Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa
File: d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa (raw, json)
Hash identifier: GQ5TQ/Gl51d8ieYoIyJyvMR/0TMh7kAIYGW9fLs+2ek=
Subject key identifier: 2E:B6:3C:88:E7:67:F0:E5:4D:AD:56:40:E1:E0:E8:AC:2A:47:DE:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 777E083CD1F93EB34737A38D1712A8C08AD8C1A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:7e:08:3c:d1:f9:3e:b3:47:37:a3:8d:17:12:a8:c0:8a:d8:c1:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=eaafde003ff733f4d02c77c7b654215d50fbcbc8ede38aa11044c3efd768ab47, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:24:fd:62:bd:ee:81:34:b7:0c:4d:f7:2a:ab:
9d:5a:1f:96:1c:3f:20:95:f7:f5:04:99:25:7c:05:
2d:e5:d8:b5:6d:96:3c:d3:ac:c7:fd:c9:9e:f8:64:
02:34:3a:35:f0:63:11:c9:05:0d:ba:01:e6:44:ca:
7e:ec:f2:f7:2f:c9:fc:41:fa:7c:70:2a:e8:8f:ba:
a8:98:3b:c5:52:3a:fb:b7:f9:5f:01:69:5b:b3:60:
15:fa:d9:10:6e:9e:32:38:88:84:96:69:c1:1c:86:
9d:2c:ed:d1:3c:14:fe:0f:79:c6:f6:f7:5f:db:bc:
ec:83:54:ef:a8:cc:2a:8d:1f:a3:7a:83:53:f3:1f:
e3:5e:75:1c:11:aa:8f:cc:89:fb:54:5d:95:28:40:
ad:6b:d4:c9:00:b7:b3:fd:b9:7e:f3:a1:dd:e8:fa:
99:df:f5:ca:eb:3e:18:46:bc:6a:e6:9b:06:dd:b9:
a6:7b:89:8d:12:0a:07:28:7f:3f:05:34:5d:12:ae:
33:28:96:cb:a7:7c:93:80:5c:2f:cd:f2:33:a7:4f:
38:b1:53:a2:b0:70:d9:50:26:68:d5:e2:17:a9:c7:
61:d9:34:0a:20:9a:11:84:83:07:94:a3:cc:68:fc:
14:1c:f3:cf:6d:eb:de:2b:fb:d7:a7:89:d8:d6:55:
67:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B6:3C:88:E7:67:F0:E5:4D:AD:56:40:E1:E0:E8:AC:2A:47:DE:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d2cafa09-dd67-4a5d-a97a-e84d85c7bc68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
0e:65:03:97:29:18:8c:c5:37:21:6d:f6:5e:d2:9c:02:78:15:
4d:19:2b:3a:56:dc:44:5f:e7:5a:be:40:b5:4e:00:c5:3f:a1:
a4:9f:9a:0f:db:8c:ba:e2:84:fb:dd:ba:92:12:b2:bb:61:be:
0d:39:1f:7c:2f:c8:a1:f0:42:c2:10:dd:63:56:74:05:28:6c:
9a:53:6c:34:5a:bc:b6:cb:d1:52:98:26:1f:83:43:0e:9f:48:
2c:ee:af:53:61:1c:e1:bf:e5:af:2f:43:a7:ec:81:93:55:d8:
1e:b7:43:c0:3e:63:3a:99:d4:ca:29:15:d0:58:cd:b2:f4:7b:
f4:78:49:73:47:58:d6:72:19:83:72:bc:4f:a3:df:80:10:3b:
71:ae:d2:c7:f9:2d:f6:10:04:c3:0b:9f:13:f2:67:9f:72:f6:
69:75:8e:b0:bf:b0:5e:51:92:52:5d:12:7b:f1:6f:09:43:46:
0e:66:65:d5:f9:6f:86:41:bd:74:56:0a:b7:3b:91:31:91:63:
29:7f:58:25:4c:47:5f:4a:e3:ae:34:60:52:73:c1:a6:25:5c:
9e:c5:b6:66:e1:1e:e4:e7:6e:0d:8f:35:fb:b5:d2:c6:2a:48:
01:bd:39:1b:17:14:7f:d2:76:45:ee:2f:0a:2b:a7:f0:2a:78:
de:ae:b5:63
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd34IPNH5PrNHN6ONFxKowIrYwagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhYWZkZTAwM2ZmNzMzZjRkMDJjNzdjN2I2NTQyMTVkNTBmYmNiYzhlZGUz
OGFhMTEwNDRjM2VmZDc2OGFiNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8k/WK97oE0twxN9yqrnVoflhw/IJX39QSZJXwFLeXYtW2WPNOsx/3Jnvhk
AjQ6NfBjEckFDboB5kTKfuzy9y/J/EH6fHAq6I+6qJg7xVI6+7f5XwFpW7NgFfrZ
EG6eMjiIhJZpwRyGnSzt0TwU/g95xvb3X9u87INU76jMKo0fo3qDU/Mf4151HBGq
j8yJ+1RdlShArWvUyQC3s/25fvOh3ej6md/1yus+GEa8auabBt25pnuJjRIKByh/
PwU0XRKuMyiWy6d8k4BcL83yM6dPOLFTorBw2VAmaNXiF6nHYdk0CiCaEYSDB5Sj
zGj8FBzzz23r3iv716eJ2NZVZ3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQutjyI
52fw5U2tVkDh4OisKkfe8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDJjYWZhMDktZGQ2Ny00YTVkLWE5N2EtZTg0ZDg1YzdiYzY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQAOZQOXKRiMxTchbfZe0pwCeBVNGSs6VtxEX+da
vkC1TgDFP6Gkn5oP24y64oT73bqSErK7Yb4NOR98L8ih8ELCEN1jVnQFKGyaU2w0
Wry2y9FSmCYfg0MOn0gs7q9TYRzhv+WvL0On7IGTVdget0PAPmM6mdTKKRXQWM2y
9Hv0eElzR1jWchmDcrxPo9+AEDtxrtLH+S32EATDC58T8mefcvZpdY6wv7BeUZJS
XRJ78W8JQ0YOZmXV+W+GQb10Vgq3O5ExkWMpf1glTEdfSuOuNGBSc8GmJVyexbZm
4R7k524NjzX7tdLGKkgBvTkbFxR/0nZF7i8KK6fwKnjerrVj
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org