Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: j7ctTwgBGv3eVqD8qEPKJMw5IpppCvBh6Aktbx0+B7Q=
Subject key identifier: A9:4F:A0:B6:5A:21:C0:CC:45:D3:0F:85:71:3C:D0:CB:08:2B:91:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4DA83BCDDA25E9D18676056C447D17AD21055FB5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:a8:3b:cd:da:25:e9:d1:86:76:05:6c:44:7d:17:ad:21:05:5f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=83745b8c0dc4df7c04aba88cf094ba66b5162de54f3f72f3745709c7ad2773d1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:ed:97:f7:84:9a:50:b7:05:30:95:f7:be:
e2:49:78:32:aa:74:2b:fd:01:20:9e:a7:81:fc:21:
9c:1f:dc:73:47:b1:e1:c7:34:51:aa:df:c4:02:20:
07:6a:fb:ff:3b:01:f2:82:c1:e1:fa:ee:d0:ec:3c:
3a:8f:68:c5:fa:d7:76:69:c5:b6:71:eb:ef:95:8f:
c3:84:fa:28:b7:91:73:ae:d3:c9:1c:c6:59:0a:ec:
68:43:18:14:43:8f:cc:76:89:1a:b2:79:99:4b:21:
3a:2c:fb:76:66:8b:af:95:d7:b1:65:cd:9a:89:f4:
c2:6f:21:ff:e6:d4:00:4b:f1:a2:52:0c:64:89:50:
48:a6:51:dd:6e:10:8f:bf:ed:4a:47:10:3e:66:48:
a5:f3:f4:28:f0:a1:93:42:b1:f5:f6:d4:5e:6f:33:
64:29:c9:c2:1a:21:ac:67:7e:6c:2f:f8:a1:66:b5:
f1:a0:14:31:e0:eb:9a:6b:7a:a7:99:bb:8f:d0:61:
00:6e:39:35:34:a8:81:14:42:07:49:ad:98:10:87:
73:d0:1b:0d:8f:3f:1b:60:0a:a7:9a:0b:e8:1c:ae:
bd:3a:05:e9:4d:6b:90:93:92:08:14:24:77:3e:17:
4d:3d:26:23:bc:08:d3:89:d0:e0:c8:c7:0b:ca:d5:
5c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4F:A0:B6:5A:21:C0:CC:45:D3:0F:85:71:3C:D0:CB:08:2B:91:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d0:07:17:93:0a:d5:0e:b5:75:36:74:f2:ae:2c:79:ec:70:90:
f1:e8:6c:ad:9b:40:92:12:b4:0a:77:74:21:e9:ef:86:0b:30:
c4:05:73:be:ce:06:b0:bc:56:e5:e2:24:0c:1a:c0:dc:b3:07:
d9:6e:a9:f4:79:8b:e9:d1:92:d6:aa:23:73:06:79:33:0f:84:
6c:b6:84:e0:b4:77:36:4f:cc:04:fa:ce:fc:36:02:18:04:fc:
73:f3:5f:04:66:4e:a1:1b:1a:7f:bd:6b:3b:5b:87:dc:2c:47:
3c:38:b2:c4:60:a3:9d:bc:f2:b5:75:bc:cf:14:fb:ca:d0:7e:
91:76:e9:37:99:e5:ba:27:68:c9:c0:ef:94:cf:dd:71:d9:65:
7e:2c:f0:74:a9:89:18:85:a1:64:c0:ed:31:c2:bb:59:a7:9d:
20:6d:cc:dc:34:06:cd:30:ee:2d:e7:ba:ec:99:b1:ba:73:6d:
45:24:cd:3f:8f:f8:b3:a6:b9:33:9e:15:5c:ae:59:7e:24:2e:
a7:6d:b3:4e:09:d5:30:af:e5:37:3f:e6:80:fd:ab:47:58:5a:
0e:a8:92:64:3c:55:82:7d:85:de:0c:00:1b:83:b9:1f:24:d7:
9a:14:f0:3c:c6:a6:86:f4:61:84:9d:32:17:b2:90:93:45:de:
03:90:e5:89
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTag7zdol6dGGdgVsRH0XrSEFX7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzNzQ1YjhjMGRjNGRmN2MwNGFiYTg4Y2YwOTRiYTY2YjUxNjJkZTU0ZjNm
NzJmMzc0NTcwOWM3YWQyNzczZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnt7Zf3hJpQtwUwlfe+4kl4Mqp0K/0BIJ6ngfwhnB/cc0ex4cc0UarfxAIg
B2r7/zsB8oLB4fru0Ow8Oo9oxfrXdmnFtnHr75WPw4T6KLeRc67TyRzGWQrsaEMY
FEOPzHaJGrJ5mUshOiz7dmaLr5XXsWXNmon0wm8h/+bUAEvxolIMZIlQSKZR3W4Q
j7/tSkcQPmZIpfP0KPChk0Kx9fbUXm8zZCnJwhohrGd+bC/4oWa18aAUMeDrmmt6
p5m7j9BhAG45NTSogRRCB0mtmBCHc9AbDY8/G2AKp5oL6ByuvToF6U1rkJOSCBQk
dz4XTT0mI7wI04nQ4MjHC8rVXOkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSpT6C2
WiHAzEXTD4VxPNDLCCuRLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQDQBxeTCtUOtXU2dPKuLHnscJDx6Gytm0CSErQKd3Qh
6e+GCzDEBXO+zgawvFbl4iQMGsDcswfZbqn0eYvp0ZLWqiNzBnkzD4RstoTgtHc2
T8wE+s78NgIYBPxz818EZk6hGxp/vWs7W4fcLEc8OLLEYKOdvPK1dbzPFPvK0H6R
duk3meW6J2jJwO+Uz91x2WV+LPB0qYkYhaFkwO0xwrtZp50gbczcNAbNMO4t57rs
mbG6c21FJM0/j/izprkznhVcrll+JC6nbbNOCdUwr+U3P+aA/atHWFoOqJJkPFWC
fYXeDAAbg7kfJNeaFPA8xqaG9GGEnTIXspCTRd4DkOWJ
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org