Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa
File: 1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa (raw, json)
Hash identifier: 5NZuboosQgGt/V5/83tlKuZJ+CTh3amg3Ke2OHs8VbU=
Subject key identifier: B5:B0:BB:F6:FD:1B:57:21:13:31:D4:DB:5A:92:3A:AB:73:97:64:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72F914AE2293EA63C9FEBE4B21978D185928B650
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1020::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f9:14:ae:22:93:ea:63:c9:fe:be:4b:21:97:8d:18:59:28:b6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=36fdb216b1aec7954933381ba1e842bf0cf59160c7fa87962cf9e23b5446910c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:56:86:a4:16:19:88:e0:64:1c:bd:ad:14:3b:
c2:24:7f:9a:91:fe:79:a7:c7:b2:ba:14:08:a2:1b:
86:4d:e6:e8:e7:65:57:82:74:ff:bf:bc:42:06:a6:
4b:4e:89:00:fb:65:22:f1:40:42:16:28:1f:ff:59:
00:ea:65:02:09:6c:b4:84:b4:2b:86:00:79:42:d7:
a9:ed:80:be:76:bd:bb:6d:17:2e:55:5a:93:8e:01:
c1:df:a1:27:5d:67:e1:c9:6b:69:2b:3f:e3:5b:6d:
49:c5:c2:59:07:f3:21:14:2a:cf:13:39:ff:14:8f:
3d:09:bb:c6:1c:c4:6a:d4:21:f7:4d:a5:3b:a1:fe:
0f:bf:25:ef:89:70:38:14:d0:b7:90:66:89:21:95:
4c:5b:9e:29:29:9a:8f:5d:77:dd:d6:3f:91:3a:69:
c9:86:0c:ac:71:aa:28:57:4e:34:bd:4f:bd:e2:bd:
82:cf:c9:25:19:4c:da:be:d2:c9:ff:48:a7:6e:68:
e2:21:94:5c:b0:e6:84:5c:ad:ab:b9:da:d7:ad:7a:
f0:80:32:21:e3:39:8a:42:3e:52:36:8d:be:84:c9:
12:a6:ff:bf:58:6c:5d:71:54:20:4a:9b:7a:cc:94:
f5:ca:30:8e:34:ff:ad:d3:a7:21:f8:a6:47:bc:cc:
17:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B0:BB:F6:FD:1B:57:21:13:31:D4:DB:5A:92:3A:AB:73:97:64:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dfc142f-80a0-4fa9-a586-bd45c77ac34e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1020::/43
Signature Algorithm: sha256WithRSAEncryption
75:d7:1a:23:b5:9f:4e:f7:8c:86:60:6a:8a:8f:01:db:7d:a7:
7d:f3:1f:d2:7a:29:51:db:14:fb:1a:fd:9f:b2:84:1c:66:d4:
a1:47:e4:2b:06:f6:63:9a:ac:9e:2a:be:1d:db:47:cd:c6:9c:
ff:2f:e2:6f:5c:fb:06:05:a5:be:8e:54:65:eb:7a:2d:b2:29:
9c:ea:a7:f6:62:dc:c1:df:93:4b:8b:17:d4:9e:99:40:f3:62:
3f:4d:bb:e7:c0:c8:49:06:22:90:5d:c2:fb:1a:9b:e2:82:57:
9f:ae:38:d7:3e:87:16:63:f8:d0:63:b4:92:51:50:c7:1b:41:
8a:47:f1:01:e1:2a:a6:1c:c3:a5:67:bd:bc:cf:2c:34:6f:98:
6e:ec:d3:b5:2d:48:c6:fd:9f:b1:06:6e:ba:17:30:34:5a:a8:
de:5e:38:ca:f1:7b:73:03:33:b1:5e:3a:3b:d7:3f:cc:c5:d0:
0f:b1:f0:f4:69:e2:09:b3:7b:87:e9:ae:07:5e:c6:07:37:b0:
e0:6b:c8:6f:39:54:40:8d:c2:ff:ba:29:c8:f3:a1:ec:e2:f5:
eb:ce:f8:f2:07:c1:f5:cc:38:08:c6:3e:a2:32:7a:f6:7f:1e:
ae:a9:26:6e:2e:d3:ff:fd:24:56:eb:28:8e:a0:05:66:d7:be:
cb:ca:c1:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcvkUriKT6mPJ/r5LIZeNGFkotlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2ZmRiMjE2YjFhZWM3OTU0OTMzMzgxYmExZTg0MmJmMGNmNTkxNjBjN2Zh
ODc5NjJjZjllMjNiNTQ0NjkxMGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFWhqQWGYjgZBy9rRQ7wiR/mpH+eafHsroUCKIbhk3m6OdlV4J0/7+8Qgam
S06JAPtlIvFAQhYoH/9ZAOplAglstIS0K4YAeULXqe2Avna9u20XLlVak44Bwd+h
J11n4clraSs/41ttScXCWQfzIRQqzxM5/xSPPQm7xhzEatQh902lO6H+D78l74lw
OBTQt5BmiSGVTFueKSmaj1133dY/kTppyYYMrHGqKFdONL1PveK9gs/JJRlM2r7S
yf9Ip25o4iGUXLDmhFytq7na16168IAyIeM5ikI+UjaNvoTJEqb/v1hsXXFUIEqb
esyU9cowjjT/rdOnIfimR7zMFwkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS1sLv2
/RtXIRMx1Ntakjqrc5dk5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRmYzE0MmYtODBhMC00ZmE5LWE1ODYtYmQ0NWM3N2FjMzRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoBBXgQ
IDANBgkqhkiG9w0BAQsFAAOCAQEAddcaI7WfTveMhmBqio8B232nffMf0nopUdsU
+xr9n7KEHGbUoUfkKwb2Y5qsniq+HdtHzcac/y/ib1z7BgWlvo5UZet6LbIpnOqn
9mLcwd+TS4sX1J6ZQPNiP02758DISQYikF3C+xqb4oJXn6441z6HFmP40GO0klFQ
xxtBikfxAeEqphzDpWe9vM8sNG+YbuzTtS1Ixv2fsQZuuhcwNFqo3l44yvF7cwMz
sV46O9c/zMXQD7Hw9GniCbN7h+muB17GBzew4GvIbzlUQI3C/7opyPOh7OL16874
8gfB9cw4CMY+ojJ69n8erqkmbi7T//0kVusojqAFZte+y8rBLg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org