Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71a3959f-fe88-470e-a579-701317fd3928.roa
File: 71a3959f-fe88-470e-a579-701317fd3928.roa (raw, json)
Hash identifier: kKXFqv5u+7tnM+KR240k4kOOofJsZ8Cm6QBNlk0d7Hk=
Subject key identifier: A5:94:EC:03:92:5E:71:B8:C5:8C:14:92:66:B7:0C:52:A0:F6:CB:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 498A163DF53033AE44D532AABFDAF7FD572B4D58
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71a3959f-fe88-470e-a579-701317fd3928.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:8a:16:3d:f5:30:33:ae:44:d5:32:aa:bf:da:f7:fd:57:2b:4d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=980f14f1637b3ec5a8f1fb007fb4057580633616fa22823d8d3ffb80fec5aa25, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bf:f3:9f:5f:31:ee:2f:a5:0c:4b:32:3e:55:
47:74:36:8f:45:fc:ef:48:43:6a:ee:4d:9a:65:cc:
92:5c:f5:10:fe:e9:79:87:85:e3:41:f2:39:1d:c6:
af:8e:41:8f:8f:2d:f8:f4:aa:bc:d7:53:94:53:ca:
d6:fa:29:36:27:4d:15:7c:a5:ab:16:be:ff:48:89:
06:f1:eb:fe:67:ae:95:3a:0f:ca:92:b2:ca:1b:84:
c3:3c:28:4d:f2:77:0e:f7:de:b2:67:9a:40:f0:e1:
36:11:94:7c:e8:eb:21:9e:18:64:87:ad:62:fc:9d:
eb:90:9d:42:e7:4b:ae:d8:fc:7c:bd:83:1d:a7:96:
38:a6:28:c9:c6:b8:ff:0e:58:ac:f0:dd:4a:1f:2b:
b7:8a:51:20:66:c6:e1:15:80:25:55:89:3e:7c:67:
2e:25:0d:88:5e:d9:5d:94:2f:6c:fb:de:ab:7c:43:
00:32:bb:90:55:d8:89:c3:35:3b:de:67:c3:0c:e2:
14:a1:82:3c:a9:ec:5a:8c:fe:08:e4:10:8b:6c:00:
83:63:54:17:4f:46:1d:49:5a:a6:45:ad:47:01:04:
17:3c:f0:30:a8:4c:b0:46:a5:d4:7e:c6:dc:53:aa:
92:67:fd:50:f5:da:be:e8:a3:65:67:57:78:84:c8:
95:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:94:EC:03:92:5E:71:B8:C5:8C:14:92:66:B7:0C:52:A0:F6:CB:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71a3959f-fe88-470e-a579-701317fd3928.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:8d:91:2a:92:e8:3e:8e:57:28:88:8c:49:d4:90:95:bd:b2:
88:45:43:1a:d1:37:51:4e:d7:22:20:07:55:ef:30:64:27:7d:
4d:86:4e:c0:7e:b8:72:ce:fc:be:1e:cc:c7:17:66:5d:87:e4:
36:0b:38:a7:6e:08:67:13:90:53:01:1d:2a:85:4a:01:d3:2f:
44:e2:fe:4e:19:73:b2:5b:9b:6e:fe:1f:93:2e:2f:fa:d4:ee:
3c:c9:b6:e1:83:52:86:6e:6f:b7:33:84:84:b3:7e:41:c4:57:
f6:d6:9a:e2:22:9f:63:1e:ca:fd:1f:81:92:82:a5:62:22:13:
06:79:71:05:78:b2:e4:d8:65:ef:5c:fb:a3:ae:ec:17:7a:36:
a9:7e:f9:b4:f2:c3:b7:2b:d5:e0:90:8f:83:7c:0b:90:1f:16:
b7:f8:30:54:5c:6c:aa:ad:e0:19:00:10:2b:07:03:0f:3d:2f:
b2:2e:36:44:1e:30:9d:64:2b:fe:e3:0a:42:09:5c:8e:94:ee:
2a:30:a4:f9:35:e3:41:04:23:64:fa:0b:6e:e3:cb:8b:d6:d5:
f0:35:60:83:75:62:a8:06:1e:40:78:66:a8:cb:b1:ff:7b:14:
15:c7:eb:62:a6:80:dd:bd:43:97:24:45:57:c8:a2:45:0b:0b:
5a:d2:0a:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSYoWPfUwM65E1TKqv9r3/VcrTVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4MGYxNGYxNjM3YjNlYzVhOGYxZmIwMDdmYjQwNTc1ODA2MzM2MTZmYTIy
ODIzZDhkM2ZmYjgwZmVjNWFhMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKu/859fMe4vpQxLMj5VR3Q2j0X870hDau5NmmXMklz1EP7peYeF40HyOR3G
r45Bj48t+PSqvNdTlFPK1vopNidNFXylqxa+/0iJBvHr/meulToPypKyyhuEwzwo
TfJ3DvfesmeaQPDhNhGUfOjrIZ4YZIetYvyd65CdQudLrtj8fL2DHaeWOKYoyca4
/w5YrPDdSh8rt4pRIGbG4RWAJVWJPnxnLiUNiF7ZXZQvbPveq3xDADK7kFXYicM1
O95nwwziFKGCPKnsWoz+COQQi2wAg2NUF09GHUlapkWtRwEEFzzwMKhMsEal1H7G
3FOqkmf9UPXavuijZWdXeITIlQMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSllOwD
kl5xuMWMFJJmtwxSoPbLTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzFhMzk1OWYtZmU4OC00NzBlLWE1NzktNzAxMzE3ZmQzOTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQDJjZEqkug+jlcoiIxJ1JCVvbKIRUMa0TdRTtciIAdV
7zBkJ31Nhk7Afrhyzvy+HszHF2Zdh+Q2CzinbghnE5BTAR0qhUoB0y9E4v5OGXOy
W5tu/h+TLi/61O48ybbhg1KGbm+3M4SEs35BxFf21priIp9jHsr9H4GSgqViIhMG
eXEFeLLk2GXvXPujruwXejapfvm08sO3K9XgkI+DfAuQHxa3+DBUXGyqreAZABAr
BwMPPS+yLjZEHjCdZCv+4wpCCVyOlO4qMKT5NeNBBCNk+gtu48uL1tXwNWCDdWKo
Bh5AeGaoy7H/exQVx+tipoDdvUOXJEVXyKJFCwta0grW
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org