Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0405df2-d412-488a-b5ee-d265912dd3cc.roa
File: c0405df2-d412-488a-b5ee-d265912dd3cc.roa (raw, json)
Hash identifier: PoKeVz80WVf/9ROEeAGZ4d7TRblc3luHwdzk6XHOYA4=
Subject key identifier: A7:F1:3D:0F:5B:3B:A6:37:73:33:A4:79:4E:52:2D:1E:81:D2:0F:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77DF1C76F38DF397910317731C38D47DA1BE9F74
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0405df2-d412-488a-b5ee-d265912dd3cc.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:df:1c:76:f3:8d:f3:97:91:03:17:73:1c:38:d4:7d:a1:be:9f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=6dda5169d000dde95107c7a2183784766845a8c8e424a0a0359791e0839976b8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2b:ce:16:4a:a3:1e:df:ea:3a:c3:80:5a:a4:
4e:6f:ce:ce:f6:13:6c:fc:f5:6b:65:09:6a:40:25:
34:7c:32:2e:6e:df:b3:51:e8:c1:3e:11:f3:f1:d2:
07:95:9b:cd:e2:69:9f:bd:8f:60:7b:d8:cd:91:cd:
81:4e:d9:d9:f5:6e:5b:25:ed:9f:b8:24:2d:25:88:
b5:23:16:4a:fa:80:72:85:8d:88:a4:13:c9:a6:b2:
55:3b:33:e1:e8:22:37:90:eb:69:0e:bc:e2:6a:6e:
71:b2:6f:31:64:cc:fd:c0:3b:49:37:66:e1:7d:5b:
09:e9:3d:8c:af:e1:fe:d5:91:bc:a0:cd:43:65:05:
32:52:4a:91:f4:b6:ad:97:f4:14:b3:50:5d:e1:c7:
ab:10:7a:47:39:f1:42:9d:f3:8d:09:af:b5:ed:83:
23:88:75:6d:4d:7d:c8:ac:a6:a1:cf:3e:45:22:92:
5c:15:62:0c:66:2f:bb:41:2a:df:33:d0:99:29:0f:
07:d5:46:ec:11:6f:2f:ce:2e:d8:43:40:5b:14:1d:
24:26:41:ca:69:94:d9:5c:e2:30:95:85:a0:b7:38:
24:72:62:f7:5c:96:3e:f8:1d:fa:4e:6a:45:d1:bf:
8d:aa:09:43:8c:82:ed:bc:c9:d0:81:ca:2a:ae:ea:
17:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F1:3D:0F:5B:3B:A6:37:73:33:A4:79:4E:52:2D:1E:81:D2:0F:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0405df2-d412-488a-b5ee-d265912dd3cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:12:57:f7:31:5c:da:cc:36:8b:53:36:23:5f:5b:76:03:cb:
3e:4b:e8:f2:13:71:d4:b7:cc:c4:88:0a:17:dc:04:4f:99:9a:
b5:91:df:e9:fc:7e:d8:73:ed:6d:66:5e:c5:01:65:46:7d:93:
3c:4a:45:a8:9e:fb:fc:46:a4:fd:3e:b7:08:0f:1a:15:fb:f2:
16:fd:52:9d:0a:8d:c0:00:74:70:bc:b7:ff:48:94:07:5b:b8:
bf:58:39:21:8c:8e:26:37:9c:98:b2:e4:e9:23:0c:ea:a4:fd:
1f:27:98:f8:03:dd:b5:57:c5:15:b9:2a:9c:02:f3:90:bf:01:
2d:bc:57:38:d7:84:0d:56:a0:14:3f:8a:e4:22:de:8f:d0:38:
38:c7:e6:e1:f9:4e:61:a2:9a:10:b3:b5:7c:d3:37:1e:0d:3c:
92:c8:03:95:d5:0b:22:63:76:67:3b:2f:e2:6d:04:5e:6b:16:
eb:4b:6b:82:7d:38:c0:79:a5:1f:d8:a1:63:be:95:f8:55:14:
38:d9:73:b8:b6:4c:3b:c9:62:38:7c:c9:1d:15:e4:09:dd:bd:
cf:bb:f2:51:e0:fd:0b:89:a0:77:92:7c:9b:59:4c:fb:32:4d:
80:0e:32:62:5b:39:67:19:32:cb:19:07:cc:3d:d3:ce:c8:1c:
65:36:b6:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd98cdvON85eRAxdzHDjUfaG+n3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkZGE1MTY5ZDAwMGRkZTk1MTA3YzdhMjE4Mzc4NDc2Njg0NWE4YzhlNDI0
YTBhMDM1OTc5MWUwODM5OTc2YjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4rzhZKox7f6jrDgFqkTm/OzvYTbPz1a2UJakAlNHwyLm7fs1HowT4R8/HS
B5WbzeJpn72PYHvYzZHNgU7Z2fVuWyXtn7gkLSWItSMWSvqAcoWNiKQTyaayVTsz
4egiN5DraQ684mpucbJvMWTM/cA7STdm4X1bCek9jK/h/tWRvKDNQ2UFMlJKkfS2
rZf0FLNQXeHHqxB6RznxQp3zjQmvte2DI4h1bU19yKymoc8+RSKSXBViDGYvu0Eq
3zPQmSkPB9VG7BFvL84u2ENAWxQdJCZBymmU2VziMJWFoLc4JHJi91yWPvgd+k5q
RdG/jaoJQ4yC7bzJ0IHKKq7qF30CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSn8T0P
WzumN3MzpHlOUi0egdIPWTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA0MDVkZjItZDQxMi00ODhhLWI1ZWUtZDI2NTkxMmRkM2NjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBuElf3MVzazDaLUzYjX1t2A8s+S+jyE3HUt8zEiAoX
3ARPmZq1kd/p/H7Yc+1tZl7FAWVGfZM8SkWonvv8RqT9PrcIDxoV+/IW/VKdCo3A
AHRwvLf/SJQHW7i/WDkhjI4mN5yYsuTpIwzqpP0fJ5j4A921V8UVuSqcAvOQvwEt
vFc414QNVqAUP4rkIt6P0Dg4x+bh+U5hopoQs7V80zceDTySyAOV1QsiY3ZnOy/i
bQReaxbrS2uCfTjAeaUf2KFjvpX4VRQ42XO4tkw7yWI4fMkdFeQJ3b3Pu/JR4P0L
iaB3knybWUz7Mk2ADjJiWzlnGTLLGQfMPdPOyBxlNrYR
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:27 2024 by rpki-client on console-ams.rpki-client.org