Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
File: 1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa (raw, json)
Hash identifier: KKLhbvgTpNVI766G/YDZ56VkDEJHMLtgoLFghOvwhpE=
Subject key identifier: 0F:21:DC:1E:5E:D7:7F:35:57:D5:42:C9:92:A5:F8:03:18:E6:E7:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F4D082DD2879E4E9BB22FD4A0A5AFCC05D988C4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:4d:08:2d:d2:87:9e:4e:9b:b2:2f:d4:a0:a5:af:cc:05:d9:88:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=8f2cc32dd24b675a730e218fb9154f6a4534b827099c106601d39c20811e96b1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ae:94:8d:2e:8a:00:93:64:8b:3f:17:9d:b5:
28:a6:87:de:ea:f0:cd:bf:0c:b2:8d:b4:84:ff:10:
1c:00:d5:32:6f:fe:ac:61:e8:60:e4:60:a7:e2:40:
46:93:af:17:c2:be:c0:06:93:a5:0b:05:b7:f2:6b:
31:a9:0d:9c:10:d6:3e:a0:c8:98:24:da:9e:0a:a4:
63:b7:03:4c:88:f2:c0:07:b3:29:d3:e7:a7:e8:c0:
a3:61:84:10:d7:01:d5:22:69:a0:44:95:d6:1b:29:
d6:bb:b2:ea:a7:5c:da:24:b5:19:1f:76:de:aa:8e:
17:12:ce:db:f0:93:93:18:2a:96:5f:6d:3b:4c:39:
3d:a6:72:a9:93:dc:52:04:3b:40:a5:d6:1e:08:92:
cc:e4:38:04:83:89:23:a7:aa:28:53:e2:46:99:51:
07:1b:e5:76:8f:2a:06:3b:0a:0a:11:1d:25:79:46:
9d:c1:47:42:b2:76:25:d0:82:15:85:90:17:0d:d8:
69:de:b1:fa:8b:fb:d7:c8:30:08:95:9f:54:e4:99:
97:91:86:4d:d1:34:62:a2:64:25:fb:38:e7:11:d6:
2d:f5:85:a2:a9:a2:86:2b:b0:a8:12:69:21:45:b6:
4d:89:3c:b1:81:a2:57:ef:b4:1a:66:3b:81:d5:2b:
84:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:21:DC:1E:5E:D7:7F:35:57:D5:42:C9:92:A5:F8:03:18:E6:E7:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:39:c2:8b:fd:92:bc:2c:ed:e2:af:0b:d6:42:1f:a2:1c:e2:
94:11:20:53:4d:c5:bc:7f:47:b9:73:3f:c9:22:e3:82:9b:ee:
54:4c:6e:e2:91:16:a3:b9:f2:97:14:01:1c:f6:18:77:56:54:
7b:53:de:12:93:43:ad:04:a0:c5:9f:27:18:59:69:2a:47:4f:
cb:e3:52:f8:aa:86:c8:f8:a1:2e:d5:3d:02:c4:7c:0d:00:21:
1b:70:20:d0:90:2d:39:65:25:6f:2b:bf:12:3d:66:77:36:73:
ce:25:c0:66:05:f6:a4:3f:07:5c:b4:cf:b6:1d:b6:7d:c5:f4:
cc:a3:19:65:45:83:1c:18:ac:9b:22:a5:c8:fa:ec:5a:8a:a0:
8a:37:41:cc:32:28:7c:ea:7d:d3:13:89:c9:a4:27:ba:f0:ff:
c5:58:46:27:9d:c5:3f:99:55:f6:3b:90:5a:58:d9:d3:52:cf:
88:c2:75:91:7c:a7:a1:f7:8d:93:5f:26:99:cb:f9:a6:da:44:
35:f0:bd:16:e0:a9:47:1a:62:dc:72:d5:25:1c:e4:a4:c2:f7:
1f:73:de:23:97:9b:f9:17:20:59:8e:c5:58:ee:53:68:e3:db:
9c:16:7c:1c:34:5a:a0:56:9d:5f:01:bb:71:ac:2d:d1:41:4c:
af:73:f5:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP00ILdKHnk6bsi/UoKWvzAXZiMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMmNjMzJkZDI0YjY3NWE3MzBlMjE4ZmI5MTU0ZjZhNDUzNGI4MjcwOTlj
MTA2NjAxZDM5YzIwODExZTk2YjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaulI0uigCTZIs/F521KKaH3urwzb8Mso20hP8QHADVMm/+rGHoYORgp+JA
RpOvF8K+wAaTpQsFt/JrMakNnBDWPqDImCTangqkY7cDTIjywAezKdPnp+jAo2GE
ENcB1SJpoESV1hsp1ruy6qdc2iS1GR923qqOFxLO2/CTkxgqll9tO0w5PaZyqZPc
UgQ7QKXWHgiSzOQ4BIOJI6eqKFPiRplRBxvldo8qBjsKChEdJXlGncFHQrJ2JdCC
FYWQFw3Yad6x+ov718gwCJWfVOSZl5GGTdE0YqJkJfs45xHWLfWFoqmihiuwqBJp
IUW2TYk8sYGiV++0GmY7gdUrhM8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQPIdwe
Xtd/NVfVQsmSpfgDGObn/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWI0YWVlYWEtZDZhOC00ODFmLWI2YWEtYmVlMTRmNGU4MGJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQAAOcKL/ZK8LO3irwvWQh+iHOKUESBTTcW8f0e5cz/J
IuOCm+5UTG7ikRajufKXFAEc9hh3VlR7U94Sk0OtBKDFnycYWWkqR0/L41L4qobI
+KEu1T0CxHwNACEbcCDQkC05ZSVvK78SPWZ3NnPOJcBmBfakPwdctM+2HbZ9xfTM
oxllRYMcGKybIqXI+uxaiqCKN0HMMih86n3TE4nJpCe68P/FWEYnncU/mVX2O5Ba
WNnTUs+IwnWRfKeh942TXyaZy/mm2kQ18L0W4KlHGmLcctUlHOSkwvcfc94jl5v5
FyBZjsVY7lNo49ucFnwcNFqgVp1fAbtxrC3RQUyvc/XQ
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org