Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: ujaHhfDoyZKGiXS5Zx4xCm+OCFd/nsgcIQRxiAlAADM=
Subject key identifier: 08:01:FB:05:61:A1:D8:54:37:A8:37:88:C7:EF:97:6F:95:7A:BA:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75EA28E9B0127C354C110700A96BE9136EA055A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Tue 26 Mar 2024 00:00:00 +0000
ROA not before: Tue 26 Mar 2024 00:00:00 +0000
ROA not after: Tue 30 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:ea:28:e9:b0:12:7c:35:4c:11:07:00:a9:6b:e9:13:6e:a0:55:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 26 00:00:00 2024 GMT
Not After : Apr 30 23:59:59 2024 GMT
Subject: serialNumber=5a5198901be0203cf1c65287df561f40441a1307942e529199cc9b899ea66073, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e0:3a:d6:ee:98:7d:d3:47:bf:7a:d0:32:09:
00:0b:4d:61:e9:5f:cf:35:6b:1d:96:86:b1:02:9b:
b6:28:be:e2:ea:3b:78:98:ff:64:80:cf:b3:af:90:
e8:0e:e5:de:63:dc:d3:e7:02:04:45:4d:48:27:c6:
22:dd:07:11:3c:c5:26:c7:55:47:aa:f6:0b:06:c4:
d7:3e:f3:5d:0a:70:24:e1:5c:d1:dc:dc:1f:b8:24:
41:cc:e8:09:50:b9:4b:22:19:a1:ad:32:5c:30:82:
d8:d7:40:b1:44:01:9b:87:7a:f4:f3:05:8a:40:70:
b8:6f:bd:70:e6:71:c9:08:14:1a:5a:ae:fb:1a:0c:
7b:28:84:58:91:f9:af:f3:af:94:a6:ff:82:d6:2a:
37:e2:0c:72:b9:e5:0b:00:a5:9b:b3:f9:b1:98:5e:
a7:05:1f:11:cf:cd:46:f4:12:6c:97:5e:19:fb:89:
9c:46:a4:7d:01:76:ea:95:41:9b:fa:3a:2a:dd:f9:
a0:c8:e0:4d:01:24:95:a0:47:ae:ba:6b:0b:88:1b:
0b:09:91:ee:33:96:84:ed:c8:0e:79:cc:fc:cf:7b:
54:17:b1:c2:91:3f:f9:e1:9c:ea:1b:ba:4c:ce:7a:
b1:4c:f8:fc:ba:0b:08:7b:90:a6:bf:d8:e3:14:50:
77:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:01:FB:05:61:A1:D8:54:37:A8:37:88:C7:EF:97:6F:95:7A:BA:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:2e:bc:e7:e3:f9:c8:f5:3d:34:ce:79:ec:f6:94:b0:85:da:
60:35:2a:a2:ab:df:fc:59:33:f7:70:d2:bf:05:17:63:43:c0:
7d:13:29:58:24:28:3e:05:26:97:52:85:e9:41:40:97:4a:0f:
94:b3:8a:ef:9e:ae:08:ab:85:3e:bb:5e:e9:37:79:4c:1a:4f:
af:ec:97:46:c3:a5:47:4b:9f:f0:40:e4:79:e3:27:c3:ac:af:
a9:fd:a0:5a:f2:f5:9e:ca:c6:55:fb:96:23:30:b6:0d:63:25:
f6:ae:28:05:8d:71:a9:29:47:e2:52:25:5c:64:f6:b7:d4:c0:
08:ad:cb:7f:45:a0:24:82:86:55:73:7e:04:b4:11:94:9f:f4:
ad:63:74:ce:5c:76:43:19:f8:43:1f:4d:6f:58:dc:36:31:ad:
75:3f:82:d5:0e:4f:91:e1:30:47:d8:71:1a:e2:26:dc:2c:14:
a7:e4:f4:e6:e9:6b:ce:6a:8a:c9:fd:98:a8:1d:b5:34:3d:36:
4b:ea:89:61:41:3d:e7:7c:be:2a:20:85:6f:17:95:08:2a:3a:
2d:8a:fb:bd:a3:9b:59:88:31:a9:6d:b6:10:ae:3d:26:e6:25:
14:ba:56:74:cf:e8:a3:6b:15:c8:aa:8b:c0:2e:dc:83:a3:eb:
66:ba:5e:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdeoo6bASfDVMEQcAqWvpE26gVaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjYwMDAwMDBaFw0yNDA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhNTE5ODkwMWJlMDIwM2NmMWM2NTI4N2RmNTYxZjQwNDQxYTEzMDc5NDJl
NTI5MTk5Y2M5Yjg5OWVhNjYwNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPgOtbumH3TR7960DIJAAtNYelfzzVrHZaGsQKbtii+4uo7eJj/ZIDPs6+Q
6A7l3mPc0+cCBEVNSCfGIt0HETzFJsdVR6r2CwbE1z7zXQpwJOFc0dzcH7gkQczo
CVC5SyIZoa0yXDCC2NdAsUQBm4d69PMFikBwuG+9cOZxyQgUGlqu+xoMeyiEWJH5
r/OvlKb/gtYqN+IMcrnlCwClm7P5sZhepwUfEc/NRvQSbJdeGfuJnEakfQF26pVB
m/o6Kt35oMjgTQEklaBHrrprC4gbCwmR7jOWhO3IDnnM/M97VBexwpE/+eGc6hu6
TM56sUz4/LoLCHuQpr/Y4xRQd9UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQIAfsF
YaHYVDeoN4jH75dvlXq63jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAXi685+P5yPU9NM557PaUsIXaYDUqoqvf/Fkz93DS
vwUXY0PAfRMpWCQoPgUml1KF6UFAl0oPlLOK756uCKuFPrte6Td5TBpPr+yXRsOl
R0uf8EDkeeMnw6yvqf2gWvL1nsrGVfuWIzC2DWMl9q4oBY1xqSlH4lIlXGT2t9TA
CK3Lf0WgJIKGVXN+BLQRlJ/0rWN0zlx2Qxn4Qx9Nb1jcNjGtdT+C1Q5PkeEwR9hx
GuIm3CwUp+T05ulrzmqKyf2YqB21ND02S+qJYUE953y+KiCFbxeVCCo6LYr7vaOb
WYgxqW22EK49JuYlFLpWdM/oo2sVyKqLwC7cg6PrZrpeVQ==
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:46:56 2024 by rpki-client on console-fra.rpki-client.org