Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
File: 262e824a-a2cb-4415-9ee1-bbfcf897df99.roa (raw, json)
Hash identifier: 4eloFmc0WPj1ie2y5ZtajlJ5jyuTQthkW8JJjkiNz2c=
Subject key identifier: E4:7E:58:8E:BE:3F:EE:43:31:8C:77:9C:AE:AC:94:B4:94:12:2B:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D0E95A4D99576B3BABBC057854F80D63CE03F3E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:0e:95:a4:d9:95:76:b3:ba:bb:c0:57:85:4f:80:d6:3c:e0:3f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=129d451bd3a4cc6f19a66f8ac1979402a63929704d547e270f68db239ebb8d58, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e0:1c:c7:bf:8f:41:8a:24:61:0d:76:95:ac:
79:b2:d9:8e:17:ad:f0:ee:2e:c5:8f:f3:f8:0f:26:
b1:4b:50:51:ba:2b:63:46:8a:01:92:3d:71:f4:e1:
fd:0a:4c:97:48:18:68:14:b5:bf:c6:20:e0:c5:39:
ce:b7:ff:b6:05:20:cf:f7:24:23:56:75:1c:2b:da:
ed:d3:1e:b5:f3:33:89:74:3e:4a:01:21:28:3f:74:
f0:dc:59:fb:dc:c8:74:1a:3d:af:08:c3:e7:f5:51:
84:0a:1a:bf:1b:2c:eb:3c:bb:06:97:7a:d9:0b:6b:
56:e6:7d:31:50:5b:41:3f:9e:cb:de:89:54:f9:3d:
85:51:73:87:9c:dc:72:29:92:62:a2:55:1d:fb:71:
d8:24:42:2e:91:31:fb:8f:5f:5f:92:e6:6b:96:37:
d2:63:61:97:81:c0:e0:91:a1:27:54:50:6f:03:da:
b0:ac:2b:be:d6:06:9f:45:3b:ad:64:98:5f:ef:46:
22:2c:64:13:f8:f3:31:ea:2a:13:58:3c:9b:fe:87:
0a:d9:55:76:8d:55:47:ec:98:f5:c1:2b:49:54:0f:
39:52:70:26:6f:7e:f5:01:42:f5:0d:51:c7:73:41:
57:05:2d:e5:95:50:a1:0d:69:b2:c4:57:99:a0:7b:
8d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:7E:58:8E:BE:3F:EE:43:31:8C:77:9C:AE:AC:94:B4:94:12:2B:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/262e824a-a2cb-4415-9ee1-bbfcf897df99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:ea:28:db:89:26:25:e3:fd:27:09:2b:73:41:21:1f:d8:6c:
0b:bf:e7:9f:8d:c5:44:65:42:4e:d2:f9:fc:77:92:f0:a5:f7:
1b:9d:75:3c:a8:6a:a3:01:2e:53:d6:d2:27:56:2e:a6:bc:f2:
ef:ca:4b:74:36:8d:71:e5:55:83:b0:7a:45:34:37:d7:25:f2:
bc:9c:fc:97:13:5f:ac:2d:71:f4:89:3a:72:fe:d9:58:80:39:
8c:27:2f:63:5f:fd:e0:bb:8f:8c:bb:6c:e2:eb:28:76:e6:45:
f2:8f:23:40:9b:c4:d9:bd:03:a1:25:00:94:36:17:74:fa:22:
d9:a6:be:0f:04:12:20:34:41:2c:b6:d1:90:b9:bd:b9:38:bf:
a4:8c:1b:8d:60:cc:c1:14:51:7a:33:07:8a:ee:a1:d0:07:b7:
b8:fa:98:c1:1e:5f:ee:bc:10:da:a3:42:99:35:9d:0e:da:ff:
8e:13:a8:4b:d4:4c:69:31:86:a4:ee:17:73:d5:14:34:32:87:
f4:a6:80:73:58:95:00:f9:2d:ed:76:50:b2:4a:50:88:f9:e6:
6e:2f:ea:73:e8:84:04:fb:00:fe:bd:ae:51:3a:19:25:08:d1:
96:05:d0:8e:70:06:a1:35:3e:de:67:d5:9b:85:36:b3:e3:f1:
40:82:fe:1d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULQ6VpNmVdrO6u8BXhU+A1jzgPz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyOWQ0NTFiZDNhNGNjNmYxOWE2NmY4YWMxOTc5NDAyYTYzOTI5NzA0ZDU0
N2UyNzBmNjhkYjIzOWViYjhkNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPgHMe/j0GKJGENdpWsebLZjhet8O4uxY/z+A8msUtQUborY0aKAZI9cfTh
/QpMl0gYaBS1v8Yg4MU5zrf/tgUgz/ckI1Z1HCva7dMetfMziXQ+SgEhKD908NxZ
+9zIdBo9rwjD5/VRhAoavxss6zy7Bpd62QtrVuZ9MVBbQT+ey96JVPk9hVFzh5zc
cimSYqJVHftx2CRCLpEx+49fX5Lma5Y30mNhl4HA4JGhJ1RQbwPasKwrvtYGn0U7
rWSYX+9GIixkE/jzMeoqE1g8m/6HCtlVdo1VR+yY9cErSVQPOVJwJm9+9QFC9Q1R
x3NBVwUt5ZVQoQ1pssRXmaB7jUUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTkfliO
vj/uQzGMd5yurJS0lBIruTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjYyZTgyNGEtYTJjYi00NDE1LTllZTEtYmJmY2Y4OTdkZjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQC36ijbiSYl4/0nCStzQSEf2GwLv+efjcVEZUJO0vn8
d5LwpfcbnXU8qGqjAS5T1tInVi6mvPLvykt0No1x5VWDsHpFNDfXJfK8nPyXE1+s
LXH0iTpy/tlYgDmMJy9jX/3gu4+Mu2zi6yh25kXyjyNAm8TZvQOhJQCUNhd0+iLZ
pr4PBBIgNEEsttGQub25OL+kjBuNYMzBFFF6MweK7qHQB7e4+pjBHl/uvBDao0KZ
NZ0O2v+OE6hL1ExpMYak7hdz1RQ0Mof0poBzWJUA+S3tdlCySlCI+eZuL+pz6IQE
+wD+va5ROhklCNGWBdCOcAahNT7eZ9WbhTaz4/FAgv4d
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:30 2024 by rpki-client on console-fra.rpki-client.org