Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: CtycSJnGjPdklseu+JAoMtVgCnK7I8xXLuFJj3HUJsY=
Subject key identifier: 69:D1:E2:31:CE:B0:8C:F2:B3:6E:AE:62:BE:82:83:46:C8:D1:62:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 315A898C9533D53F4FDB01306582A22BEC03AB66
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:5a:89:8c:95:33:d5:3f:4f:db:01:30:65:82:a2:2b:ec:03:ab:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=24a8187af0801f1a5c4e41e4bd66d6eb039c1d756d78bebb057884bf37728831, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:71:49:0e:57:2b:54:06:fb:4f:57:ef:68:0f:
81:3d:49:64:5a:b6:a9:53:c8:12:64:6f:b5:23:bb:
06:0a:bb:c4:8a:87:85:34:d4:9f:e7:af:99:82:32:
f7:cf:25:52:7f:6e:e7:27:89:d5:6d:d8:65:39:13:
06:4b:1e:65:69:8f:90:22:a7:fe:2e:04:09:30:db:
b7:12:f6:45:16:3e:4c:16:9f:a3:37:6d:16:33:f2:
af:8b:03:48:1a:b9:cf:5d:d4:59:a0:26:f3:1a:10:
4b:42:d6:1d:df:bb:b1:18:e0:58:4c:a3:21:42:a6:
c1:8d:72:3f:2a:bf:89:92:5e:e5:ac:ff:ae:8a:5f:
3b:8e:3b:f0:26:1a:f6:64:91:30:bd:80:e5:d0:09:
a2:56:75:dd:0f:83:fa:9c:9d:04:a7:4f:0a:b2:40:
f6:f1:42:b0:69:cf:5d:92:a0:42:56:51:77:bd:1b:
11:3e:3b:8b:4e:20:f3:18:35:d3:f4:9b:12:67:74:
76:93:0e:eb:f7:9d:c6:87:64:95:6e:bc:d8:ae:30:
90:fc:07:e0:2b:a0:a0:13:96:4c:28:87:46:eb:3b:
12:de:da:92:ad:3d:e6:84:ee:53:92:4b:69:94:99:
03:42:01:89:87:8f:90:d2:9e:36:7f:9a:06:91:3f:
bc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D1:E2:31:CE:B0:8C:F2:B3:6E:AE:62:BE:82:83:46:C8:D1:62:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:6d:7f:6e:ec:73:4b:eb:16:0c:d3:69:d3:7e:f9:9f:70:a5:
7b:c8:1a:52:47:71:0e:01:1a:7b:87:17:93:5e:a5:aa:e8:97:
24:c7:f0:ad:3a:22:1f:32:ba:84:3d:60:3c:17:41:fd:f9:3a:
da:c4:cb:df:00:82:bb:a1:5d:89:85:fb:a8:85:18:2c:a2:a5:
d4:c1:02:8e:36:5c:16:ad:13:41:97:91:e6:b1:be:67:bf:c3:
b0:26:32:9e:f4:3d:ce:d9:d7:ef:ba:7b:db:23:78:c7:33:90:
04:c5:26:63:0a:c1:1b:b1:ae:76:5b:6e:71:f3:c6:15:bd:ed:
51:d5:b8:08:4e:bb:98:a7:91:da:6b:0b:c0:85:ef:f9:5c:1a:
a8:82:5c:5b:20:ba:89:a2:6f:c9:4f:23:49:fe:d8:a5:40:9a:
e8:d2:a2:6e:f0:b7:bb:ef:27:79:1b:34:ca:ba:8c:99:c2:19:
dd:6c:e4:ba:f0:6f:77:73:7c:b3:0b:37:8c:f5:36:e8:7a:a3:
b5:97:04:68:76:12:4e:e4:72:87:52:ea:d7:5b:d2:70:21:85:
19:ea:d4:ce:0c:0c:9d:1d:82:18:b9:07:39:d5:4f:ac:cd:bb:
d8:b1:66:53:5b:28:27:6b:e9:2c:b2:65:45:73:79:de:b1:cc:
0e:3e:e1:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMVqJjJUz1T9P2wEwZYKiK+wDq2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YTgxODdhZjA4MDFmMWE1YzRlNDFlNGJkNjZkNmViMDM5YzFkNzU2ZDc4
YmViYjA1Nzg4NGJmMzc3Mjg4MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxxSQ5XK1QG+09X72gPgT1JZFq2qVPIEmRvtSO7Bgq7xIqHhTTUn+evmYIy
988lUn9u5yeJ1W3YZTkTBkseZWmPkCKn/i4ECTDbtxL2RRY+TBafozdtFjPyr4sD
SBq5z13UWaAm8xoQS0LWHd+7sRjgWEyjIUKmwY1yPyq/iZJe5az/ropfO4478CYa
9mSRML2A5dAJolZ13Q+D+pydBKdPCrJA9vFCsGnPXZKgQlZRd70bET47i04g8xg1
0/SbEmd0dpMO6/edxodklW682K4wkPwH4CugoBOWTCiHRus7Et7akq095oTuU5JL
aZSZA0IBiYePkNKeNn+aBpE/vOUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRp0eIx
zrCM8rNurmK+goNGyNFikDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQDMbX9u7HNL6xYM02nTfvmfcKV7yBpSR3EOARp7hxeT
XqWq6Jckx/CtOiIfMrqEPWA8F0H9+TraxMvfAIK7oV2JhfuohRgsoqXUwQKONlwW
rRNBl5Hmsb5nv8OwJjKe9D3O2dfvunvbI3jHM5AExSZjCsEbsa52W25x88YVve1R
1bgITruYp5HaawvAhe/5XBqoglxbILqJom/JTyNJ/tilQJro0qJu8Le77yd5GzTK
uoyZwhndbOS68G93c3yzCzeM9TboeqO1lwRodhJO5HKHUurXW9JwIYUZ6tTODAyd
HYIYuQc51U+szbvYsWZTWygna+kssmVFc3nescwOPuFm
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org