be:58:71:53:b9:6c:c1:
01:b5:55:6f:bb:40:c9:76:64:44:9c:87:c5:f2:3e:8b:b4:06:
b5:31:f4:ef:0b:7b:fd:3a:cd:37:61:07:24:27:73:31:37:d1:
3f:35:f0:b0:a9:11:70:8e:d6:3c:05:85:be:5a:6c:90:f4:40:
7b:19:e6:ce:09:d4:e9:0a:90:06:d1:ee:4b:79:80:43:84:39:
9f:1d:09:fe:84:66:41:b3:87:93:c5:87:eb:68:ae:ec:a5:ef:
75:ed:60:9a:af:b9:05:eb:3c:a0:f2:fc:97:7c:1c:34:37:7b:
2d:eb:76:2e:4f:57:3b:6e:83:f1:71:88:9c:0d:f5:2c:b9:db:
e4:c2:66:4a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHuDgGf0r0G+rSu0otI0PO8YjDnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwM2I3NzM3YmU1MTM3ZjljNTA1MjU0ZjllYWMyM2EzZjEzYjk1OWI2ZjY0
NzlkOWQ4OTRlM2QzYWVlOTZmYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPCn+ATC0posXPaUyKirE4Pt8Md5lkG1FpqK1BSXc9Wu9qt+PpEk2T/ESy4
oeHoiKbwQ37S3v7bTZWdzDFgt/7FdEPcfQdSCT07FluTflRsEagWIKjq279xwkZN
OOvt5FvtwgB6fcJgdkBENNzGS6VVGvk1lkCqJLX1vLp/9iGJ6b8x5LWhZxSHfnjr
5QkzL6rTcTfUhZtHH/XZS+tCMUd1ofV+4XkXjNX03l+WdsZCKWddPCH3l1+YWQSv
ueyovLarN2RA5TcZEcoEZkxjZaGQ6nApy3NKyJEvOJ9ju9Af4uuvskfIbMFfeBEz
Uu74vaYseJreJu1g7nd8JZwy11ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR45//G
3ES0zScSLJ7m6dce/au0JTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmQ3MWE3NDYtM2NjOS00NTcwLWJmNWQtY2M3MDM1ODIwNWI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEA0FpsTDPq4TR6NZ1BEsgN9QgpY/XyCZDp5FAUAskI
6ivNciXo5xK3TlvEI5OCmTafuolpUYMzId48Ggbv5+W2bzQMFfipk+IJL2TB54qJ
kioDxj0wUm+wU5wnixixbrJ0uAqKoM8To5gVd5O8ZBIMMpSxLEPTFaG+WHFTuWzB
AbVVb7tAyXZkRJyHxfI+i7QGtTH07wt7/TrNN2EHJCdzMTfRPzXwsKkRcI7WPAWF
vlpskPRAexnmzgnU6QqQBtHuS3mAQ4Q5nx0J/oRmQbOHk8WH62iu7KXvde1gmq+5
Bes8oPL8l3wcNDd7Let2Lk9XO26D8XGInA31LLnb5MJmSg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org