Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: Eg2WPuJ6XJEgdMRZ0A03fXf+/AxY7ibzY7l+7rH7+9A=
Subject key identifier: 81:02:43:98:A2:89:DB:8A:63:CA:CF:1C:8E:26:E9:0C:B3:90:9B:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6148728DE2B7EB105DABEBE194D81B5B32FAC260
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Mon 08 Apr 2024 00:00:00 +0000
ROA not before: Mon 08 Apr 2024 00:00:00 +0000
ROA not after: Mon 13 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:48:72:8d:e2:b7:eb:10:5d:ab:eb:e1:94:d8:1b:5b:32:fa:c2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 8 00:00:00 2024 GMT
Not After : May 13 23:59:59 2024 GMT
Subject: serialNumber=c54f66c191e19f9698d4155258353618315d2a7eb0578991b62015ddbdba3b03, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:8f:e3:9f:27:a4:9d:a3:d5:da:62:ff:7b:
f4:21:70:94:dd:a7:db:54:e2:0b:12:05:0d:50:29:
e0:43:ad:83:76:f0:ac:2d:c4:be:58:94:cd:9d:3a:
9b:bc:ad:f3:e0:e6:7b:e8:f2:62:b9:10:6c:16:ab:
98:61:89:35:2e:4d:2f:6a:89:3d:e0:8b:ea:e7:c9:
e9:69:87:3c:a3:a7:b7:88:f4:eb:92:24:04:e4:33:
73:49:39:b1:c2:5f:0f:68:30:56:62:d8:ca:26:53:
62:6e:bd:26:be:9d:f4:7d:1a:42:e2:8d:5a:71:d5:
97:14:b2:c7:5a:69:a6:28:2f:0f:46:4f:c9:ad:e3:
9b:55:56:80:ba:c8:fc:7a:0d:0c:6b:6a:73:49:53:
16:fb:6b:df:07:ef:cf:66:40:8a:87:13:1f:70:f7:
8a:f9:b9:61:dd:1b:81:32:e4:34:c8:d3:5e:fd:a4:
46:7a:9d:cc:4e:46:f6:61:20:69:10:36:04:c3:4a:
1d:f4:9c:da:94:76:f0:f4:17:70:f1:06:24:1e:01:
3d:9f:52:e3:91:48:88:5f:86:87:9e:36:b7:c0:83:
eb:8f:53:ed:6c:0e:50:19:48:75:59:c8:7a:92:fc:
30:68:4d:5e:62:1f:8c:0c:6d:66:ac:b4:aa:ea:4a:
8b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:02:43:98:A2:89:DB:8A:63:CA:CF:1C:8E:26:E9:0C:B3:90:9B:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
d2:06:46:33:34:c0:74:a9:ba:55:40:c3:34:3a:12:70:ee:b2:
15:59:26:4c:c7:e4:5a:08:9c:bc:52:d2:5e:c0:ce:08:cc:ed:
b4:a7:da:ad:c1:de:a6:4f:42:72:7a:f8:66:2a:fc:97:f5:4f:
04:89:3b:bb:4b:a2:fc:df:10:88:7b:84:51:e8:8a:43:49:71:
15:48:7f:2e:b2:a3:6d:93:72:2c:16:0c:b8:88:84:4d:6a:22:
3a:15:81:08:f0:27:3b:dd:8b:6a:63:92:a3:d2:e4:a8:28:92:
bb:54:e8:91:2d:d8:c8:d4:f8:c3:0a:db:c1:4e:ce:8b:f0:97:
58:fe:ba:e4:50:fb:8f:2f:32:07:ba:26:34:82:2e:e0:b9:5f:
db:e3:c1:c9:a2:d6:5e:ce:ef:f5:6b:0c:62:1a:7d:d1:1b:6b:
10:59:da:cd:d1:65:8c:c8:3f:65:6d:4c:1f:cf:b0:e5:4e:84:
ef:e7:cf:ea:67:18:a9:87:e1:10:fa:13:50:e3:a7:f4:fd:19:
41:75:2a:a3:f2:0f:03:64:81:4b:fc:ab:d5:ec:07:47:85:18:
07:4c:50:68:92:f0:37:65:bb:20:b6:b4:0a:16:a1:06:39:81:
e8:d5:da:c2:57:70:57:eb:88:22:2b:f9:da:bd:6b:62:dc:1e:
53:a5:2b:f1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYUhyjeK36xBdq+vhlNgbWzL6wmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDgwMDAwMDBaFw0yNDA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1NGY2NmMxOTFlMTlmOTY5OGQ0MTU1MjU4MzUzNjE4MzE1ZDJhN2ViMDU3
ODk5MWI2MjAxNWRkYmRiYTNiMDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmcj+OfJ6Sdo9XaYv979CFwlN2n21TiCxIFDVAp4EOtg3bwrC3EvliUzZ06
m7yt8+Dme+jyYrkQbBarmGGJNS5NL2qJPeCL6ufJ6WmHPKOnt4j065IkBOQzc0k5
scJfD2gwVmLYyiZTYm69Jr6d9H0aQuKNWnHVlxSyx1pppigvD0ZPya3jm1VWgLrI
/HoNDGtqc0lTFvtr3wfvz2ZAiocTH3D3ivm5Yd0bgTLkNMjTXv2kRnqdzE5G9mEg
aRA2BMNKHfSc2pR28PQXcPEGJB4BPZ9S45FIiF+Gh542t8CD649T7WwOUBlIdVnI
epL8MGhNXmIfjAxtZqy0qupKizcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSBAkOY
oonbimPKzxyOJukMs5CbeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEA0gZGMzTAdKm6VUDDNDoScO6yFVkmTMfkWgicvFLS
XsDOCMzttKfarcHepk9Ccnr4Zir8l/VPBIk7u0ui/N8QiHuEUeiKQ0lxFUh/LrKj
bZNyLBYMuIiETWoiOhWBCPAnO92LamOSo9LkqCiSu1TokS3YyNT4wwrbwU7Oi/CX
WP665FD7jy8yB7omNIIu4Llf2+PByaLWXs7v9WsMYhp90RtrEFnazdFljMg/ZW1M
H8+w5U6E7+fP6mcYqYfhEPoTUOOn9P0ZQXUqo/IPA2SBS/yr1ewHR4UYB0xQaJLw
N2W7ILa0ChahBjmB6NXawldwV+uIIiv52r1rYtweU6Ur8Q==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:25 2024 by rpki-client on console-fra.rpki-client.org