Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
File: 28d63060-33be-4a3e-88dd-24f87af67dd4.roa (raw, json)
Hash identifier: LcHMQwOHOcFsvsSxUHjwiuId9Hk+pucfDS8I7Isd4ZQ=
Subject key identifier: 6E:84:3C:AD:85:07:A6:E0:3F:8D:01:13:5D:9F:2E:4A:CE:33:97:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55A427685768B65CC366E32BBA52C521D26D612A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:a4:27:68:57:68:b6:5c:c3:66:e3:2b:ba:52:c5:21:d2:6d:61:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=324e248e2b267f03e67c8b881039b131d84a63c53c1a8faa75ffaa4e678ba9a1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:65:fe:88:90:d6:c5:df:15:37:50:8f:73:d9:
42:42:7e:f2:6e:61:87:f3:75:92:69:2f:c2:5e:d2:
be:91:4d:c6:4a:d3:93:71:1d:72:1f:94:7a:35:6f:
4a:a5:bb:9c:6f:d2:ce:c9:b0:9e:dd:08:73:4f:03:
13:d7:86:e3:69:5c:3b:31:89:1b:2e:aa:3b:4f:69:
f7:84:c5:4c:73:87:71:6c:86:ea:cd:1a:e8:ef:75:
e6:18:95:85:78:ac:7b:b3:c8:73:b4:47:6b:31:73:
81:3b:11:05:34:e9:88:09:05:0e:2d:88:bb:b3:6f:
47:1f:87:a3:8e:7c:b6:32:07:9f:9e:73:a1:a5:4a:
d0:52:d6:34:72:33:29:46:c0:61:24:ba:b2:1f:c2:
1f:3c:33:e7:c5:5d:0d:96:48:f3:6c:0b:58:91:6e:
07:7f:36:be:fd:eb:75:ae:60:8b:3d:b9:20:06:cf:
fc:e3:8a:56:c0:4a:a1:8c:0a:06:7e:49:eb:f6:73:
4b:54:4e:98:9f:5c:61:ea:6b:e8:5b:32:8a:0f:76:
2f:13:49:4c:24:98:9d:88:62:ee:b5:8d:2d:76:38:
df:24:55:35:91:7e:dc:62:d3:32:13:e7:6c:c3:b7:
1c:ef:d1:6b:8e:f7:da:f3:17:58:68:a1:a7:27:7c:
21:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:84:3C:AD:85:07:A6:E0:3F:8D:01:13:5D:9F:2E:4A:CE:33:97:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
22:17:83:e7:31:5d:c4:62:f2:9f:ab:5b:c8:e8:6d:14:4e:60:
0a:df:d7:14:22:62:cb:34:8e:02:66:70:0f:a9:05:08:73:77:
44:40:e0:f8:50:e4:ee:e9:f6:64:c9:ce:94:80:51:11:bd:91:
3f:66:cf:91:b3:8f:1f:eb:ff:16:93:9a:9a:3e:46:33:dc:f7:
e4:75:b7:3f:3b:09:32:65:8b:f5:03:e1:24:b6:a7:b9:e4:37:
b5:68:30:b6:69:62:f2:d0:9d:d8:7e:5a:7b:46:af:c6:0c:3b:
8e:fa:ed:f1:4a:03:8a:a7:a2:a0:4a:79:8b:f7:d7:86:7f:a2:
18:16:22:55:86:c1:83:92:d3:59:10:bd:fa:7d:64:74:c5:f6:
f0:77:b9:72:c9:75:c6:65:49:ed:57:a8:b4:ec:9c:9e:3d:01:
b9:04:67:e7:ae:5a:97:4e:36:fc:59:b0:0b:df:fb:83:b7:77:
12:98:35:63:ab:e9:82:7a:9c:4c:b1:56:35:ee:ac:a1:57:70:
c6:2d:53:54:ce:97:57:18:b5:a9:d7:55:4b:59:79:5c:20:6b:
74:7b:21:27:f2:5a:11:43:d4:bd:20:30:de:c8:9a:1e:9c:da:
34:ce:3a:8c:ec:98:d3:cf:6f:82:06:1c:1e:db:68:f1:86:20:
d8:e7:b9:c5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVaQnaFdotlzDZuMrulLFIdJtYSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyNGUyNDhlMmIyNjdmMDNlNjdjOGI4ODEwMzliMTMxZDg0YTYzYzUzYzFh
OGZhYTc1ZmZhYTRlNjc4YmE5YTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVl/oiQ1sXfFTdQj3PZQkJ+8m5hh/N1kmkvwl7SvpFNxkrTk3Edch+UejVv
SqW7nG/Szsmwnt0Ic08DE9eG42lcOzGJGy6qO09p94TFTHOHcWyG6s0a6O915hiV
hXise7PIc7RHazFzgTsRBTTpiAkFDi2Iu7NvRx+Ho458tjIHn55zoaVK0FLWNHIz
KUbAYSS6sh/CHzwz58VdDZZI82wLWJFuB382vv3rda5giz25IAbP/OOKVsBKoYwK
Bn5J6/ZzS1ROmJ9cYepr6Fsyig92LxNJTCSYnYhi7rWNLXY43yRVNZF+3GLTMhPn
bMO3HO/Ra4732vMXWGihpyd8IUMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRuhDyt
hQem4D+NARNdny5KzjOX/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjhkNjMwNjAtMzNiZS00YTNlLTg4ZGQtMjRmODdhZjY3ZGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIheD5zFdxGLyn6tbyOhtFE5gCt/XFCJiyzSOAmZw
D6kFCHN3REDg+FDk7un2ZMnOlIBREb2RP2bPkbOPH+v/FpOamj5GM9z35HW3PzsJ
MmWL9QPhJLanueQ3tWgwtmli8tCd2H5ae0avxgw7jvrt8UoDiqeioEp5i/fXhn+i
GBYiVYbBg5LTWRC9+n1kdMX28He5csl1xmVJ7VeotOycnj0BuQRn565al042/Fmw
C9/7g7d3Epg1Y6vpgnqcTLFWNe6soVdwxi1TVM6XVxi1qddVS1l5XCBrdHshJ/Ja
EUPUvSAw3siaHpzaNM46jOyY089vggYcHtto8YYg2Oe5xQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org