Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
File: f60b4750-e7e3-4460-ba65-978713bb9e2a.roa (raw, json)
Hash identifier: +Qpjvl5q7WloeDpqVLghKzLQ2OL+/ypflkwtBTlr5Sk=
Subject key identifier: D3:E7:08:D8:FB:7F:B9:12:3F:E5:01:2F:FE:83:F6:B2:36:06:10:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A0C109CC6226746F6265E2EFFD18409A4B70224
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
Signing time: Tue 20 Aug 2024 00:00:00 +0000
ROA not before: Tue 20 Aug 2024 00:00:00 +0000
ROA not after: Tue 24 Sep 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:0c:10:9c:c6:22:67:46:f6:26:5e:2e:ff:d1:84:09:a4:b7:02:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 20 00:00:00 2024 GMT
Not After : Sep 24 23:59:59 2024 GMT
Subject: serialNumber=f6126328603b087e4e43f6253f7bb50ca81e72f0c928c9ceb1c8a97652bccd61, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c4:e2:bf:1e:1c:a1:b5:c9:12:1c:48:56:04:
b4:c8:4e:92:f3:67:0d:b0:bc:02:eb:4f:0d:8a:28:
65:62:3a:26:66:ae:99:56:46:b1:dc:c1:80:46:19:
16:a6:45:1a:97:ca:5f:0c:b1:a3:fe:46:de:22:39:
75:54:66:7b:62:ac:e8:0b:f2:f5:5f:95:e7:d7:02:
68:17:c8:13:1a:35:db:cf:97:31:7c:2b:06:4f:a6:
4b:e9:70:b9:99:8b:c6:fa:a4:99:1b:57:51:38:2b:
fd:ec:67:c4:da:1f:c6:02:bd:74:4f:b4:13:32:54:
90:82:bb:ab:5f:20:19:16:dc:fa:71:7b:2d:f5:ac:
59:a7:b5:f6:36:96:b7:e2:b2:8e:2f:5f:13:b7:f8:
b6:66:93:54:c7:17:ce:ec:57:eb:5d:56:0e:12:f1:
1d:bb:cb:da:5b:50:b2:d4:47:1f:b2:75:11:13:5b:
33:a5:fc:b8:67:d7:7a:eb:0b:b2:8b:99:6f:6e:6d:
ff:6c:b2:f1:c7:5e:0b:28:46:03:2c:ac:72:db:91:
e8:7e:c3:7c:5e:2c:9a:29:0b:68:a5:4a:64:ae:bf:
6c:bf:ca:43:24:04:c9:0d:98:4a:ae:36:8f:92:e7:
7f:ae:c6:53:8a:6d:fd:21:1e:54:6a:5d:d5:83:9b:
85:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E7:08:D8:FB:7F:B9:12:3F:E5:01:2F:FE:83:F6:B2:36:06:10:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d7:b1:e5:64:aa:d0:67:5c:1c:5f:4a:3a:f3:f8:94:70:c6:
ea:7e:52:9c:ea:18:5d:be:3b:cd:3d:ff:9d:0f:46:75:5d:59:
d3:19:e9:f2:1f:22:00:30:df:18:bb:a0:e0:4c:05:b8:c0:52:
8d:66:5f:f6:4f:c8:b8:a2:1c:55:4f:d4:0a:ed:0d:ed:4b:d9:
a1:df:84:c5:a1:b2:81:6e:48:51:a9:2d:7d:b3:af:7a:e2:b8:
36:fb:7a:6e:12:de:48:e5:ca:d0:ea:86:72:78:30:66:e9:37:
96:07:90:97:10:bc:22:32:b9:2e:ba:c5:a7:f8:84:60:4d:83:
fa:1c:8c:f7:1e:56:82:3e:56:6a:2a:41:1c:83:14:29:be:97:
52:43:d3:40:e5:cc:2e:af:09:10:95:a0:ff:ce:29:fa:9a:c2:
9b:59:b7:43:f9:98:76:5a:18:e3:55:56:e9:76:fa:58:5c:cf:
6c:c3:e3:8b:24:72:4d:b0:13:a0:a3:62:6c:b8:ab:6d:8f:66:
3b:6c:e3:af:86:f2:4d:ff:21:6b:a7:f4:62:c8:1f:60:04:a6:
0b:15:e1:a1:38:b6:0b:d7:58:b7:5d:aa:d7:af:d7:a6:dc:93:
e6:f1:a4:f7:24:57:73:7b:1b:44:46:76:26:47:f0:8b:d2:2e:
65:b4:c1:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGgwQnMYiZ0b2Jl4u/9GECaS3AiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA4MjAwMDAwMDBaFw0yNDA5MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MTI2MzI4NjAzYjA4N2U0ZTQzZjYyNTNmN2JiNTBjYTgxZTcyZjBjOTI4
YzljZWIxYzhhOTc2NTJiY2NkNjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnE4r8eHKG1yRIcSFYEtMhOkvNnDbC8AutPDYooZWI6JmaumVZGsdzBgEYZ
FqZFGpfKXwyxo/5G3iI5dVRme2Ks6Avy9V+V59cCaBfIExo128+XMXwrBk+mS+lw
uZmLxvqkmRtXUTgr/exnxNofxgK9dE+0EzJUkIK7q18gGRbc+nF7LfWsWae19jaW
t+Kyji9fE7f4tmaTVMcXzuxX611WDhLxHbvL2ltQstRHH7J1ERNbM6X8uGfXeusL
souZb25t/2yy8cdeCyhGAyysctuR6H7DfF4smikLaKVKZK6/bL/KQyQEyQ2YSq42
j5Lnf67GU4pt/SEeVGpd1YObhZ8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTT5wjY
+3+5Ej/lAS/+g/ayNgYQjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjYwYjQ3NTAtZTdlMy00NDYwLWJhNjUtOTc4NzEzYmI5ZTJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAYNex5WSq0GdcHF9KOvP4lHDG6n5SnOoYXb47zT3/
nQ9GdV1Z0xnp8h8iADDfGLug4EwFuMBSjWZf9k/IuKIcVU/UCu0N7UvZod+ExaGy
gW5IUaktfbOveuK4Nvt6bhLeSOXK0OqGcngwZuk3lgeQlxC8IjK5LrrFp/iEYE2D
+hyM9x5Wgj5WaipBHIMUKb6XUkPTQOXMLq8JEJWg/84p+prCm1m3Q/mYdloY41VW
6Xb6WFzPbMPjiyRyTbAToKNibLirbY9mO2zjr4byTf8ha6f0YsgfYASmCxXhoTi2
C9dYt12q16/XptyT5vGk9yRXc3sbREZ2Jkfwi9IuZbTBGQ==
-----END CERTIFICATE-----
Generated at Sat Sep 7 19:20:23 2024 by rpki-client on console-ams.rpki-client.org