Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: uKTCyARZcyJXol1oXQd0MRRETXw8pqKwBvlwvNRY3e8=
Subject key identifier: C2:9D:D5:A7:14:3D:4C:3F:30:17:BB:DE:8E:2E:6A:8B:51:75:2E:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 16B1177D5594505D7734B84A6ABE2829A5473229
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:b1:17:7d:55:94:50:5d:77:34:b8:4a:6a:be:28:29:a5:47:32:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=29b684acb946885012709da70636ae9a29a3f93724933ab84021dba56a180ebc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:39:71:60:e9:04:3e:08:5e:d9:3d:fb:62:76:
d4:5c:ce:0a:19:0d:ae:b6:44:ab:90:ab:b1:aa:3d:
06:4b:5d:d2:15:90:80:20:db:f5:7a:47:c8:38:c3:
ff:53:43:f2:5c:1a:6b:e0:e0:77:e9:b8:40:ff:6a:
17:ed:a4:0d:37:6f:21:d8:80:9a:fd:ec:37:84:8c:
88:a3:12:45:cb:1e:77:18:98:40:d1:36:16:2e:65:
7f:5e:69:8d:ce:09:03:ba:7c:dd:b2:4d:3e:9a:e7:
00:ad:1e:91:2b:7e:ef:c9:80:c2:d0:35:34:7a:01:
3e:3a:57:6b:86:c7:26:7e:86:fb:ed:83:17:8f:cc:
ba:53:41:14:bf:8e:56:e7:9c:b4:51:2a:c8:bb:0e:
09:dd:a0:c2:3f:01:b9:cb:80:69:3c:6c:bc:b0:cc:
5a:7f:5f:03:0e:f7:43:27:5a:a2:e5:d7:8a:f5:9e:
aa:e3:b8:9d:2c:71:9c:cf:15:33:bb:fc:b7:b8:7f:
89:bb:35:3d:d3:4f:4c:da:6b:5f:af:de:82:8e:d0:
d0:d2:4d:8a:75:2b:a1:d0:3a:a7:16:fe:80:43:2b:
66:97:81:b3:f7:7a:36:24:3a:e7:97:37:7f:d0:cc:
12:8c:de:2c:15:72:e5:c7:61:f6:7f:db:8c:5e:2d:
df:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:9D:D5:A7:14:3D:4C:3F:30:17:BB:DE:8E:2E:6A:8B:51:75:2E:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
8a:69:82:26:a2:63:f5:a9:0e:cd:e2:90:8e:25:30:3f:7d:d1:
a7:e6:bb:49:17:97:7a:d7:10:09:c2:1a:e8:d9:e7:69:d0:e8:
77:36:51:00:3d:89:47:29:7e:4a:a6:f9:31:bf:94:1a:63:cb:
c4:d2:5d:73:51:9e:88:8d:6f:76:ad:13:79:32:01:72:73:3f:
2f:dc:16:41:9b:da:47:34:5e:e4:93:a4:4b:cc:7b:79:4f:c7:
8b:0c:8a:3d:96:b6:8b:b4:8f:b3:5b:46:2d:83:d8:ed:30:9b:
ce:07:66:9f:5a:4f:7c:21:0e:4b:b5:b5:51:5b:3b:17:a6:13:
fa:6c:9f:34:60:89:3e:fc:95:a1:6c:43:f3:4f:bb:7d:2d:eb:
2f:5b:4f:16:d6:a1:14:3f:55:65:40:bc:4d:44:0b:a8:60:21:
0f:4d:48:c8:84:fd:73:b4:1d:19:77:4d:e2:35:bb:80:26:82:
37:19:fd:87:e7:2b:38:5c:b9:0e:de:89:f8:49:c4:18:e6:bf:
9e:21:bf:2d:2f:86:c6:9b:7c:41:7a:cd:36:56:12:5a:97:05:
fa:f7:d4:00:28:82:53:30:6f:52:89:e1:e1:66:22:0d:f0:06:
4b:4a:56:55:46:46:4d:27:a9:58:24:06:53:f0:1e:11:bf:44:
6b:16:0e:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFrEXfVWUUF13NLhKar4oKaVHMikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5YjY4NGFjYjk0Njg4NTAxMjcwOWRhNzA2MzZhZTlhMjlhM2Y5MzcyNDkz
M2FiODQwMjFkYmE1NmExODBlYmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK05cWDpBD4IXtk9+2J21FzOChkNrrZEq5Crsao9Bktd0hWQgCDb9XpHyDjD
/1ND8lwaa+Dgd+m4QP9qF+2kDTdvIdiAmv3sN4SMiKMSRcsedxiYQNE2Fi5lf15p
jc4JA7p83bJNPprnAK0ekSt+78mAwtA1NHoBPjpXa4bHJn6G++2DF4/MulNBFL+O
VuectFEqyLsOCd2gwj8BucuAaTxsvLDMWn9fAw73QydaouXXivWequO4nSxxnM8V
M7v8t7h/ibs1PdNPTNprX6/ego7Q0NJNinUrodA6pxb+gEMrZpeBs/d6NiQ655c3
f9DMEozeLBVy5cdh9n/bjF4t33ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTCndWn
FD1MPzAXu96OLmqLUXUu1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQCKaYImomP1qQ7N4pCOJTA/fdGn5rtJF5d61xAJwhro
2edp0Oh3NlEAPYlHKX5Kpvkxv5QaY8vE0l1zUZ6IjW92rRN5MgFycz8v3BZBm9pH
NF7kk6RLzHt5T8eLDIo9lraLtI+zW0Ytg9jtMJvOB2afWk98IQ5LtbVRWzsXphP6
bJ80YIk+/JWhbEPzT7t9LesvW08W1qEUP1VlQLxNRAuoYCEPTUjIhP1ztB0Zd03i
NbuAJoI3Gf2H5ys4XLkO3on4ScQY5r+eIb8tL4bGm3xBes02VhJalwX699QAKIJT
MG9SieHhZiIN8AZLSlZVRkZNJ6lYJAZT8B4Rv0RrFg7i
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org