Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: BYrSQ89llODsaNKzGbH3sshmHJNpeAICsvE4MmB/ucc=
Subject key identifier: 60:6B:C6:7D:77:A9:54:46:04:36:0D:C7:D4:FA:49:27:6C:93:4D:92
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F17B652405D4EA7A716D0C83338CDA6C94FF763
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:17:b6:52:40:5d:4e:a7:a7:16:d0:c8:33:38:cd:a6:c9:4f:f7:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=65a843accd635e279754d22b94e6e5e77d58a453bf7306334d500b63e9a34925, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:68:8d:b6:55:d4:29:6b:38:17:e3:69:41:08:
36:11:62:88:a5:33:8f:29:c9:27:3c:d3:16:9f:bf:
2e:a7:20:f0:ca:1a:72:c1:04:bf:19:39:50:e9:c6:
78:63:dd:bb:31:a8:10:c1:16:75:00:ce:49:c6:48:
18:7c:3e:82:43:34:06:28:36:aa:32:e1:5d:f3:8b:
1b:11:7a:6a:79:a4:4f:d0:52:a6:42:64:f0:2b:af:
50:67:12:4a:b5:29:ea:ee:09:62:34:77:bc:cc:29:
26:a0:2d:cf:1a:f0:4f:b7:4b:ee:3b:a0:38:a5:df:
96:37:e9:df:a5:41:06:63:ef:86:39:75:a5:57:7f:
0d:d8:9e:d6:e4:8e:4c:fd:c6:a9:59:39:da:ba:45:
c6:9a:ec:d3:9a:20:03:d8:2b:6c:9f:20:99:33:a3:
4a:b8:2a:72:cc:a0:c5:d8:0d:ce:83:83:b8:45:30:
05:03:67:d2:5a:d6:dd:28:53:39:3e:49:57:56:8b:
dd:ac:40:1d:41:94:82:c5:aa:bc:28:46:58:25:dc:
23:be:f4:7e:49:75:df:1a:21:37:be:3d:4e:58:7c:
a7:4d:cd:a7:29:35:83:f7:54:6c:a3:d8:9a:33:ea:
c4:ab:11:56:f1:25:52:92:a0:13:7a:04:c6:17:c4:
40:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6B:C6:7D:77:A9:54:46:04:36:0D:C7:D4:FA:49:27:6C:93:4D:92
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
1c:a8:48:65:9e:10:c1:4c:a2:03:04:70:9c:20:5c:37:e8:e1:
bc:43:77:81:2d:42:39:88:56:0c:80:4a:b5:10:41:42:70:bf:
96:63:10:3a:75:b1:5d:db:1e:4c:59:32:ac:f3:63:bb:99:bf:
50:9a:24:a8:8a:c1:e4:45:10:74:48:2a:a5:13:43:99:16:07:
14:67:06:42:d5:59:d3:49:0b:0f:c3:1d:9a:d0:12:62:c1:7e:
e6:48:4a:48:3f:f6:23:7c:b8:18:f9:5b:a3:ba:05:82:81:85:
42:20:69:96:22:f4:3a:fe:fa:2e:7c:aa:e7:e5:a5:bb:bc:90:
06:0f:06:81:3a:ec:51:79:fc:81:34:a6:72:29:50:8c:e0:c2:
5a:62:59:d1:48:00:e1:60:e3:4e:cf:a1:a8:36:24:0f:a1:2d:
59:40:97:7b:82:5c:34:3e:05:32:7c:3e:a3:d3:20:a7:c8:e9:
56:34:fa:20:fa:dd:d1:3c:d0:63:f1:42:6d:05:45:53:e4:2f:
ef:b2:3c:59:28:25:b7:9a:86:3d:ae:d1:4b:c8:89:7c:36:1f:
ec:6b:a3:18:b2:97:43:14:33:e6:e1:e6:09:02:f1:71:59:b1:
25:8c:28:84:60:55:7f:be:6e:05:0c:a5:0c:5c:b3:d7:8b:72:
de:ea:d8:dc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDxe2UkBdTqenFtDIMzjNpslP92MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YTg0M2FjY2Q2MzVlMjc5NzU0ZDIyYjk0ZTZlNWU3N2Q1OGE0NTNiZjcz
MDYzMzRkNTAwYjYzZTlhMzQ5MjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFojbZV1ClrOBfjaUEINhFiiKUzjynJJzzTFp+/Lqcg8MoacsEEvxk5UOnG
eGPduzGoEMEWdQDOScZIGHw+gkM0Big2qjLhXfOLGxF6anmkT9BSpkJk8CuvUGcS
SrUp6u4JYjR3vMwpJqAtzxrwT7dL7jugOKXfljfp36VBBmPvhjl1pVd/Ddie1uSO
TP3GqVk52rpFxprs05ogA9grbJ8gmTOjSrgqcsygxdgNzoODuEUwBQNn0lrW3ShT
OT5JV1aL3axAHUGUgsWqvChGWCXcI770fkl13xohN749Tlh8p03Npyk1g/dUbKPY
mjPqxKsRVvElUpKgE3oExhfEQHsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRga8Z9
d6lURgQ2DcfU+kknbJNNkjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAHKhIZZ4QwUyiAwRwnCBcN+jhvEN3gS1COYhWDIBK
tRBBQnC/lmMQOnWxXdseTFkyrPNju5m/UJokqIrB5EUQdEgqpRNDmRYHFGcGQtVZ
00kLD8MdmtASYsF+5khKSD/2I3y4GPlbo7oFgoGFQiBpliL0Ov76Lnyq5+Wlu7yQ
Bg8GgTrsUXn8gTSmcilQjODCWmJZ0UgA4WDjTs+hqDYkD6EtWUCXe4JcND4FMnw+
o9Mgp8jpVjT6IPrd0TzQY/FCbQVFU+Qv77I8WSglt5qGPa7RS8iJfDYf7GujGLKX
QxQz5uHmCQLxcVmxJYwohGBVf75uBQylDFyz14ty3urY3A==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org