Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: gWRs7i2JtNoEnVLLtYLrclBF2hlsnQjY9Hge8tFALto=
Subject key identifier: 95:9C:70:86:F0:31:B5:AA:D4:1C:08:CB:8C:84:0C:A1:5A:15:E9:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32794C4BC85075C73F0D1CB157B7C3AA62915B48
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:79:4c:4b:c8:50:75:c7:3f:0d:1c:b1:57:b7:c3:aa:62:91:5b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=55121241e6426347816d48f8a65b513be3fdf2942387de992b54b2d304c2d3c8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:ee:87:06:c2:15:c0:76:5d:02:69:7d:50:
db:3a:fa:df:58:8a:52:3b:65:b9:c4:44:4e:d0:e0:
45:50:c6:d4:b2:9b:ff:77:53:d0:7f:bd:06:7d:18:
9b:d8:52:f7:1f:0b:be:35:4a:ab:62:35:82:1e:b6:
2d:32:d9:ad:4d:3e:d3:5f:55:05:30:ee:9f:21:e3:
84:89:23:a8:14:48:05:fb:de:14:32:de:7e:d2:07:
e4:0d:f5:f6:11:26:eb:3c:46:86:99:ad:46:f0:77:
12:eb:df:f0:44:9c:ec:22:13:56:40:e7:01:a7:43:
2d:4b:c9:55:fa:d7:a8:7d:7b:5d:43:f5:55:3e:fd:
35:c3:a2:59:9a:d0:23:b7:61:6a:6c:e6:25:0d:0e:
50:02:ec:0a:a0:97:e8:34:34:63:27:e6:f9:86:fd:
8e:1f:45:63:cb:dc:c4:92:08:f0:d6:27:a4:ac:e1:
42:35:4b:ce:78:15:84:fd:ce:79:d9:08:d1:6e:92:
b7:bd:eb:c8:74:e4:f2:ee:eb:58:57:99:f8:89:4f:
63:8a:e4:97:ea:7f:4c:f2:2f:70:f3:41:ab:dd:88:
94:28:2f:75:0d:3e:3d:c3:2e:f7:bb:0c:54:b6:c7:
f9:f0:f2:f1:56:f6:5b:5f:c6:42:38:1a:22:c6:88:
e9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9C:70:86:F0:31:B5:AA:D4:1C:08:CB:8C:84:0C:A1:5A:15:E9:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
9c:4c:75:b6:30:66:c2:31:6a:4e:68:fb:ee:a5:bf:c8:b1:ad:
3a:40:cc:08:7c:c7:a6:04:aa:cb:e1:c7:8f:49:cf:73:38:3b:
59:2c:24:9d:a1:77:68:4b:55:bd:1d:7a:31:aa:7b:87:fa:69:
95:a5:e9:c5:c0:79:2e:81:06:7f:c4:0d:67:93:3d:c8:fd:64:
de:39:4f:8d:3f:6b:22:76:0f:e1:86:3e:fe:63:27:ed:83:95:
8e:61:12:c7:5d:3f:22:6d:93:79:f3:65:19:45:a6:3d:77:09:
c9:af:c8:08:66:ae:fd:fb:43:58:ae:27:8c:49:84:c3:d1:9c:
51:f4:f9:b6:58:cb:dd:ed:17:b5:f7:92:39:b4:9d:cf:38:89:
55:ea:17:ba:c3:8f:6b:9d:51:dc:2d:41:01:a5:ab:21:f3:1c:
a0:5b:16:73:9b:55:38:01:7c:0b:e9:c5:93:5e:3f:73:b1:28:
3b:92:29:7e:8e:fc:9c:82:28:2f:41:68:5d:09:6a:4f:c4:e3:
4d:b6:48:bf:75:6a:eb:1a:4d:50:70:50:33:7a:e4:f5:dc:b5:
ba:eb:e0:57:82:b5:02:a5:46:98:f7:76:fb:47:69:01:2f:5f:
cc:1a:8c:20:80:f9:c7:1d:98:83:39:e8:66:32:26:eb:d1:55:
07:b7:a8:4f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMnlMS8hQdcc/DRyxV7fDqmKRW0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1MTIxMjQxZTY0MjYzNDc4MTZkNDhmOGE2NWI1MTNiZTNmZGYyOTQyMzg3
ZGU5OTJiNTRiMmQzMDRjMmQzYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8f7ocGwhXAdl0CaX1Q2zr631iKUjtlucRETtDgRVDG1LKb/3dT0H+9Bn0Y
m9hS9x8LvjVKq2I1gh62LTLZrU0+019VBTDunyHjhIkjqBRIBfveFDLeftIH5A31
9hEm6zxGhpmtRvB3Euvf8ESc7CITVkDnAadDLUvJVfrXqH17XUP1VT79NcOiWZrQ
I7dhamzmJQ0OUALsCqCX6DQ0Yyfm+Yb9jh9FY8vcxJII8NYnpKzhQjVLzngVhP3O
edkI0W6St73ryHTk8u7rWFeZ+IlPY4rkl+p/TPIvcPNBq92IlCgvdQ0+PcMu97sM
VLbH+fDy8Vb2W1/GQjgaIsaI6UUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSVnHCG
8DG1qtQcCMuMhAyhWhXpzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAnEx1tjBmwjFqTmj77qW/yLGtOkDMCHzHpgSqy+HH
j0nPczg7WSwknaF3aEtVvR16Map7h/pplaXpxcB5LoEGf8QNZ5M9yP1k3jlPjT9r
InYP4YY+/mMn7YOVjmESx10/Im2TefNlGUWmPXcJya/ICGau/ftDWK4njEmEw9Gc
UfT5tljL3e0XtfeSObSdzziJVeoXusOPa51R3C1BAaWrIfMcoFsWc5tVOAF8C+nF
k14/c7EoO5Ipfo78nIIoL0FoXQlqT8TjTbZIv3Vq6xpNUHBQM3rk9dy1uuvgV4K1
AqVGmPd2+0dpAS9fzBqMIID5xx2YgznoZjIm69FVB7eoTw==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org