Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa
File: d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa (raw, json)
Hash identifier: TN6KxQa8MobwVh99kd6PJDQHQD+ge9tOeooUD3amlEw=
Subject key identifier: 7A:E7:49:F6:3C:49:F1:C1:CC:38:1F:B9:93:50:5E:A8:69:42:A3:A6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22F88B9EB06DDD08A83BB53AFA51D29D0DE505CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:f8:8b:9e:b0:6d:dd:08:a8:3b:b5:3a:fa:51:d2:9d:0d:e5:05:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2822ce96b2136b2e5cda07c88c53921eee0c15b65cd2c8b857e74316f4f544df, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6b:e6:13:50:f7:5c:d5:ab:6a:0f:ee:8b:be:
52:ba:a9:22:29:7d:10:10:23:27:f1:20:7f:5f:55:
fd:18:22:8d:be:cb:e3:b4:77:65:cc:08:dd:89:1d:
9f:31:52:8a:ca:97:f2:a4:3a:d6:6d:31:ec:87:ea:
63:4e:5c:a5:49:0c:2b:1a:f4:b7:28:68:14:d9:27:
49:81:a5:cc:e1:60:e7:54:71:bf:a4:b7:25:61:89:
09:0d:06:e4:b0:e3:55:1b:c6:8f:a7:10:c9:c6:95:
17:10:10:f1:3f:d2:e7:2e:36:e7:6f:64:88:da:66:
1b:c8:5e:ec:1c:83:ae:8f:ef:5e:4a:82:f0:7d:51:
c6:21:47:42:37:e3:1a:22:f4:74:23:88:47:53:e5:
ae:0a:0c:92:94:ad:2e:e0:61:46:82:a7:31:f5:07:
79:36:0a:1c:ff:fb:d0:f2:69:dc:9e:8e:ad:be:18:
53:51:4f:c1:98:5e:fc:21:48:c0:07:51:b4:2b:4e:
62:bd:a3:e4:1e:2c:74:94:5b:e5:f3:da:07:7e:c1:
5c:79:14:03:4a:c1:03:9e:cf:53:0d:0d:7f:56:4c:
b7:f4:eb:a0:bf:49:8c:f8:15:a6:67:82:9f:4a:4a:
b1:38:db:0c:7f:9a:aa:3e:6c:2e:db:a0:f2:fe:b0:
65:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E7:49:F6:3C:49:F1:C1:CC:38:1F:B9:93:50:5E:A8:69:42:A3:A6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d6f6ca40-e3d8-439c-81a4-b2c7fd862c09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/36
Signature Algorithm: sha256WithRSAEncryption
88:ac:3d:3b:91:c5:6d:d8:6b:74:d7:52:fd:07:b8:b6:55:e1:
1d:91:fb:87:c5:57:46:75:76:e6:b3:35:29:20:4c:70:c7:8d:
17:df:8c:af:ab:14:45:7f:f6:4b:b4:51:3f:53:f7:a0:b7:b1:
c9:d8:d2:ae:cb:b2:07:db:70:1c:68:61:f7:31:13:fb:51:4c:
d6:fa:d4:98:ae:37:98:51:b9:78:4e:b1:90:24:b8:15:85:b0:
6b:85:af:6f:6a:22:a1:72:8a:9a:34:bf:e9:1d:89:e4:4f:7d:
6a:41:4d:b6:1a:a4:72:09:73:c1:1c:33:73:46:a2:81:44:9c:
3f:2d:d4:bb:f2:dc:9e:45:f8:b1:79:0a:a3:9a:7b:24:c3:b8:
7a:64:8e:15:de:31:db:b9:28:e4:c1:4c:e8:7a:0e:54:38:53:
3a:90:73:90:7a:72:92:6e:d2:cd:79:84:42:a7:f2:ee:4c:13:
df:5f:d8:56:4f:34:aa:d0:62:76:bd:ae:79:db:08:45:1a:ac:
3a:e3:2b:fc:82:f9:26:67:d6:b7:c6:e9:7f:05:2f:72:ec:38:
00:ec:b2:2f:3a:c1:6b:61:b9:01:6e:31:6b:ab:60:ec:30:ae:
e7:22:14:99:66:16:13:b9:cb:8e:fd:d5:f4:b6:92:e8:2f:4c:
63:12:43:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIviLnrBt3QioO7U6+lHSnQ3lBc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MjJjZTk2YjIxMzZiMmU1Y2RhMDdjODhjNTM5MjFlZWUwYzE1YjY1Y2Qy
YzhiODU3ZTc0MzE2ZjRmNTQ0ZGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNr5hNQ91zVq2oP7ou+UrqpIil9EBAjJ/Egf19V/Rgijb7L47R3ZcwI3Ykd
nzFSisqX8qQ61m0x7IfqY05cpUkMKxr0tyhoFNknSYGlzOFg51Rxv6S3JWGJCQ0G
5LDjVRvGj6cQycaVFxAQ8T/S5y42529kiNpmG8he7ByDro/vXkqC8H1RxiFHQjfj
GiL0dCOIR1PlrgoMkpStLuBhRoKnMfUHeTYKHP/70PJp3J6Orb4YU1FPwZhe/CFI
wAdRtCtOYr2j5B4sdJRb5fPaB37BXHkUA0rBA57PUw0Nf1ZMt/TroL9JjPgVpmeC
n0pKsTjbDH+aqj5sLtug8v6wZfcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR650n2
PEnxwcw4H7mTUF6oaUKjpjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDZmNmNhNDAtZTNkOC00MzljLTgxYTQtYjJjN2ZkODYyYzA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoBBXgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCIrD07kcVt2Gt011L9B7i2VeEdkfuHxVdGdXbm
szUpIExwx40X34yvqxRFf/ZLtFE/U/egt7HJ2NKuy7IH23AcaGH3MRP7UUzW+tSY
rjeYUbl4TrGQJLgVhbBrha9vaiKhcoqaNL/pHYnkT31qQU22GqRyCXPBHDNzRqKB
RJw/LdS78tyeRfixeQqjmnskw7h6ZI4V3jHbuSjkwUzoeg5UOFM6kHOQenKSbtLN
eYRCp/LuTBPfX9hWTzSq0GJ2va552whFGqw64yv8gvkmZ9a3xul/BS9y7DgA7LIv
OsFrYbkBbjFrq2DsMK7nIhSZZhYTucuO/dX0tpLoL0xjEkNa
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org