Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
File: e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa (raw, json)
Hash identifier: 1KEKBlukxTfjyucdDQw90K8YGFYmBdVkY4q4TtdVIog=
Subject key identifier: 9E:CD:72:06:9B:EF:F9:A6:6B:98:5F:3A:B3:97:AA:BC:10:32:29:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44B86D9F2B0FF4A1EA0606B81FD8586041A0C6A7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:b8:6d:9f:2b:0f:f4:a1:ea:06:06:b8:1f:d8:58:60:41:a0:c6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=f34a554f4c84c64f8cef4a3de312a158f413f5c7e303e0473c8b17d9f55fa8b0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a2:4d:ce:67:b0:a2:af:bf:0f:67:cf:97:3c:
23:4e:ec:05:9e:76:c3:06:a1:4d:b9:2b:5d:6b:60:
55:3e:f1:e5:fc:26:7d:1d:45:d1:5b:bf:bd:80:98:
bf:6e:e6:8e:9d:db:11:4c:2a:de:8d:b5:b8:d9:6f:
1a:a3:4a:b4:b4:07:df:ce:10:eb:1b:dd:33:bb:48:
a6:d7:2d:87:73:d6:f8:db:81:8e:a8:c2:e4:51:99:
b7:c1:df:ff:4a:93:09:19:e1:21:f8:9f:4d:75:fe:
60:5b:ae:34:e6:ce:79:45:68:b2:4c:2a:fd:d3:f4:
7a:65:58:fe:0d:bd:8b:b1:e0:5c:38:07:9a:57:71:
d0:5b:09:89:f0:32:fc:5a:dc:35:9d:9f:6b:63:fa:
b8:a6:33:6d:46:56:98:a1:f0:e8:1f:70:16:7f:1c:
fb:88:13:6c:4b:16:fe:a6:9a:5e:c6:06:57:5c:7d:
93:be:26:0b:ae:ae:21:f0:26:45:8c:36:ac:88:ae:
1d:bf:b9:c2:ae:47:a9:c4:5e:8e:b5:4d:1e:c3:fb:
5e:e2:37:0f:21:11:fb:e5:56:63:db:54:a4:63:54:
e5:6a:73:ca:18:53:66:c5:0e:1c:3b:30:8f:1f:c0:
05:08:28:9b:5c:67:4c:bd:50:88:79:36:d3:fa:c9:
ee:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CD:72:06:9B:EF:F9:A6:6B:98:5F:3A:B3:97:AA:BC:10:32:29:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
26:09:d6:ff:67:12:43:bf:36:da:e0:2c:ff:41:e3:e2:b3:f3:
2f:de:7f:1c:79:bb:89:a9:64:5a:51:af:6d:66:1a:ec:28:e1:
fb:d8:06:40:d2:6c:dd:98:12:a3:c3:ef:4e:f4:a1:3e:c0:ff:
53:62:d7:5c:96:b8:07:6d:9a:cd:ea:63:2f:f5:df:57:9e:4a:
ac:c7:9d:a7:62:d4:5d:0d:01:6f:79:53:57:92:f0:eb:17:68:
1a:04:b8:a9:9f:5d:87:29:49:d6:00:fe:f0:bf:69:ba:68:39:
af:8f:48:d0:f0:04:39:69:5a:58:40:09:cf:c3:3c:2c:30:d6:
22:21:58:b6:65:90:b5:5a:07:0e:f4:96:9a:c2:0d:4d:d9:e5:
19:0c:4c:20:c0:1e:c4:10:36:58:0f:c7:ef:ff:7c:9d:1e:65:
20:cd:af:4e:f0:c4:bb:68:74:59:6f:11:b2:2e:ff:19:1a:3e:
d4:aa:65:11:ac:c2:99:36:fe:f2:45:0a:c3:a7:82:08:e3:ec:
ee:de:d7:44:0a:71:39:b9:9f:6c:e3:bc:7c:7b:5c:d1:71:77:
7b:cb:30:55:56:b0:08:6d:01:20:e7:18:ff:74:3a:48:05:7c:
dd:b9:9d:57:81:d0:1b:07:8f:ec:44:20:62:03:29:6a:75:c9:
3a:f9:90:ab
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURLhtnysP9KHqBga4H9hYYEGgxqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzNGE1NTRmNGM4NGM2NGY4Y2VmNGEzZGUzMTJhMTU4ZjQxM2Y1YzdlMzAz
ZTA0NzNjOGIxN2Q5ZjU1ZmE4YjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuiTc5nsKKvvw9nz5c8I07sBZ52wwahTbkrXWtgVT7x5fwmfR1F0Vu/vYCY
v27mjp3bEUwq3o21uNlvGqNKtLQH384Q6xvdM7tIptcth3PW+NuBjqjC5FGZt8Hf
/0qTCRnhIfifTXX+YFuuNObOeUVoskwq/dP0emVY/g29i7HgXDgHmldx0FsJifAy
/FrcNZ2fa2P6uKYzbUZWmKHw6B9wFn8c+4gTbEsW/qaaXsYGV1x9k74mC66uIfAm
RYw2rIiuHb+5wq5HqcRejrVNHsP7XuI3DyER++VWY9tUpGNU5WpzyhhTZsUOHDsw
jx/ABQgom1xnTL1QiHk20/rJ7gUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSezXIG
m+/5pmuYXzqzl6q8EDIpkTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTE4YmE3NGQtZTQ2Yi00YmRjLWFkYTktZTlhOTA3MmUwNjI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQAmCdb/ZxJDvzba4Cz/QePis/Mv3n8cebuJqWRaUa9t
ZhrsKOH72AZA0mzdmBKjw+9O9KE+wP9TYtdclrgHbZrN6mMv9d9Xnkqsx52nYtRd
DQFveVNXkvDrF2gaBLipn12HKUnWAP7wv2m6aDmvj0jQ8AQ5aVpYQAnPwzwsMNYi
IVi2ZZC1WgcO9Jaawg1N2eUZDEwgwB7EEDZYD8fv/3ydHmUgza9O8MS7aHRZbxGy
Lv8ZGj7UqmURrMKZNv7yRQrDp4II4+zu3tdECnE5uZ9s47x8e1zRcXd7yzBVVrAI
bQEg5xj/dDpIBXzduZ1XgdAbB4/sRCBiAylqdck6+ZCr
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org