Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
File: 19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa (raw, json)
Hash identifier: Bh/r8ltqhAA5MIbkXH9jn4oQsvlF1QzODlwzitsilWI=
Subject key identifier: 2E:10:A5:6E:E5:66:98:CC:C7:36:5B:AF:7B:E0:AE:67:3F:FD:B9:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 45D53FB92A1E1C72BB0C17EC7FA91168FDE6A7CB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1200::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:d5:3f:b9:2a:1e:1c:72:bb:0c:17:ec:7f:a9:11:68:fd:e6:a7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=34fb6d762a6183937f02a83f2dd0b0771cfc037822eecc7ddd3082d05c82a9e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b8:8d:69:0d:7e:ac:67:bf:27:5b:8c:84:c3:
51:fd:f1:69:2b:bf:35:9f:c8:e0:c4:b0:97:bf:ad:
6b:42:2a:17:18:7b:5e:d2:9d:57:01:45:1e:c5:b2:
89:d8:ab:0a:c4:f9:55:bf:78:8b:89:7a:f4:34:5b:
7f:05:14:33:be:9c:58:c1:db:9e:2a:2c:26:3f:f1:
fc:bc:09:44:69:80:6a:f4:34:d0:3b:d9:cf:6d:68:
2b:b7:4a:96:7a:d5:2b:13:57:ab:83:f3:45:0b:7e:
ab:e5:65:f6:a2:46:63:85:3e:fe:6c:38:d0:ed:14:
d6:d5:2d:6a:e6:72:ec:2d:ad:a8:65:c8:89:84:15:
09:8d:ce:37:d5:c5:e5:6b:43:3e:ea:31:7c:44:82:
8a:4f:37:3d:46:08:6d:61:2c:8f:13:b5:92:cd:16:
e0:44:aa:da:db:5a:64:ac:af:7d:ed:fb:20:10:aa:
f6:7a:7d:f4:17:33:c5:d6:2d:94:9e:25:f4:ec:dd:
5d:7f:49:45:31:d7:e1:7e:96:7e:e1:a3:de:a0:5c:
7d:e5:1f:1d:55:37:5a:20:c0:b9:24:8d:2d:69:a0:
bf:37:8d:e6:6c:07:6a:c4:b8:38:af:60:01:25:af:
44:9f:9c:68:3a:12:94:3f:59:5e:d5:89:b8:20:6c:
8b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:10:A5:6E:E5:66:98:CC:C7:36:5B:AF:7B:E0:AE:67:3F:FD:B9:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19c9eed5-cdd2-4e3a-8785-800ec4f9e023.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1200::/39
Signature Algorithm: sha256WithRSAEncryption
b0:8b:9d:96:ff:67:a2:d4:ea:de:a0:07:12:70:03:7d:3a:16:
ec:c8:ff:57:57:30:ab:50:62:2e:65:9a:e7:97:8d:a0:11:0c:
b0:19:45:c0:4a:2d:b5:c1:bd:ca:f5:df:2e:25:10:9e:b3:52:
2c:fc:84:09:dc:77:28:3d:31:5b:f1:33:0d:11:f5:d9:a4:2e:
ab:84:e1:53:c9:68:46:94:3d:cf:a0:98:3a:e1:e3:06:d5:de:
d2:c2:58:06:f3:aa:07:5c:44:70:99:f5:83:3b:c6:ab:2e:b3:
50:a4:00:72:a3:b4:7d:af:16:bc:a3:b2:8d:75:e2:5a:aa:8f:
47:a5:ab:e8:07:db:8a:b7:1e:84:bb:0f:d4:f1:8b:49:26:2e:
40:e8:8a:96:b4:d4:08:35:6d:9b:08:51:6c:e4:93:fd:a7:bf:
ed:ef:d9:27:e1:b7:59:25:84:ed:9c:93:c8:f6:05:7a:4c:68:
b7:18:5e:59:c5:bd:01:f3:8e:db:ff:37:de:5b:17:e6:d0:6d:
d5:ca:81:41:e3:88:1a:79:90:ff:da:74:e3:f0:2a:ec:8b:2e:
c9:cc:8c:1b:2e:23:bf:3d:fa:ad:c9:47:58:e3:6c:37:cb:fc:
dc:4d:3c:09:09:6b:2a:77:18:64:d6:15:f5:f7:f8:a2:54:aa:
27:0b:22:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURdU/uSoeHHK7DBfsf6kRaP3mp8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0ZmI2ZDc2MmE2MTgzOTM3ZjAyYTgzZjJkZDBiMDc3MWNmYzAzNzgyMmVl
Y2M3ZGRkMzA4MmQwNWM4MmE5ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALm4jWkNfqxnvydbjITDUf3xaSu/NZ/I4MSwl7+ta0IqFxh7XtKdVwFFHsWy
idirCsT5Vb94i4l69DRbfwUUM76cWMHbniosJj/x/LwJRGmAavQ00DvZz21oK7dK
lnrVKxNXq4PzRQt+q+Vl9qJGY4U+/mw40O0U1tUtauZy7C2tqGXIiYQVCY3ON9XF
5WtDPuoxfESCik83PUYIbWEsjxO1ks0W4ESq2ttaZKyvfe37IBCq9np99BczxdYt
lJ4l9OzdXX9JRTHX4X6WfuGj3qBcfeUfHVU3WiDAuSSNLWmgvzeN5mwHasS4OK9g
ASWvRJ+caDoSlD9ZXtWJuCBsiy0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQuEKVu
5WaYzMc2W6974K5nP/25VTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTljOWVlZDUtY2RkMi00ZTNhLTg3ODUtODAwZWM0ZjllMDIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoBBXgS
MA0GCSqGSIb3DQEBCwUAA4IBAQCwi52W/2ei1OreoAcScAN9OhbsyP9XVzCrUGIu
ZZrnl42gEQywGUXASi21wb3K9d8uJRCes1Is/IQJ3HcoPTFb8TMNEfXZpC6rhOFT
yWhGlD3PoJg64eMG1d7SwlgG86oHXERwmfWDO8arLrNQpAByo7R9rxa8o7KNdeJa
qo9HpavoB9uKtx6Euw/U8YtJJi5A6IqWtNQINW2bCFFs5JP9p7/t79kn4bdZJYTt
nJPI9gV6TGi3GF5Zxb0B847b/zfeWxfm0G3VyoFB44gaeZD/2nTj8Crsiy7JzIwb
LiO/PfqtyUdY42w3y/zcTTwJCWsqdxhk1hX19/iiVKonCyLh
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:27 2024 by rpki-client on console-ams.rpki-client.org