Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
File: 5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa (raw, json)
Hash identifier: cQQF2209aHX3Q+xBTXJkx5soxC67sm4EtkJcC/8V/VQ=
Subject key identifier: 83:82:D1:DA:D6:1F:24:FE:18:53:CD:57:64:B7:4A:7D:1B:ED:C4:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F25E09C12DBFD837519DDC4C255BC205DF07313
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:25:e0:9c:12:db:fd:83:75:19:dd:c4:c2:55:bc:20:5d:f0:73:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=6bc1ae53e9da5f68d09ca5a92e588f2414c90438a0889a1b56d52445d0ccef9f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:b8:4c:9c:ed:b9:db:34:2b:69:ac:11:9a:
1a:e4:70:2f:63:1b:de:b1:fc:2f:5a:55:76:9a:8c:
21:be:0c:3e:83:16:b9:25:55:11:eb:0a:65:b2:16:
db:b2:4f:5d:bd:91:11:cd:75:92:3e:27:15:f7:00:
54:98:ca:ad:4d:2f:3f:d1:59:7a:d0:39:69:85:51:
a1:b4:d2:94:11:51:fc:ab:d2:b6:8b:4d:aa:14:e4:
e4:2d:0a:4f:16:80:82:bd:1f:de:50:18:77:cb:ab:
14:1d:74:03:b4:c2:41:26:ec:d4:d1:5b:26:0b:8f:
86:ed:d9:66:2c:ca:21:2f:6c:ce:40:a4:ea:0d:f9:
9f:43:23:bd:df:b7:f8:0e:3e:5c:9e:ce:77:99:3e:
93:4f:e6:63:49:fb:b5:94:c1:4d:65:fb:c6:e3:c8:
76:95:97:28:e0:d4:a8:f2:c7:2a:1f:34:26:7b:66:
6f:fc:4f:0f:51:71:95:43:56:91:c4:95:fd:a5:96:
aa:08:07:5a:22:f3:a3:80:68:3a:ee:ff:e3:00:3d:
7f:be:09:88:df:f0:9b:d9:02:7e:63:55:58:f7:53:
bf:2f:bf:df:c0:f7:aa:b5:83:99:5a:3f:98:d8:ea:
f0:f3:e6:fd:23:08:f9:c9:34:11:1c:04:e2:89:3c:
42:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:82:D1:DA:D6:1F:24:FE:18:53:CD:57:64:B7:4A:7D:1B:ED:C4:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:c2:3c:77:3b:40:13:ed:12:f7:42:4a:6f:ed:7e:4a:5f:5d:
99:4a:41:10:91:b6:39:b5:63:7e:e8:40:c6:39:6e:fc:e5:46:
9e:8a:9b:4a:de:c0:d7:3a:21:d3:6c:9f:3b:eb:45:94:19:32:
b9:38:f7:39:1b:dc:d0:1b:42:57:82:64:b4:f5:59:73:d6:e1:
67:ba:70:07:d5:a4:f4:f9:ee:23:0e:40:0f:69:fc:08:6e:02:
3c:98:c6:5c:0e:2f:eb:75:2c:3d:b9:a9:2e:24:2d:e1:f3:8e:
a5:02:23:d3:28:a6:26:cc:29:e0:db:1a:a6:5a:89:d0:ce:65:
ea:b9:7d:d7:11:3e:6c:6e:56:34:08:47:1d:50:0c:6e:a3:d2:
eb:82:02:c9:61:92:f6:76:56:84:11:1e:21:26:87:73:cd:38:
b9:75:3c:db:af:2a:a4:53:b4:71:7e:c7:d1:82:56:fe:73:0a:
b7:e2:c2:d5:08:b6:26:d9:51:b4:f0:72:16:97:bc:78:2e:07:
b1:7e:92:45:b0:4b:d7:cb:d7:18:72:7c:b8:e9:ec:dc:b4:91:
31:4d:72:2c:31:1d:95:12:de:45:ca:7a:41:f1:b0:ad:da:8b:
e4:a3:57:74:ff:3b:77:0f:6d:6e:d4:3f:ad:2b:f5:6d:29:99:
59:aa:4c:20
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfyXgnBLb/YN1Gd3EwlW8IF3wcxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiYzFhZTUzZTlkYTVmNjhkMDljYTVhOTJlNTg4ZjI0MTRjOTA0MzhhMDg4
OWExYjU2ZDUyNDQ1ZDBjY2VmOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzeuEyc7bnbNCtprBGaGuRwL2Mb3rH8L1pVdpqMIb4MPoMWuSVVEesKZbIW
27JPXb2REc11kj4nFfcAVJjKrU0vP9FZetA5aYVRobTSlBFR/KvStotNqhTk5C0K
TxaAgr0f3lAYd8urFB10A7TCQSbs1NFbJguPhu3ZZizKIS9szkCk6g35n0Mjvd+3
+A4+XJ7Od5k+k0/mY0n7tZTBTWX7xuPIdpWXKODUqPLHKh80Jntmb/xPD1FxlUNW
kcSV/aWWqggHWiLzo4BoOu7/4wA9f74JiN/wm9kCfmNVWPdTvy+/38D3qrWDmVo/
mNjq8PPm/SMI+ck0ERwE4ok8QvUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDgtHa
1h8k/hhTzVdkt0p9G+3EMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNlZWE0NTYtNDNkYS00ZmI0LTk1ZjYtZTFiN2IyZTNmNjFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQBFwjx3O0AT7RL3Qkpv7X5KX12ZSkEQkbY5tWN+6EDG
OW785UaeiptK3sDXOiHTbJ8760WUGTK5OPc5G9zQG0JXgmS09Vlz1uFnunAH1aT0
+e4jDkAPafwIbgI8mMZcDi/rdSw9uakuJC3h846lAiPTKKYmzCng2xqmWonQzmXq
uX3XET5sblY0CEcdUAxuo9LrggLJYZL2dlaEER4hJodzzTi5dTzbryqkU7RxfsfR
glb+cwq34sLVCLYm2VG08HIWl7x4LgexfpJFsEvXy9cYcny46ezctJExTXIsMR2V
Et5FynpB8bCt2ovko1d0/zt3D21u1D+tK/VtKZlZqkwg
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org