Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
File: ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa (raw, json)
Hash identifier: 6RWbD3pTkAMChrVMA0Rbx4fO7JNo2lHkfwvLyjXgQWM=
Subject key identifier: 7D:C9:B0:F7:42:1A:53:7A:64:6F:77:E0:78:C1:54:0F:12:74:42:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 412AF5A3DD3C2C92E60F73BA8BEE8EAF3BD0885C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:2a:f5:a3:dd:3c:2c:92:e6:0f:73:ba:8b:ee:8e:af:3b:d0:88:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=1946fac0abda4619eb1dbfdfcfe90f0af12f39efdccaa65118df34106b4a2b3e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:26:74:75:b4:6e:fc:1d:5a:e3:a7:b2:7b:23:
d2:00:53:46:04:8c:2f:b4:57:95:96:ff:04:86:d5:
5d:0c:b5:56:e1:cc:88:e1:f7:c9:c6:8c:32:1f:f3:
ff:4c:12:62:51:62:86:7e:5d:e5:a3:bb:dd:2f:ba:
b7:8d:ba:b0:3f:30:22:28:dc:62:a4:9f:d8:80:a1:
8f:76:c6:15:7c:d8:0a:4e:f3:d5:b5:ad:1d:cf:b7:
49:d1:1a:35:b4:40:5b:79:40:48:50:6c:59:8a:40:
84:27:f3:72:5d:94:e7:f5:b5:ef:c2:a0:29:2c:ad:
f2:a6:01:55:00:40:b2:65:ae:20:6a:4a:c1:e6:c1:
21:14:e9:96:eb:d5:53:50:1c:16:d8:6e:5c:11:d5:
ff:dd:39:d0:ca:67:21:c9:70:be:3d:e2:29:53:ce:
29:fe:64:bb:eb:2d:26:a7:e7:35:3c:f8:35:6c:9d:
73:8e:bf:5d:17:ac:d4:dc:7b:c2:9c:91:a0:d2:bb:
ac:2e:17:c4:77:5a:3d:49:b9:6e:50:58:31:aa:cc:
e1:bb:da:0e:55:b6:01:13:51:72:86:fe:6d:e7:1d:
68:28:1c:eb:6f:26:05:9f:bc:1c:a0:e0:a4:d7:a2:
be:94:46:5f:df:ba:bc:77:11:55:ce:f1:42:bc:ff:
60:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C9:B0:F7:42:1A:53:7A:64:6F:77:E0:78:C1:54:0F:12:74:42:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:db:08:88:90:f6:e3:d7:41:0b:9d:18:5a:a3:40:e9:0d:4c:
bb:df:87:f5:83:65:8c:95:cb:16:80:73:ca:46:00:8a:c5:28:
c3:42:4d:05:ae:c2:4d:cc:a9:2e:99:65:2e:65:55:94:ef:e7:
68:a1:ef:b9:aa:f6:77:b5:ae:1b:8f:30:43:1e:90:ae:2d:49:
51:02:49:6d:14:91:46:b1:79:69:86:d3:76:ee:80:32:b6:b9:
fa:29:3c:f1:da:69:b3:4b:5c:51:ff:e6:bb:59:38:06:bc:8b:
6b:c4:aa:6b:8d:06:00:58:95:f2:81:d9:7f:ef:7c:71:b6:fd:
c9:04:62:a8:4e:32:1e:18:4c:c4:f7:27:e5:91:4a:81:cd:8b:
86:1f:26:37:07:cb:03:f1:1e:1c:4f:40:97:b9:52:71:0a:59:
65:11:72:6e:f1:3f:91:0c:33:ba:c1:42:ac:7f:7c:25:83:b4:
c3:b0:b5:4c:7b:a7:94:56:51:9f:bf:28:59:5a:06:39:4f:c1:
e3:8d:89:da:bc:aa:98:c8:96:e2:bf:ea:f2:ba:bb:6f:66:10:
43:94:d6:9f:09:19:61:ce:84:57:00:5e:25:c8:7b:41:fd:89:
eb:66:79:71:64:83:b0:95:0d:79:8b:49:b8:80:74:ae:28:97:
6d:1b:e4:96
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQSr1o908LJLmD3O6i+6OrzvQiFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5NDZmYWMwYWJkYTQ2MTllYjFkYmZkZmNmZTkwZjBhZjEyZjM5ZWZkY2Nh
YTY1MTE4ZGYzNDEwNmI0YTJiM2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwmdHW0bvwdWuOnsnsj0gBTRgSML7RXlZb/BIbVXQy1VuHMiOH3ycaMMh/z
/0wSYlFihn5d5aO73S+6t426sD8wIijcYqSf2IChj3bGFXzYCk7z1bWtHc+3SdEa
NbRAW3lASFBsWYpAhCfzcl2U5/W178KgKSyt8qYBVQBAsmWuIGpKwebBIRTpluvV
U1AcFthuXBHV/9050MpnIclwvj3iKVPOKf5ku+stJqfnNTz4NWydc46/XRes1Nx7
wpyRoNK7rC4XxHdaPUm5blBYMarM4bvaDlW2ARNRcob+becdaCgc628mBZ+8HKDg
pNeivpRGX9+6vHcRVc7xQrz/YO0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR9ybD3
QhpTemRvd+B4wVQPEnRCLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2U4N2RiYjktNDQxMy00MmMyLWJhODEtNDRjY2RmOTViZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQA82wiIkPbj10ELnRhao0DpDUy734f1g2WMlcsWgHPK
RgCKxSjDQk0FrsJNzKkumWUuZVWU7+dooe+5qvZ3ta4bjzBDHpCuLUlRAkltFJFG
sXlphtN27oAytrn6KTzx2mmzS1xR/+a7WTgGvItrxKprjQYAWJXygdl/73xxtv3J
BGKoTjIeGEzE9yflkUqBzYuGHyY3B8sD8R4cT0CXuVJxClllEXJu8T+RDDO6wUKs
f3wlg7TDsLVMe6eUVlGfvyhZWgY5T8HjjYnavKqYyJbiv+ryurtvZhBDlNafCRlh
zoRXAF4lyHtB/YnrZnlxZIOwlQ15i0m4gHSuKJdtG+SW
-----END CERTIFICATE-----
Generated at Wed May 8 01:49:10 2024 by rpki-client on console-fra.rpki-client.org