Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7460c452-c09b-4ef6-8122-f8bcc7d719ef.roa
File: 7460c452-c09b-4ef6-8122-f8bcc7d719ef.roa (raw, json)
Hash identifier: qlPMwsb8ud4yexc+2kP6Zq/ltUnAFPTl+zofxDztBvQ=
Subject key identifier: 00:8F:0B:13:05:6A:B4:48:94:17:8E:76:82:33:59:1D:9D:E4:89:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15E9E1BE80483E3B46D25E6124016E9A8DED169B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7460c452-c09b-4ef6-8122-f8bcc7d719ef.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:e9:e1:be:80:48:3e:3b:46:d2:5e:61:24:01:6e:9a:8d:ed:16:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=fd2169998a001942e3fba4c469348d13f062de0db6deabb269b838c81b7b00de, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fe:f9:cf:dd:7c:c4:9d:25:0a:16:60:06:31:
13:51:0b:34:dd:e7:b7:24:a1:b2:f4:77:97:76:fd:
05:7e:bb:f8:aa:5a:56:0a:41:01:eb:26:be:f3:9b:
db:1b:4a:71:22:04:8a:b8:31:42:58:89:6b:7d:be:
71:2f:14:27:0e:43:15:9b:d6:b0:36:f7:b1:49:cf:
67:11:88:9c:63:1b:26:ae:73:65:67:9d:c0:fa:04:
3a:40:66:fe:5a:2f:fd:79:03:58:40:46:c5:d9:e1:
43:9b:4a:2f:97:b8:89:f4:36:8a:6c:0c:28:28:a0:
8a:af:43:a3:d6:a3:1b:f3:59:b6:b1:37:71:41:be:
b8:73:d6:1f:cd:6f:16:7c:2e:86:78:4c:74:c2:9f:
2d:cd:3e:54:bd:4f:ef:55:73:7c:56:8f:3f:d0:9e:
f8:68:89:e6:c1:c3:f6:57:e4:6a:5b:19:b2:07:d1:
22:e0:1c:03:df:63:80:34:ab:af:68:cb:7d:db:fa:
05:0d:80:5f:d8:c3:ee:b7:04:ac:f5:f1:49:08:0c:
90:b4:cb:5d:4b:0d:64:31:47:0d:8d:f0:f3:ba:dc:
01:fa:d9:a2:2e:42:2f:5b:ca:c6:af:41:8c:34:95:
75:cf:cd:97:18:30:42:bf:94:1c:f5:44:06:62:13:
e1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8F:0B:13:05:6A:B4:48:94:17:8E:76:82:33:59:1D:9D:E4:89:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7460c452-c09b-4ef6-8122-f8bcc7d719ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/36
Signature Algorithm: sha256WithRSAEncryption
5c:ab:f6:f9:b0:2e:f3:1d:a6:c9:f3:98:83:f8:74:8b:26:14:
17:5e:5d:3d:80:01:f3:c9:b4:54:85:85:e2:68:c5:4b:b8:76:
e5:f7:31:c1:ea:22:1b:bc:73:ff:12:01:6d:cc:92:b2:12:e7:
2f:c1:4e:77:e9:44:f2:00:ca:1c:5b:0a:86:22:78:e1:93:57:
22:89:19:fc:96:f8:f8:1f:18:32:ed:4d:a8:7f:9f:35:fe:47:
7e:ba:b5:6e:91:05:32:17:9c:e4:93:eb:fb:48:c3:24:94:16:
de:20:10:50:dd:9b:30:eb:f6:43:9a:69:6f:5a:4d:ab:86:28:
58:a4:2e:7e:b8:a9:ab:a7:6f:e8:8d:80:15:db:55:b5:e2:0d:
0d:f2:eb:25:03:9c:f0:31:c0:b8:42:e3:22:36:d4:6c:f8:18:
fc:51:42:b1:81:b1:4a:49:78:ab:5e:a1:97:53:e6:24:ab:08:
92:ab:e9:96:20:d2:c9:70:18:df:e7:0d:47:a2:4e:9d:c1:1a:
86:ad:55:04:ca:2c:a5:a8:f9:e0:8b:2e:0a:47:4d:87:b6:80:
9b:66:14:91:16:ef:d4:7b:0b:6a:7e:c6:e6:3f:20:d9:2d:e7:
78:b7:c5:51:46:ee:22:c1:54:2f:1a:68:bf:62:80:98:c1:df:
02:7b:dd:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFenhvoBIPjtG0l5hJAFumo3tFpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMjE2OTk5OGEwMDE5NDJlM2ZiYTRjNDY5MzQ4ZDEzZjA2MmRlMGRiNmRl
YWJiMjY5YjgzOGM4MWI3YjAwZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMv++c/dfMSdJQoWYAYxE1ELNN3ntyShsvR3l3b9BX67+KpaVgpBAesmvvOb
2xtKcSIEirgxQliJa32+cS8UJw5DFZvWsDb3sUnPZxGInGMbJq5zZWedwPoEOkBm
/lov/XkDWEBGxdnhQ5tKL5e4ifQ2imwMKCigiq9Do9ajG/NZtrE3cUG+uHPWH81v
FnwuhnhMdMKfLc0+VL1P71VzfFaPP9Ce+GiJ5sHD9lfkalsZsgfRIuAcA99jgDSr
r2jLfdv6BQ2AX9jD7rcErPXxSQgMkLTLXUsNZDFHDY3w87rcAfrZoi5CL1vKxq9B
jDSVdc/NlxgwQr+UHPVEBmIT4ZkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQAjwsT
BWq0SJQXjnaCM1kdneSJhzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzQ2MGM0NTItYzA5Yi00ZWY2LTgxMjItZjhiY2M3ZDcxOWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoBBXgA
MA0GCSqGSIb3DQEBCwUAA4IBAQBcq/b5sC7zHabJ85iD+HSLJhQXXl09gAHzybRU
hYXiaMVLuHbl9zHB6iIbvHP/EgFtzJKyEucvwU536UTyAMocWwqGInjhk1ciiRn8
lvj4Hxgy7U2of581/kd+urVukQUyF5zkk+v7SMMklBbeIBBQ3Zsw6/ZDmmlvWk2r
hihYpC5+uKmrp2/ojYAV21W14g0N8uslA5zwMcC4QuMiNtRs+Bj8UUKxgbFKSXir
XqGXU+YkqwiSq+mWINLJcBjf5w1Hok6dwRqGrVUEyiylqPngiy4KR02HtoCbZhSR
Fu/UewtqfsbmPyDZLed4t8VRRu4iwVQvGmi/YoCYwd8Ce929
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org