Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
File: 1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa (raw, json)
Hash identifier: YCzsfYJ8jN0it+PeAnYBV3OSkAiwfORPSk0Q0C3RwKU=
Subject key identifier: 08:31:4D:F5:79:35:1A:DF:A8:6A:06:53:F8:91:1F:57:0A:E0:19:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B563861D116E6781F0A3E159B3F80C8671343C9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:56:38:61:d1:16:e6:78:1f:0a:3e:15:9b:3f:80:c8:67:13:43:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=913c808ee0afc476dabadd0132a34deb5f263d7000e92f762f67f0927cc57893, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e7:98:16:71:a5:45:01:53:21:df:57:2b:cf:
2f:2a:57:ba:f2:df:23:a2:4b:ab:63:34:44:f5:1c:
a9:c4:c1:6d:6a:f8:c6:27:a0:d0:33:c9:cd:aa:17:
5f:52:8a:b8:7f:c3:af:67:ba:80:40:a4:1a:b5:bf:
5d:94:a3:78:c7:29:fd:df:20:23:46:60:87:40:6b:
a1:94:3d:81:4d:ca:34:18:3e:ae:b0:3a:97:c7:d7:
38:ee:20:56:40:be:e5:ab:14:d3:49:b6:2c:df:5a:
f1:9e:40:ba:7c:f0:b2:8f:fa:a0:d3:1c:b3:f4:34:
8a:4e:4f:74:35:50:2e:6f:8a:0e:02:26:dd:c2:95:
49:c4:22:30:2d:9f:d7:76:82:5a:d0:4c:4a:0c:3f:
96:37:83:25:56:c3:d8:70:54:ee:46:2e:cd:1d:85:
dc:3f:ac:bd:88:0f:a3:75:56:6a:93:45:d5:26:93:
ab:77:3a:a7:ee:a9:16:66:79:d4:a4:57:2e:83:8d:
90:30:1c:28:1f:40:8c:d0:68:a0:35:f1:a0:7b:13:
a4:81:6b:0f:07:2b:88:29:b8:f2:23:c9:d3:56:40:
3b:93:22:5b:a8:ff:fa:8b:7a:6e:90:9d:29:d1:97:
1b:36:59:ee:dc:31:12:29:ea:4c:3d:24:a3:69:05:
bc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:31:4D:F5:79:35:1A:DF:A8:6A:06:53:F8:91:1F:57:0A:E0:19:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:24:fc:d8:f2:48:fe:df:c1:bd:2f:f8:80:0f:f4:0c:83:ab:
e0:9a:69:2c:ac:41:59:c2:eb:e1:8c:8c:a2:5c:20:61:df:c0:
8f:4e:1e:25:62:0e:b1:a1:15:26:3e:35:34:66:1d:ef:da:be:
89:1c:d7:74:a6:b5:8a:8c:78:7a:f2:d8:65:00:ca:d5:f2:77:
25:f5:b8:d9:98:8f:75:25:ca:a4:6b:4b:0e:06:2e:2a:9e:96:
6d:ae:95:1d:51:ac:42:0c:65:0a:41:41:1e:f4:7c:36:85:f5:
8e:c6:8f:a4:73:d1:7f:d8:7e:94:4b:72:5e:1a:23:6e:8a:bf:
5d:75:bf:32:a0:7b:5d:93:75:d6:77:4a:7c:52:03:09:92:d5:
6e:76:8c:76:31:2f:59:ab:82:25:f0:d5:42:7b:14:21:95:a6:
85:37:81:0e:b7:1e:a6:6b:b9:39:e0:b6:56:e6:3f:e9:f0:cf:
56:74:8c:67:e9:2c:f9:32:76:89:b9:2e:c2:bb:95:f9:12:dd:
67:de:f6:08:65:d1:20:39:fd:fe:8e:03:3d:fd:a5:51:d0:5b:
53:cd:9e:8d:e5:bb:65:e2:7c:9f:89:50:1d:f4:cc:2b:43:cb:
b4:4b:7d:b8:c3:5f:d1:ef:fd:25:b1:8c:cd:72:0e:bd:75:04:
f9:a6:fd:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe1Y4YdEW5ngfCj4Vmz+AyGcTQ8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxM2M4MDhlZTBhZmM0NzZkYWJhZGQwMTMyYTM0ZGViNWYyNjNkNzAwMGU5
MmY3NjJmNjdmMDkyN2NjNTc4OTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALznmBZxpUUBUyHfVyvPLypXuvLfI6JLq2M0RPUcqcTBbWr4xieg0DPJzaoX
X1KKuH/Dr2e6gECkGrW/XZSjeMcp/d8gI0Zgh0BroZQ9gU3KNBg+rrA6l8fXOO4g
VkC+5asU00m2LN9a8Z5Aunzwso/6oNMcs/Q0ik5PdDVQLm+KDgIm3cKVScQiMC2f
13aCWtBMSgw/ljeDJVbD2HBU7kYuzR2F3D+svYgPo3VWapNF1SaTq3c6p+6pFmZ5
1KRXLoONkDAcKB9AjNBooDXxoHsTpIFrDwcriCm48iPJ01ZAO5MiW6j/+ot6bpCd
KdGXGzZZ7twxEinqTD0ko2kFvJ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQIMU31
eTUa36hqBlP4kR9XCuAZTDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTAzNGExMGYtMjlhZC00M2Q1LTlkNjItYWJmYTM5M2NiMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2JPzY8kj+38G9L/iAD/QMg6vgmmksrEFZwuvhjIyi
XCBh38CPTh4lYg6xoRUmPjU0Zh3v2r6JHNd0prWKjHh68thlAMrV8ncl9bjZmI91
Jcqka0sOBi4qnpZtrpUdUaxCDGUKQUEe9Hw2hfWOxo+kc9F/2H6US3JeGiNuir9d
db8yoHtdk3XWd0p8UgMJktVudox2MS9Zq4Il8NVCexQhlaaFN4EOtx6ma7k54LZW
5j/p8M9WdIxn6Sz5MnaJuS7Cu5X5Et1n3vYIZdEgOf3+jgM9/aVR0FtTzZ6N5btl
4nyfiVAd9MwrQ8u0S324w1/R7/0lsYzNcg69dQT5pv1Z
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org