Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
File: 23d2e691-eee3-420e-8551-96a899136326.roa (raw, json)
Hash identifier: k9g6/AyjKidIDHjJOXAP3tJLzsXquWkAHTFX/DhF2nM=
Subject key identifier: FA:93:76:EC:D7:9E:93:F1:73:62:6C:B4:41:65:BB:EC:06:1B:18:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6492F04480FE253A0E5550195ED42F2D6437B882
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:92:f0:44:80:fe:25:3a:0e:55:50:19:5e:d4:2f:2d:64:37:b8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=a8795ddd69d3362f8a24246d30ebcad15e0676bb3ed52780764a1f670916ee62, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ca:bd:6e:1a:2c:4b:94:a4:fe:fc:bd:1a:c0:
20:77:db:f3:c6:be:12:52:8a:0a:25:b6:5e:e0:03:
d4:36:83:51:7d:a6:00:fe:1e:37:a2:6e:bc:0e:81:
03:9a:e2:9b:05:8b:77:4d:ee:92:ca:c0:7c:da:44:
68:99:2e:ea:4d:23:6f:a9:d3:f2:97:1f:32:34:d0:
77:27:ef:95:91:23:3f:76:26:0a:43:fd:2e:1c:e2:
1d:bc:ce:7e:35:62:ae:78:ef:d0:9f:99:12:f7:c8:
9d:1e:63:50:15:e1:fd:98:94:87:63:47:39:30:14:
62:2c:66:56:c0:b7:3c:30:27:c6:bc:6c:6a:07:84:
c1:04:ae:91:83:f2:68:45:16:49:4b:8f:d1:db:d3:
7f:31:f7:4e:8f:a6:d1:b2:b1:b1:1e:86:42:f6:4a:
7c:73:5d:66:6d:19:56:55:4a:78:55:d1:ac:56:ee:
6f:72:95:f9:f8:00:ba:5b:51:63:b0:bc:c7:95:4b:
17:33:bd:e8:43:4f:14:ed:57:b2:4b:45:dc:9a:72:
2c:99:70:3c:5b:c4:f7:4c:60:8a:83:db:96:d5:28:
a4:2e:b9:74:a4:96:99:b6:3a:d1:65:7f:f4:8f:df:
67:42:b6:31:94:6b:1a:84:60:53:0d:ec:29:15:42:
5f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:93:76:EC:D7:9E:93:F1:73:62:6C:B4:41:65:BB:EC:06:1B:18:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
d2:c1:77:51:e0:dd:c8:be:7c:0f:37:79:f9:a2:91:c7:79:89:
ab:f1:2a:5d:57:90:39:4c:d5:a7:48:1b:a0:f2:3f:2f:12:aa:
24:43:9e:a7:fb:f5:ad:73:34:7d:7c:ad:2e:12:6a:3f:3d:87:
64:b3:30:f2:42:cc:04:ba:8e:e8:e0:b1:6e:16:8e:61:db:8b:
24:27:d0:d9:d1:b6:2a:28:11:25:2c:4e:61:a7:ed:3a:16:1c:
15:02:7b:be:38:7b:00:81:89:89:b6:19:a0:5f:e2:6b:bf:5e:
38:1f:c9:5c:5e:93:54:c2:91:10:98:be:ba:c6:cd:61:7b:5b:
df:05:8d:25:61:56:29:7f:da:a2:99:dd:fe:28:d5:39:10:96:
cc:91:53:27:cb:5b:0b:bb:1c:09:c5:86:20:70:e6:5b:9a:bb:
eb:4f:86:6c:e9:b3:5f:50:e3:5f:b1:e8:ae:ab:8a:95:0f:48:
90:fe:ed:36:23:8a:b9:84:a4:e9:a1:db:9d:f4:a0:43:e3:d7:
5e:16:e4:2d:e9:07:22:a6:60:ff:0c:2a:da:7f:74:b9:f7:11:
97:37:68:42:df:fd:a5:0e:26:73:46:bc:16:86:45:cc:6e:61:
54:df:3c:c4:c3:45:9f:e3:24:45:7d:02:73:56:2b:39:95:c2:
19:4b:6f:0e
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUZJLwRID+JToOVVAZXtQvLWQ3uIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4Nzk1ZGRkNjlkMzM2MmY4YTI0MjQ2ZDMwZWJjYWQxNWUwNjc2YmIzZWQ1
Mjc4MDc2NGExZjY3MDkxNmVlNjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLKvW4aLEuUpP78vRrAIHfb88a+ElKKCiW2XuAD1DaDUX2mAP4eN6JuvA6B
A5rimwWLd03uksrAfNpEaJku6k0jb6nT8pcfMjTQdyfvlZEjP3YmCkP9LhziHbzO
fjVirnjv0J+ZEvfInR5jUBXh/ZiUh2NHOTAUYixmVsC3PDAnxrxsageEwQSukYPy
aEUWSUuP0dvTfzH3To+m0bKxsR6GQvZKfHNdZm0ZVlVKeFXRrFbub3KV+fgAultR
Y7C8x5VLFzO96ENPFO1XsktF3JpyLJlwPFvE90xgioPbltUopC65dKSWmbY60WV/
9I/fZ0K2MZRrGoRgUw3sKRVCX+MCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBT6k3bs
156T8XNibLRBZbvsBhsY5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjNkMmU2OTEtZWVlMy00MjBlLTg1NTEtOTZhODk5MTM2MzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBANLBd1Hg3ci+fA83efmikcd5iavxKl1XkDlM1adI
G6DyPy8SqiRDnqf79a1zNH18rS4Saj89h2SzMPJCzAS6jujgsW4WjmHbiyQn0NnR
tiooESUsTmGn7ToWHBUCe744ewCBiYm2GaBf4mu/XjgfyVxek1TCkRCYvrrGzWF7
W98FjSVhVil/2qKZ3f4o1TkQlsyRUyfLWwu7HAnFhiBw5luau+tPhmzps19Q41+x
6K6ripUPSJD+7TYjirmEpOmh2530oEPj114W5C3pByKmYP8MKtp/dLn3EZc3aELf
/aUOJnNGvBaGRcxuYVTfPMTDRZ/jJEV9AnNWKzmVwhlLbw4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org