Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa
File: 407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa (raw, json)
Hash identifier: fxsjaBeNWRIq3bTB6EShuPSjRSPFHT8KOLVvA8Tc4sc=
Subject key identifier: D4:64:52:CC:47:57:D6:B3:41:50:75:D4:2B:E7:74:D4:04:46:6C:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 624B856CE55585B43DA5519F3FE766588A98EC4A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa
Signing time: Fri 03 May 2024 00:00:00 +0000
ROA not before: Fri 03 May 2024 00:00:00 +0000
ROA not after: Fri 07 Jun 2024 23:59:59 +0000
asID: 14618
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:4b:85:6c:e5:55:85:b4:3d:a5:51:9f:3f:e7:66:58:8a:98:ec:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 3 00:00:00 2024 GMT
Not After : Jun 7 23:59:59 2024 GMT
Subject: serialNumber=3f32ba36fa1fe252a47e1c9e388da6f9037945067e1df05a24bc39f0d84e5eff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2b:83:31:77:49:a3:f8:10:cd:36:69:5c:cc:
35:38:f1:98:ae:a1:ef:cb:51:11:0f:35:65:dc:5a:
df:f5:24:58:87:bd:7c:bc:b6:28:69:ee:44:52:81:
9a:c3:87:1b:ef:6c:02:9d:eb:3d:aa:81:49:f9:d3:
d6:b9:5f:73:44:de:58:9b:0b:04:a4:c4:7c:c1:fe:
be:d2:4e:0f:62:fb:f4:13:0f:7d:4d:64:b0:b0:99:
0c:9a:5f:c5:0c:ee:4d:f3:23:bd:b8:31:d6:8d:76:
96:15:b3:75:77:b6:59:66:8c:36:a1:72:92:0b:a6:
21:4a:80:ae:02:d0:31:0b:2b:c3:a4:59:a1:7f:fe:
02:a1:d4:07:3a:03:d0:77:45:25:bb:23:7b:48:1f:
e4:d1:c8:3c:23:92:ac:49:a1:e5:9a:b4:57:99:e3:
eb:23:f2:90:89:ff:1b:3f:bd:2d:73:b8:4c:52:08:
39:05:85:c4:b4:9d:8e:88:ee:35:c8:0b:95:60:6b:
a3:db:7f:22:94:27:7a:76:ab:c3:00:38:92:ed:f0:
28:87:98:3b:b8:8d:f8:7b:54:2c:7a:54:fb:aa:e5:
1d:23:ed:b1:e5:1d:fb:1a:7b:72:6c:8a:7e:96:34:
b6:a5:90:fb:0d:75:db:1c:b1:10:e3:2b:80:5d:b7:
71:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:64:52:CC:47:57:D6:B3:41:50:75:D4:2B:E7:74:D4:04:46:6C:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/407c7a6c-acd6-4eb3-9cec-9b8e2f4e8287.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5f:65:4d:45:b8:8d:61:05:2a:a7:bf:93:5f:4d:5d:b4:4f:42:
52:d3:87:60:78:c3:03:6f:a9:a6:0d:9d:d5:55:7f:d5:04:61:
e8:16:5f:2d:ef:4f:c8:f3:67:5e:e3:f2:89:6f:e2:51:c6:aa:
38:09:94:03:cd:45:2d:08:db:28:74:aa:fd:cb:59:64:3e:e1:
5d:96:a1:0d:99:e1:06:4a:1d:57:96:1c:ae:73:9d:80:84:88:
b8:c2:bc:6c:b9:39:24:6f:0e:6f:29:8a:10:12:7c:7b:64:24:
63:3a:cf:a5:31:17:0a:0a:ca:51:d8:72:a6:6f:3a:ea:37:10:
45:aa:32:fa:e7:c8:16:29:35:79:6b:c1:7f:e4:9d:96:37:32:
e3:1b:59:84:53:89:19:db:49:34:44:7c:66:13:15:e4:a0:d8:
3d:6c:0f:2b:f3:9e:76:eb:e8:f8:6d:1f:f8:72:c4:09:be:77:
46:d9:61:05:0c:09:d3:ab:b0:f6:03:2f:68:04:97:1a:fc:a6:
93:81:26:79:05:4e:92:98:dd:95:a1:c1:1a:65:3a:a1:4a:65:
3d:df:bc:ab:a3:c2:78:8a:6f:1d:32:f6:7c:30:82:40:6f:12:
0d:9d:16:be:e2:a9:2d:d6:8f:76:ce:f1:a5:25:f9:c2:6f:39:
11:7a:34:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYkuFbOVVhbQ9pVGfP+dmWIqY7EowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MDMwMDAwMDBaFw0yNDA2MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMzJiYTM2ZmExZmUyNTJhNDdlMWM5ZTM4OGRhNmY5MDM3OTQ1MDY3ZTFk
ZjA1YTI0YmMzOWYwZDg0ZTVlZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIrgzF3SaP4EM02aVzMNTjxmK6h78tREQ81Zdxa3/UkWIe9fLy2KGnuRFKB
msOHG+9sAp3rPaqBSfnT1rlfc0TeWJsLBKTEfMH+vtJOD2L79BMPfU1ksLCZDJpf
xQzuTfMjvbgx1o12lhWzdXe2WWaMNqFykgumIUqArgLQMQsrw6RZoX/+AqHUBzoD
0HdFJbsje0gf5NHIPCOSrEmh5Zq0V5nj6yPykIn/Gz+9LXO4TFIIOQWFxLSdjoju
NcgLlWBro9t/IpQnenarwwA4ku3wKIeYO7iN+HtULHpU+6rlHSPtseUd+xp7cmyK
fpY0tqWQ+w112xyxEOMrgF23cScCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTUZFLM
R1fWs0FQddQr53TUBEZsPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDA3YzdhNmMtYWNkNi00ZWIzLTljZWMtOWI4ZTJmNGU4Mjg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAX2VNRbiNYQUqp7+TX01dtE9CUtOHYHjDA2+ppg2d
1VV/1QRh6BZfLe9PyPNnXuPyiW/iUcaqOAmUA81FLQjbKHSq/ctZZD7hXZahDZnh
BkodV5YcrnOdgISIuMK8bLk5JG8ObymKEBJ8e2QkYzrPpTEXCgrKUdhypm866jcQ
Raoy+ufIFik1eWvBf+Sdljcy4xtZhFOJGdtJNER8ZhMV5KDYPWwPK/Oeduvo+G0f
+HLECb53RtlhBQwJ06uw9gMvaASXGvymk4EmeQVOkpjdlaHBGmU6oUplPd+8q6PC
eIpvHTL2fDCCQG8SDZ0WvuKpLdaPds7xpSX5wm85EXo0zQ==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org