Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
File: 69988e45-d4fb-4896-be53-951c20d12c48.roa (raw, json)
Hash identifier: eKxTaNXM/tpC1ImeshilFHYAP+ORqHsuyvcpCYa6Io0=
Subject key identifier: 1A:43:85:1C:22:ED:B6:9F:4A:76:D4:22:A5:3F:3C:28:5D:7C:D4:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D95F484A0DD459F743D41E3D922DD83C3ED7534
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:95:f4:84:a0:dd:45:9f:74:3d:41:e3:d9:22:dd:83:c3:ed:75:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=6823e348cfd639a67293da39614724e6af5ff530ec1131d332df4592e639fe86, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:39:6a:8c:7d:7e:5f:86:db:b4:17:d5:cd:fa:
3a:94:fe:2d:42:e4:e8:c3:f3:d5:a3:4b:b6:31:e6:
c9:02:2e:cb:b5:2a:11:06:cd:62:33:69:40:c7:6b:
03:92:99:81:6e:f4:88:e9:c8:b3:d3:30:e7:cb:8f:
fc:e4:68:1b:22:c1:32:10:2b:2d:a6:38:3f:ed:67:
bb:12:02:f4:7e:4a:97:23:07:10:15:4c:55:8a:91:
3a:b5:0b:d1:f6:0a:9b:1d:12:41:42:92:44:fb:78:
75:93:21:9a:1a:00:19:48:ef:c7:09:be:24:b0:e5:
60:dd:44:91:4b:ee:62:91:bf:1a:03:ba:d9:d1:06:
c3:2c:be:98:81:5b:9e:f9:69:2b:83:c7:0d:f6:77:
fe:de:fc:06:09:d8:51:c4:10:97:07:db:64:13:34:
f6:c6:a9:8f:77:41:bf:83:81:3c:4f:ea:67:50:6f:
da:7b:b3:ff:e2:98:a1:db:f4:3e:d2:f1:f0:47:9b:
22:fd:5a:8b:89:02:b2:a1:94:a6:d7:4b:a0:3b:25:
ae:63:fa:a7:60:f3:da:2a:08:b0:f2:7e:ce:35:47:
8e:90:e5:5e:0a:a6:3c:6e:36:3e:c9:f9:0f:73:1c:
67:c1:63:7d:ab:be:f6:c5:56:60:92:ae:76:49:df:
3f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:43:85:1C:22:ED:B6:9F:4A:76:D4:22:A5:3F:3C:28:5D:7C:D4:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:40:6d:46:6f:a6:2d:e3:1c:30:1d:69:bb:31:65:68:7e:2a:
e7:38:f8:5b:84:09:bd:5a:0f:50:08:cb:7b:ef:37:af:71:75:
92:5d:58:62:57:74:6f:2a:d6:1c:b6:d2:07:4e:98:ba:f4:7b:
b6:20:5f:5a:72:87:07:a3:e0:9d:49:00:ed:06:d6:da:75:f6:
b1:c9:6f:7c:99:79:63:8f:81:65:6d:2e:b9:6d:f0:8e:45:6f:
cb:17:51:6d:78:b8:2a:fa:d1:1a:73:cb:fe:84:a5:ee:ba:76:
e3:29:4d:56:70:e6:0c:81:ea:70:9f:3b:a6:d7:f1:45:68:57:
68:86:aa:37:1e:7b:ee:a1:df:1c:70:9c:1e:ee:85:9d:bb:9a:
1c:a6:6e:a4:73:04:fd:62:5d:4a:84:a0:67:c0:f0:d3:6c:68:
c7:35:38:cd:49:f2:fb:a7:c4:79:9a:33:7a:6e:32:bd:49:f2:
47:eb:2b:f0:34:ae:48:7f:f6:70:ed:7e:ff:4c:44:04:8c:22:
96:60:b4:57:ab:8b:93:8c:24:56:07:b2:3f:f6:05:c6:36:a2:
71:41:86:2c:ab:26:0a:63:e6:06:cf:4c:b5:6a:69:43:0b:22:
64:d6:9d:67:82:7e:13:11:73:4e:16:11:48:6c:7f:59:32:c2:
dc:1b:a4:ce
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUfZX0hKDdRZ90PUHj2SLdg8PtdTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4MjNlMzQ4Y2ZkNjM5YTY3MjkzZGEzOTYxNDcyNGU2YWY1ZmY1MzBlYzEx
MzFkMzMyZGY0NTkyZTYzOWZlODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ05aox9fl+G27QX1c36OpT+LULk6MPz1aNLtjHmyQIuy7UqEQbNYjNpQMdr
A5KZgW70iOnIs9Mw58uP/ORoGyLBMhArLaY4P+1nuxIC9H5KlyMHEBVMVYqROrUL
0fYKmx0SQUKSRPt4dZMhmhoAGUjvxwm+JLDlYN1EkUvuYpG/GgO62dEGwyy+mIFb
nvlpK4PHDfZ3/t78BgnYUcQQlwfbZBM09sapj3dBv4OBPE/qZ1Bv2nuz/+KYodv0
PtLx8EebIv1ai4kCsqGUptdLoDslrmP6p2Dz2ioIsPJ+zjVHjpDlXgqmPG42Psn5
D3McZ8Fjfau+9sVWYJKudknfP0ECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQaQ4Uc
Iu22n0p21CKlPzwoXXzUlzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk5ODhlNDUtZDRmYi00ODk2LWJlNTMtOTUxYzIwZDEyYzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAKFAbUZvpi3jHDAdabsxZWh+Kuc4+FuECb1aD1AI
y3vvN69xdZJdWGJXdG8q1hy20gdOmLr0e7YgX1pyhwej4J1JAO0G1tp19rHJb3yZ
eWOPgWVtLrlt8I5Fb8sXUW14uCr60Rpzy/6Epe66duMpTVZw5gyB6nCfO6bX8UVo
V2iGqjcee+6h3xxwnB7uhZ27mhymbqRzBP1iXUqEoGfA8NNsaMc1OM1J8vunxHma
M3puMr1J8kfrK/A0rkh/9nDtfv9MRASMIpZgtFeri5OMJFYHsj/2BcY2onFBhiyr
Jgpj5gbPTLVqaUMLImTWnWeCfhMRc04WEUhsf1kywtwbpM4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org