Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa
File: d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa (raw, json)
Hash identifier: F+NXfFkqIojSV+9l0YbalWnJNu7Vg8anOJuUB4pmHA8=
Subject key identifier: C7:55:DF:7C:48:AE:67:12:5C:FA:33:7C:08:AE:F7:53:14:05:03:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40DC19D1964E03476867BAF8724C79D6BBD51983
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:dc:19:d1:96:4e:03:47:68:67:ba:f8:72:4c:79:d6:bb:d5:19:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=a05f8f06ad11e74cbdf44b1e5321bd800802a6f43e4524f524001f40fa4c3aa6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:53:a4:c6:aa:90:64:bf:93:87:74:e3:6d:0c:
0a:3b:3b:a1:93:7a:b7:73:d0:28:dd:76:51:d6:b7:
79:ab:cc:04:f8:e9:2a:a7:0b:51:18:48:30:00:ca:
b4:4c:96:7a:64:4e:f2:87:52:45:99:53:a9:6a:13:
ae:e5:fd:30:49:ce:b1:e5:0b:10:50:fa:a1:a3:bb:
90:28:44:c0:c2:d3:57:96:f7:d2:ec:da:cf:ff:e4:
8b:f1:c9:3b:77:cf:ab:d7:67:f8:9f:58:37:66:22:
00:d2:2c:a7:f9:3b:a6:ad:c3:9c:57:46:de:77:6d:
09:e7:b6:ba:af:60:c8:ef:d9:60:1a:07:ef:ab:0c:
89:9c:02:06:ea:1b:55:64:3f:26:50:7c:6f:b5:09:
48:a9:44:e9:88:e5:02:10:49:8f:8b:c6:d3:1b:1c:
85:98:b1:dd:73:32:bd:d8:f6:91:89:d6:c6:1e:37:
1f:2c:4f:ec:10:29:1e:72:fc:d2:6c:f1:57:31:8f:
ba:a0:a1:8f:99:5b:13:9a:48:28:dd:f8:6c:6b:ff:
08:f7:e6:61:ec:1b:2f:87:d4:42:4a:b2:28:8a:d6:
4c:a2:f5:7c:35:3d:24:39:5e:30:4b:50:d2:6d:0c:
30:c0:69:c8:6a:aa:26:6f:b6:d4:69:2e:31:21:a1:
7d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:55:DF:7C:48:AE:67:12:5C:FA:33:7C:08:AE:F7:53:14:05:03:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d28f1fe0-a546-4bc4-b487-38dfedc0c67a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
55:b0:4f:d3:64:9d:07:b9:0b:f6:be:15:66:8e:d3:6d:1a:30:
f1:a3:9d:35:92:ac:3b:95:9c:0d:0a:cc:5a:87:02:fe:97:ee:
16:0c:aa:e6:94:eb:bd:89:a2:2a:bc:cf:fd:cf:63:47:4b:be:
33:b7:8e:6f:af:a3:34:24:8c:b2:59:ac:d5:ec:3e:51:97:c4:
e5:76:8e:4a:ee:75:51:ac:32:06:d7:7e:cc:7c:01:5f:4b:77:
99:ce:73:22:b1:cf:88:8e:07:1a:96:c9:67:4c:81:4c:94:32:
6b:26:c3:02:10:ad:85:c7:c7:76:cf:9e:44:65:b4:75:9c:a7:
70:ca:0e:36:ad:d9:0c:89:d7:8f:fe:0b:07:67:c3:53:5f:b1:
ea:5e:82:8f:15:5c:60:89:2f:11:ee:e5:fe:30:80:84:35:f9:
2e:a9:c0:4a:9e:43:af:52:a3:1e:c4:f3:1d:e8:c5:04:ca:de:
bb:c9:7a:f9:b7:c5:ea:28:7a:79:31:ff:53:5e:85:cf:ea:ac:
c2:26:8c:e9:44:55:34:e0:d8:09:49:66:7d:b3:99:72:da:8a:
ca:94:ff:da:4f:95:55:a5:73:c9:19:5b:43:8d:f2:17:4b:b2:
87:2e:af:16:75:21:21:40:11:cc:34:02:9e:1e:48:f1:be:c6:
c0:0a:32:30
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQNwZ0ZZOA0doZ7r4ckx51rvVGYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwNWY4ZjA2YWQxMWU3NGNiZGY0NGIxZTUzMjFiZDgwMDgwMmE2ZjQzZTQ1
MjRmNTI0MDAxZjQwZmE0YzNhYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFTpMaqkGS/k4d0420MCjs7oZN6t3PQKN12Uda3eavMBPjpKqcLURhIMADK
tEyWemRO8odSRZlTqWoTruX9MEnOseULEFD6oaO7kChEwMLTV5b30uzaz//ki/HJ
O3fPq9dn+J9YN2YiANIsp/k7pq3DnFdG3ndtCee2uq9gyO/ZYBoH76sMiZwCBuob
VWQ/JlB8b7UJSKlE6YjlAhBJj4vG0xschZix3XMyvdj2kYnWxh43HyxP7BApHnL8
0mzxVzGPuqChj5lbE5pIKN34bGv/CPfmYewbL4fUQkqyKIrWTKL1fDU9JDleMEtQ
0m0MMMBpyGqqJm+21GkuMSGhfWECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHVd98
SK5nElz6M3wIrvdTFAUDHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI4ZjFmZTAtYTU0Ni00YmM0LWI0ODctMzhkZmVkYzBjNjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAVbBP02SdB7kL9r4VZo7TbRow8aOdNZKsO5WcDQrM
WocC/pfuFgyq5pTrvYmiKrzP/c9jR0u+M7eOb6+jNCSMslms1ew+UZfE5XaOSu51
UawyBtd+zHwBX0t3mc5zIrHPiI4HGpbJZ0yBTJQyaybDAhCthcfHds+eRGW0dZyn
cMoONq3ZDInXj/4LB2fDU1+x6l6CjxVcYIkvEe7l/jCAhDX5LqnASp5Dr1KjHsTz
HejFBMreu8l6+bfF6ih6eTH/U16Fz+qswiaM6URVNODYCUlmfbOZctqKypT/2k+V
VaVzyRlbQ43yF0uyhy6vFnUhIUARzDQCnh5I8b7GwAoyMA==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org