Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
File: b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa (raw, json)
Hash identifier: 8HH/IeC9pFmaCq2dnFajbTp3K8ntf/2oxJ0hqLvL8AI=
Subject key identifier: 46:7B:A4:F1:EB:73:11:6E:A2:CA:8C:2D:C9:D2:81:74:34:AD:7A:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26B935C95C19C9B0C43383D979FBCE1933A8E1E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:b9:35:c9:5c:19:c9:b0:c4:33:83:d9:79:fb:ce:19:33:a8:e1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=fc72f7a0f96623bceb2ecf55125689c53dc7d9a7e129112fc72ba2e0dc7dc4ab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fa:4b:49:83:19:c0:1f:f3:61:fa:83:e3:c1:
69:e3:eb:09:c5:dd:08:f7:62:94:0d:e7:70:dd:01:
5e:f0:c6:e2:29:d6:ac:5a:ad:3f:16:ec:a5:5a:84:
a6:c2:03:2c:ec:78:2e:26:49:28:bb:46:94:7b:9f:
8f:80:76:f4:6c:a8:7f:2f:be:85:88:c1:fc:15:41:
8b:38:71:de:6a:ca:fa:e6:15:6d:df:61:41:73:4f:
84:83:28:a8:27:13:66:fb:4e:e6:87:e4:f7:2b:16:
29:c1:ed:0b:bc:39:08:57:da:f5:cf:42:cf:37:c1:
68:c5:14:f3:83:e2:5e:8f:c9:bd:71:a2:73:ce:6e:
52:ae:ae:1c:02:58:a0:5f:34:c9:98:77:b9:63:ef:
30:e4:fb:18:8d:5e:07:9b:f8:d4:3a:99:b0:be:d8:
e8:6f:3b:fe:4f:01:9e:0b:35:85:b2:8d:65:96:45:
48:51:ca:7a:cb:98:28:a3:81:a7:7b:9d:a4:86:b7:
00:a3:a8:f0:47:aa:89:aa:f8:01:3a:0b:24:3c:8c:
8d:1e:53:2b:ae:9f:0a:81:2d:04:93:4d:c8:f2:14:
62:a9:02:e0:03:ef:cd:a9:c4:15:83:1f:31:00:14:
68:6c:5a:70:b2:cc:f0:e3:1c:4a:f9:54:4e:43:9a:
15:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7B:A4:F1:EB:73:11:6E:A2:CA:8C:2D:C9:D2:81:74:34:AD:7A:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c6:81:92:fc:68:ec:5e:60:c8:26:03:32:bc:09:83:b4:d0:c9:
86:d6:00:f5:fb:8e:95:f6:27:9d:11:7c:44:08:1e:93:a2:39:
06:01:e3:10:ac:ec:79:53:bb:6f:46:ed:f5:d4:ac:58:d0:70:
4d:8c:c8:5e:d7:74:c7:ec:86:9b:a1:c6:82:a6:79:8d:0b:04:
75:f3:ce:71:c9:a0:b5:64:b7:e4:7d:3c:1f:b9:98:65:c6:11:
f1:e4:c9:e4:a5:33:8a:e1:c4:1d:0e:c0:a0:ce:0a:95:e2:ee:
11:68:b5:a5:9f:af:ee:92:bf:d0:18:b2:73:60:71:5b:7a:6d:
2b:23:f9:68:37:4e:46:99:2f:b7:8f:32:92:bc:99:48:a7:c9:
c2:9d:53:f6:77:88:c3:29:7c:12:eb:0e:1d:27:5f:7a:7c:d8:
47:5f:d9:30:d7:54:2f:14:23:f9:36:23:dd:cd:41:7f:c7:bd:
e4:bc:99:dc:9e:14:ca:89:ca:4c:47:0d:2a:94:42:8b:df:93:
10:30:a5:81:d4:a3:e6:5f:2c:04:45:7b:ec:92:bf:14:08:d9:
77:c8:78:63:4e:1a:db:e1:41:b9:53:c1:d6:fa:a5:96:43:78:
d9:3e:15:a8:49:ea:9e:0d:c1:8a:73:0c:24:c7:fd:9f:da:f4:
07:2e:c6:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJrk1yVwZybDEM4PZefvOGTOo4ekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNzJmN2EwZjk2NjIzYmNlYjJlY2Y1NTEyNTY4OWM1M2RjN2Q5YTdlMTI5
MTEyZmM3MmJhMmUwZGM3ZGM0YWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIn6S0mDGcAf82H6g+PBaePrCcXdCPdilA3ncN0BXvDG4inWrFqtPxbspVqE
psIDLOx4LiZJKLtGlHufj4B29Gyofy++hYjB/BVBizhx3mrK+uYVbd9hQXNPhIMo
qCcTZvtO5ofk9ysWKcHtC7w5CFfa9c9CzzfBaMUU84PiXo/JvXGic85uUq6uHAJY
oF80yZh3uWPvMOT7GI1eB5v41DqZsL7Y6G87/k8Bngs1hbKNZZZFSFHKesuYKKOB
p3udpIa3AKOo8Eeqiar4AToLJDyMjR5TK66fCoEtBJNNyPIUYqkC4APvzanEFYMf
MQAUaGxacLLM8OMcSvlUTkOaFYcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGe6Tx
63MRbqLKjC3J0oF0NK16aTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjk0YzAxYWItNzhjOS00ZGVhLTg2MDUtMjA2ZWRmNGY0YWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQDGgZL8aOxeYMgmAzK8CYO00MmG1gD1+46V9iedEXxE
CB6TojkGAeMQrOx5U7tvRu311KxY0HBNjMhe13TH7IabocaCpnmNCwR1885xyaC1
ZLfkfTwfuZhlxhHx5MnkpTOK4cQdDsCgzgqV4u4RaLWln6/ukr/QGLJzYHFbem0r
I/loN05GmS+3jzKSvJlIp8nCnVP2d4jDKXwS6w4dJ196fNhHX9kw11QvFCP5NiPd
zUF/x73kvJncnhTKicpMRw0qlEKL35MQMKWB1KPmXywERXvskr8UCNl3yHhjThrb
4UG5U8HW+qWWQ3jZPhWoSeqeDcGKcwwkx/2f2vQHLsYy
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org