Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: qFGJYpxw81OTvboTpOEY5gUM1wHnfC/w25ZWjn7vGlk=
Subject key identifier: D5:BB:D1:90:F4:62:77:60:D1:32:2A:E8:02:AE:A0:02:14:1B:90:70
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4ADD760D4C41F9C0B3A18A6A99C69A0183629212
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:dd:76:0d:4c:41:f9:c0:b3:a1:8a:6a:99:c6:9a:01:83:62:92:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=5b2b6eb0ddc4ec505d9476066a687b0075e7ffd3a65939e045bf1b0e4998e751, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2b:06:75:5e:1a:b4:a5:16:18:41:6f:ba:da:
d5:3c:6c:30:f8:c9:96:7c:13:60:47:1c:12:5c:c7:
ff:68:c0:4c:55:68:e2:d2:35:ca:33:d0:ac:d3:8c:
b7:e0:d8:00:2c:93:1c:2d:82:39:26:ac:e3:dc:a3:
de:4e:52:25:df:93:46:e9:9f:d5:41:fa:8b:e5:1f:
01:9c:4b:d5:f2:87:de:c6:0e:e2:27:64:34:09:c9:
16:6e:b3:14:c9:f6:8c:16:ce:fa:12:1b:7f:ac:f5:
be:8a:30:c8:97:17:49:33:b7:a5:8a:02:8e:42:37:
36:99:b5:32:49:9f:de:50:b7:28:86:67:42:9a:02:
70:40:f9:73:95:97:a7:d4:90:aa:4a:1e:e9:fb:94:
fb:e4:41:e4:2c:fe:12:fa:84:ee:04:ea:7e:2d:f4:
2d:a5:29:00:fd:61:72:68:bd:26:ec:8a:68:91:ac:
28:5d:14:43:8f:94:1b:02:ad:42:75:7f:83:9d:62:
f5:fc:de:4d:dd:e7:5b:69:32:0a:6a:92:40:8c:a6:
86:5c:e6:1a:6b:a2:73:74:ea:00:ed:bb:65:0b:fe:
ec:cb:a5:a6:69:a0:71:dd:ce:c3:2d:ce:f4:4d:eb:
48:bd:12:21:60:26:19:35:71:cd:60:40:34:11:65:
35:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BB:D1:90:F4:62:77:60:D1:32:2A:E8:02:AE:A0:02:14:1B:90:70
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:79:56:00:ae:9d:50:80:bf:68:12:0e:e9:36:28:d8:64:b8:
ea:26:ea:16:0e:0e:f5:51:cd:e5:03:44:c9:4b:f4:cc:15:60:
6c:4a:e6:2b:a0:6e:5f:ae:c3:25:56:d4:80:2d:6e:41:23:f4:
4a:21:6e:28:a5:d7:1e:78:9b:28:42:d6:85:6b:4e:50:96:0c:
e1:30:54:02:43:ab:4b:d9:b0:bc:3b:6b:57:f7:a5:26:cf:c2:
f0:04:1a:bd:b2:b2:b5:dc:9a:9f:5a:fd:03:be:92:b8:59:ba:
83:4d:b9:5f:ad:84:93:f4:23:36:36:50:e0:81:24:28:ce:fd:
53:e2:ba:71:d2:20:4a:19:96:e7:a4:84:64:bf:e5:c5:c1:89:
2f:0f:26:16:9d:1e:ae:cb:e6:c4:da:63:c5:37:4f:9c:5e:3f:
17:a4:c2:ab:99:7c:6f:69:cd:84:f9:c6:df:60:d8:45:ed:78:
8f:03:42:c4:c2:4b:5f:c6:1c:98:62:28:c3:ff:ea:39:32:30:
52:20:12:6c:e0:5b:eb:b8:7b:36:09:d8:69:c4:e6:5e:b4:b0:
a9:b6:b1:d7:53:7d:b5:f4:13:7a:94:4d:a7:d2:d8:5b:d5:3b:
a9:49:05:80:00:dc:21:69:e8:28:f5:75:f4:7c:ab:56:db:66:
7a:7f:7c:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSt12DUxB+cCzoYpqmcaaAYNikhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMmI2ZWIwZGRjNGVjNTA1ZDk0NzYwNjZhNjg3YjAwNzVlN2ZmZDNhNjU5
MzllMDQ1YmYxYjBlNDk5OGU3NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcrBnVeGrSlFhhBb7ra1TxsMPjJlnwTYEccElzH/2jATFVo4tI1yjPQrNOM
t+DYACyTHC2COSas49yj3k5SJd+TRumf1UH6i+UfAZxL1fKH3sYO4idkNAnJFm6z
FMn2jBbO+hIbf6z1voowyJcXSTO3pYoCjkI3Npm1Mkmf3lC3KIZnQpoCcED5c5WX
p9SQqkoe6fuU++RB5Cz+EvqE7gTqfi30LaUpAP1hcmi9JuyKaJGsKF0UQ4+UGwKt
QnV/g51i9fzeTd3nW2kyCmqSQIymhlzmGmuic3TqAO27ZQv+7Mulpmmgcd3Owy3O
9E3rSL0SIWAmGTVxzWBANBFlNb0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTVu9GQ
9GJ3YNEyKugCrqACFBuQcDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQBdeVYArp1QgL9oEg7pNijYZLjqJuoWDg71Uc3lA0TJ
S/TMFWBsSuYroG5frsMlVtSALW5BI/RKIW4opdceeJsoQtaFa05QlgzhMFQCQ6tL
2bC8O2tX96Umz8LwBBq9srK13JqfWv0DvpK4WbqDTblfrYST9CM2NlDggSQozv1T
4rpx0iBKGZbnpIRkv+XFwYkvDyYWnR6uy+bE2mPFN0+cXj8XpMKrmXxvac2E+cbf
YNhF7XiPA0LEwktfxhyYYijD/+o5MjBSIBJs4FvruHs2CdhpxOZetLCptrHXU321
9BN6lE2n0thb1TupSQWAANwhaego9XX0fKtW22Z6f3xd
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org