Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
File: 6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa (raw, json)
Hash identifier: HoYozpq/QV4Ynwa6LwDyc962bUekqOVm/IK9EjELPjE=
Subject key identifier: B2:D8:43:F3:20:3D:8B:F5:47:43:1F:28:51:59:76:0F:F1:2B:CD:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E56F8E25FC926EA3824C28624F6D7805A28F734
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1010::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:56:f8:e2:5f:c9:26:ea:38:24:c2:86:24:f6:d7:80:5a:28:f7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=7ab97799f2edee1f27ec9d4c0c688a3153bf786954e8937ebb05ed11d2a3dd4c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d5:f0:24:0c:3c:c8:b5:cf:83:91:de:55:56:
49:d7:8f:1e:52:f7:b6:71:05:0f:c9:74:27:ad:fd:
19:81:6c:d7:e1:f3:8a:b3:6d:25:b0:ef:38:5f:0a:
ce:d0:93:c7:b7:37:2e:61:2c:dc:71:3a:ba:20:0c:
63:b8:c3:8e:57:67:a3:33:55:07:67:db:ec:54:f0:
b8:78:4c:6c:c4:d1:9f:e0:cd:61:b3:7e:09:ce:7f:
0b:72:ef:fb:dc:ca:ed:81:c8:35:f0:e4:aa:ca:33:
4a:b1:f9:da:67:55:5c:ba:97:60:59:61:02:1c:04:
1d:94:51:77:63:2f:04:8b:69:d5:3f:83:4e:65:b0:
bf:d9:0f:df:47:2c:81:67:e6:3d:5a:61:29:f5:b3:
01:8d:f6:fe:b7:7e:59:f8:84:35:93:7b:e1:e3:d0:
f7:d3:a5:b3:7c:a9:9f:a4:62:ef:2e:63:c5:f8:03:
b8:8c:44:bc:6b:4c:a2:5d:50:7c:d4:fc:ac:20:38:
07:23:a0:32:9c:14:f9:90:5a:5d:3e:3a:3b:e3:32:
e9:d4:e9:0f:e3:8f:32:29:f1:8d:fe:39:0b:e1:17:
96:59:99:5a:69:e5:17:29:3c:e9:cc:bb:d5:61:e6:
19:80:b2:20:ed:e9:02:24:ef:8b:57:5d:7e:29:6e:
03:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D8:43:F3:20:3D:8B:F5:47:43:1F:28:51:59:76:0F:F1:2B:CD:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f7eb0e6-fbf6-4872-8a70-838cbba40e6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1010::/44
Signature Algorithm: sha256WithRSAEncryption
ac:e3:15:8b:ac:96:1a:25:bb:6e:f8:3c:2a:1d:f9:a4:43:7c:
77:50:3a:cc:98:29:ee:ef:aa:a0:5d:5d:53:ba:6a:bb:d4:64:
67:48:f2:62:33:65:0b:f9:10:9a:c6:f9:a9:55:f8:d5:53:ec:
ca:33:e7:23:a9:cd:39:e7:5b:c6:7c:c8:06:a7:0b:3c:52:62:
c9:3b:f9:a2:61:94:2f:2f:d5:34:89:57:d5:af:9b:07:f5:67:
6e:31:45:a9:aa:45:83:c8:19:d3:f9:c3:b9:d2:fe:cc:06:dc:
0d:25:32:c9:b6:74:b6:46:a6:b3:d0:dd:41:88:25:b3:13:77:
f3:65:a5:bf:fc:6d:e0:14:91:d4:63:c6:c5:a8:a8:6e:6a:d7:
93:92:01:19:75:35:7c:79:50:46:b6:b3:87:82:35:91:74:30:
f6:21:ba:81:6e:7d:ed:a4:ef:c8:f8:4e:bd:4c:5f:df:5c:81:
c0:b2:4f:69:2f:a6:cd:5c:09:67:24:ef:81:1e:55:be:3e:46:
de:bc:e6:9d:d5:50:aa:2b:6b:87:af:04:52:6f:57:e8:09:05:
f6:d2:fd:3c:e5:07:0b:e3:c1:99:a5:2c:87:e1:20:2b:93:ac:
b5:a2:67:21:ab:56:46:93:ee:8f:eb:d7:44:8f:89:02:09:14:
0e:76:d8:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTlb44l/JJuo4JMKGJPbXgFoo9zQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhYjk3Nzk5ZjJlZGVlMWYyN2VjOWQ0YzBjNjg4YTMxNTNiZjc4Njk1NGU4
OTM3ZWJiMDVlZDExZDJhM2RkNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAILV8CQMPMi1z4OR3lVWSdePHlL3tnEFD8l0J639GYFs1+HzirNtJbDvOF8K
ztCTx7c3LmEs3HE6uiAMY7jDjldnozNVB2fb7FTwuHhMbMTRn+DNYbN+Cc5/C3Lv
+9zK7YHINfDkqsozSrH52mdVXLqXYFlhAhwEHZRRd2MvBItp1T+DTmWwv9kP30cs
gWfmPVphKfWzAY32/rd+WfiENZN74ePQ99Ols3ypn6Ri7y5jxfgDuIxEvGtMol1Q
fNT8rCA4ByOgMpwU+ZBaXT46O+My6dTpD+OPMinxjf45C+EXllmZWmnlFyk86cy7
1WHmGYCyIO3pAiTvi1ddfiluA5sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSy2EPz
ID2L9UdDHyhRWXYP8SvNhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmY3ZWIwZTYtZmJmNi00ODcyLThhNzAtODM4Y2JiYTQwZTZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoBBXgQ
EDANBgkqhkiG9w0BAQsFAAOCAQEArOMVi6yWGiW7bvg8Kh35pEN8d1A6zJgp7u+q
oF1dU7pqu9RkZ0jyYjNlC/kQmsb5qVX41VPsyjPnI6nNOedbxnzIBqcLPFJiyTv5
omGULy/VNIlX1a+bB/VnbjFFqapFg8gZ0/nDudL+zAbcDSUyybZ0tkams9DdQYgl
sxN382Wlv/xt4BSR1GPGxaiobmrXk5IBGXU1fHlQRrazh4I1kXQw9iG6gW597aTv
yPhOvUxf31yBwLJPaS+mzVwJZyTvgR5Vvj5G3rzmndVQqitrh68EUm9X6AkF9tL9
POUHC+PBmaUsh+EgK5OstaJnIatWRpPuj+vXRI+JAgkUDnbYaw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org