Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
File: e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa (raw, json)
Hash identifier: qgYmWGiHneMW43ZTCuoFt86P9R+BCLPGLuHE1buz5Fg=
Subject key identifier: 9D:FE:3D:C3:8B:4D:39:59:C5:FE:49:ED:90:CD:B8:07:90:8C:BD:9F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 674AC84E52D0C3F0928241925D392539C16DFDC5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1040::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:4a:c8:4e:52:d0:c3:f0:92:82:41:92:5d:39:25:39:c1:6d:fd:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=8503f6b0308fe3bfa636c70baf906d3513a0a696efe51fc8e2e41e9cf074f41a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b5:0d:1e:7d:f3:3a:0e:54:74:2f:7c:51:b7:
36:35:05:6b:38:dd:72:74:03:d6:b6:48:65:7c:55:
0a:3b:8f:c2:04:98:2d:aa:19:b4:d1:bb:0f:a4:69:
f7:3d:2e:ed:ea:57:57:18:e9:54:16:14:87:5c:b5:
0d:87:04:cb:6d:48:3b:1e:a9:e2:b8:09:bf:3f:d8:
7a:f2:ed:92:a8:34:ae:de:52:30:24:db:40:22:f3:
ca:14:c2:09:f3:a9:55:4e:ed:d4:07:e5:88:84:d7:
87:33:86:42:12:b5:98:fc:a8:46:73:1b:04:67:63:
86:96:b5:3a:c4:fa:1c:f7:82:9f:22:e9:cb:ad:c8:
a6:ef:df:a9:12:ee:7b:8a:89:23:99:95:03:d4:a5:
e4:0e:1a:65:db:eb:62:ef:b2:e5:60:dc:71:06:3e:
fe:c3:c6:06:d1:24:8e:7b:52:dc:30:4f:f8:0e:4a:
fb:6b:1c:cb:43:b3:4a:20:40:bf:00:30:77:ba:41:
c2:40:2a:0c:85:5a:9b:2d:c6:ca:e9:19:29:b3:a9:
d6:44:ed:89:a5:45:71:88:ce:88:8d:8b:b9:7b:cd:
45:34:61:61:42:34:60:92:52:bd:fd:05:3d:50:f5:
88:89:b5:d0:02:0b:d1:bb:60:d4:bb:26:c1:98:30:
cc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FE:3D:C3:8B:4D:39:59:C5:FE:49:ED:90:CD:B8:07:90:8C:BD:9F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0df42cc-1c70-4e5b-93da-3f66cef93a84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1040::/42
Signature Algorithm: sha256WithRSAEncryption
64:0e:ad:68:37:00:28:00:80:08:17:5f:e9:b7:ea:56:3a:35:
e6:e8:af:f5:6a:eb:6a:a4:92:7c:b6:1b:02:1b:9f:17:fa:7d:
ce:7f:00:42:06:20:67:45:5b:d6:27:4b:94:3a:9b:ad:24:8e:
b9:a8:c3:ef:c3:3d:fd:67:6b:23:52:af:77:a6:b0:0e:ff:72:
c8:fe:1b:cf:8a:fe:ce:6c:ac:03:be:fc:f0:53:01:de:7f:98:
f3:60:d6:18:cd:db:f1:ea:d6:94:7b:eb:77:db:f4:59:bc:4f:
0a:8f:39:16:93:26:45:84:7d:af:11:12:26:8f:4d:dd:c2:aa:
ac:04:70:ac:ab:ca:11:14:73:37:67:4e:c2:64:ef:99:f1:b3:
bc:48:a3:ef:8a:9a:d4:7d:9a:25:3f:d9:85:4c:a1:ea:3d:4c:
a3:10:71:96:98:28:00:9e:c0:fc:20:6a:f3:6d:96:d4:29:90:
e7:65:ab:56:11:5f:43:ba:a5:76:c2:9f:5e:d1:a2:31:4f:53:
a2:5d:9c:3f:26:2e:9a:01:9e:fb:25:fb:88:89:9d:55:9b:51:
12:1f:a9:20:16:bd:65:e7:c1:f1:4b:6e:ea:00:a0:f4:9e:2a:
de:58:f5:31:d9:ed:60:69:5d:cb:c6:ca:bb:e7:4d:2e:7a:57:
f2:4c:69:9f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ0rITlLQw/CSgkGSXTklOcFt/cUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MDNmNmIwMzA4ZmUzYmZhNjM2YzcwYmFmOTA2ZDM1MTNhMGE2OTZlZmU1
MWZjOGUyZTQxZTljZjA3NGY0MWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANC1DR598zoOVHQvfFG3NjUFazjdcnQD1rZIZXxVCjuPwgSYLaoZtNG7D6Rp
9z0u7epXVxjpVBYUh1y1DYcEy21IOx6p4rgJvz/YevLtkqg0rt5SMCTbQCLzyhTC
CfOpVU7t1AfliITXhzOGQhK1mPyoRnMbBGdjhpa1OsT6HPeCnyLpy63Ipu/fqRLu
e4qJI5mVA9Sl5A4aZdvrYu+y5WDccQY+/sPGBtEkjntS3DBP+A5K+2scy0OzSiBA
vwAwd7pBwkAqDIVamy3GyukZKbOp1kTtiaVFcYjOiI2LuXvNRTRhYUI0YJJSvf0F
PVD1iIm10AIL0btg1LsmwZgwzMkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSd/j3D
i005WcX+Se2QzbgHkIy9nzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTBkZjQyY2MtMWM3MC00ZTViLTkzZGEtM2Y2NmNlZjkzYTg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBioBBXgQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAZA6taDcAKACACBdf6bfqVjo15uiv9WrraqSS
fLYbAhufF/p9zn8AQgYgZ0Vb1idLlDqbrSSOuajD78M9/WdrI1Kvd6awDv9yyP4b
z4r+zmysA7788FMB3n+Y82DWGM3b8erWlHvrd9v0WbxPCo85FpMmRYR9rxESJo9N
3cKqrARwrKvKERRzN2dOwmTvmfGzvEij74qa1H2aJT/ZhUyh6j1MoxBxlpgoAJ7A
/CBq822W1CmQ52WrVhFfQ7qldsKfXtGiMU9Tol2cPyYumgGe+yX7iImdVZtREh+p
IBa9ZefB8Utu6gCg9J4q3lj1MdntYGldy8bKu+dNLnpX8kxpnw==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org