Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
File: 8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa (raw, json)
Hash identifier: 97hZqH2LiYAV20xKiBD3qA29ek6fXhn+DHW/v5lBSvw=
Subject key identifier: 64:59:B0:AD:6A:C8:05:CD:2B:09:94:EC:1C:7C:C5:F2:C2:49:33:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34873EFA02590101F8E1DB02FAB6041493C864C6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:87:3e:fa:02:59:01:01:f8:e1:db:02:fa:b6:04:14:93:c8:64:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=63b77667d045ac373a960b556a3c9b2b3f1a939d56d0ea488c75322b0c652e37, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d8:c2:d7:56:35:2e:f5:c7:38:9e:8f:44:a3:
d4:c1:76:47:cf:6e:08:ff:31:72:b7:b2:bd:28:7b:
5e:c6:88:fc:51:a8:fb:b7:54:a9:94:f4:70:2e:52:
43:9e:1d:d0:14:0e:4f:7c:aa:9c:aa:0d:b7:12:d6:
f0:39:27:8f:2c:82:18:41:31:91:6d:35:15:5f:c8:
e9:32:bd:1c:53:a7:c3:b5:b8:65:be:72:5d:55:7a:
22:de:44:4b:4c:95:5b:57:ed:a3:cf:73:01:60:ee:
1d:37:17:47:79:d8:07:60:be:d9:ed:e2:7f:a8:ff:
3d:3e:49:e9:47:cc:f3:ba:d2:3c:fb:b9:0a:34:ff:
ec:26:36:e2:fe:d1:e4:be:b4:d3:bb:8b:8d:cb:ed:
11:a4:12:99:d5:a4:c3:b4:70:0b:8b:6b:11:59:4e:
37:12:02:7b:21:63:9d:e9:b2:5c:8f:47:92:d5:c0:
ec:c7:f4:2d:d6:89:e4:10:d6:d2:87:3f:0d:4a:80:
cc:a0:5f:ea:d0:82:24:ac:67:34:40:09:e2:e4:38:
a0:3d:4e:b1:66:be:14:1d:11:28:38:96:c7:43:6f:
e4:82:f2:20:58:b0:4e:da:16:49:b3:64:e0:b9:d3:
26:10:d2:5b:30:d9:71:5d:be:74:1a:5f:53:ae:2c:
1f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:59:B0:AD:6A:C8:05:CD:2B:09:94:EC:1C:7C:C5:F2:C2:49:33:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:c9:9d:1e:70:5c:10:51:a9:e2:af:32:02:a3:97:3d:5d:3d:
fd:19:e8:28:55:11:3c:fb:48:ee:c3:78:b3:da:7c:66:c9:cf:
75:68:86:ea:c3:84:bd:21:08:f0:18:8a:3c:c7:0d:a0:5d:34:
00:dd:cb:fe:ad:9c:6a:c8:c1:4a:ca:89:34:a2:75:67:e2:31:
f2:4d:81:9c:5e:04:e8:44:63:12:1b:ad:c1:62:0c:36:db:18:
7c:5d:f9:52:97:6c:46:5a:4a:c9:4a:aa:c3:4c:7b:cc:a4:11:
59:45:18:82:78:ab:63:02:d9:3a:4a:31:51:0f:56:47:b7:2b:
f5:1f:e3:db:cb:77:3a:72:77:b1:c6:f7:62:e2:9c:86:e0:8b:
72:72:1d:99:42:63:a3:c9:64:6e:01:4e:d9:44:5e:fb:b1:a6:
3a:b5:ba:c9:31:7e:2d:ca:eb:db:b2:a6:0b:34:87:52:68:c6:
0b:79:a4:74:ea:f7:8e:99:24:7e:48:e4:a8:d0:cd:53:b2:70:
2d:68:64:03:ea:3e:e1:93:05:b9:9f:de:22:0b:86:56:af:cd:
e9:9b:c6:5f:1c:b6:b1:c3:d5:63:03:79:b3:9d:d7:62:e5:07:
23:ed:22:14:f7:a5:6f:cb:d2:98:37:e2:1c:68:ec:e2:f0:f0:
f9:e8:c7:6c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNIc++gJZAQH44dsC+rYEFJPIZMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzYjc3NjY3ZDA0NWFjMzczYTk2MGI1NTZhM2M5YjJiM2YxYTkzOWQ1NmQw
ZWE0ODhjNzUzMjJiMGM2NTJlMzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHYwtdWNS71xziej0Sj1MF2R89uCP8xcreyvSh7XsaI/FGo+7dUqZT0cC5S
Q54d0BQOT3yqnKoNtxLW8DknjyyCGEExkW01FV/I6TK9HFOnw7W4Zb5yXVV6It5E
S0yVW1fto89zAWDuHTcXR3nYB2C+2e3if6j/PT5J6UfM87rSPPu5CjT/7CY24v7R
5L6007uLjcvtEaQSmdWkw7RwC4trEVlONxICeyFjnemyXI9HktXA7Mf0LdaJ5BDW
0oc/DUqAzKBf6tCCJKxnNEAJ4uQ4oD1OsWa+FB0RKDiWx0Nv5ILyIFiwTtoWSbNk
4LnTJhDSWzDZcV2+dBpfU64sHxsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRkWbCt
asgFzSsJlOwcfMXywkkz4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0OGU0ZmUtYTY5Ny00NGIwLWJhYjItMWI1NDkzNWE1MGYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQCoyZ0ecFwQUanirzICo5c9XT39GegoVRE8+0juw3iz
2nxmyc91aIbqw4S9IQjwGIo8xw2gXTQA3cv+rZxqyMFKyok0onVn4jHyTYGcXgTo
RGMSG63BYgw22xh8XflSl2xGWkrJSqrDTHvMpBFZRRiCeKtjAtk6SjFRD1ZHtyv1
H+Pby3c6cnexxvdi4pyG4Itych2ZQmOjyWRuAU7ZRF77saY6tbrJMX4tyuvbsqYL
NIdSaMYLeaR06veOmSR+SOSo0M1TsnAtaGQD6j7hkwW5n94iC4ZWr83pm8ZfHLax
w9VjA3mznddi5Qcj7SIU96Vvy9KYN+IcaOzi8PD56Mds
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org