Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
File: 132c7518-dddd-4506-8c53-640411d8120f.roa (raw, json)
Hash identifier: 4xyqAUuiJ/9vsA7TY2OCl7XvUNH6fI3vQgsm/pxNhQs=
Subject key identifier: 3C:A6:45:6A:60:1A:61:B4:54:F7:92:5D:9B:CA:C8:F4:D3:63:25:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C630AA7F8CC7A2FAC93094E9C8106A4ABACD999
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:63:0a:a7:f8:cc:7a:2f:ac:93:09:4e:9c:81:06:a4:ab:ac:d9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=dbc82f34da3156d19c246c4cb482e8e5f90b6bc7d53439e1b848911aeb4ef27d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8a:6d:eb:79:ac:6f:81:89:1a:8c:e9:b9:09:
62:77:1c:f3:b3:84:37:64:fd:53:cb:3a:af:0b:e8:
15:f5:90:0d:73:a8:f7:e0:c5:8e:3b:7b:07:7d:19:
04:11:dd:2b:f1:1f:bf:b7:0b:20:2f:3a:cb:76:7b:
9d:fb:6b:13:44:1d:dc:ea:95:bd:3a:87:a8:87:54:
d3:60:97:9a:45:27:a4:59:c3:58:36:7d:95:4b:89:
ef:ef:71:e5:bf:eb:ed:5e:96:bd:ac:13:ac:93:bc:
f9:8e:82:cd:0d:8e:b8:a6:ff:c3:b5:89:f1:f9:56:
73:a9:d2:b2:5c:2b:80:e4:2f:bf:e2:f9:a7:7f:c7:
e5:65:38:70:73:26:47:5d:98:49:4c:4d:57:3d:ec:
d7:0d:b1:a8:d2:b5:b2:b2:17:cb:fa:e0:17:92:2e:
bc:4a:42:99:3e:76:c0:c0:a5:8d:e7:18:3d:91:a1:
82:93:30:a3:60:a9:6f:2b:26:0e:6c:63:d6:b5:48:
a5:0b:22:7e:73:be:95:3c:2b:c6:4e:da:76:f8:91:
16:3c:bd:88:d2:37:3e:00:1c:72:d0:9c:69:36:ef:
7f:52:be:db:52:c3:28:f5:08:89:a9:62:46:bd:74:
53:81:d9:9d:a0:93:53:f5:64:35:f9:7e:6f:6e:67:
8b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A6:45:6A:60:1A:61:B4:54:F7:92:5D:9B:CA:C8:F4:D3:63:25:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d2:47:8f:46:64:8c:17:06:a7:46:58:fe:e5:7c:fa:79:15:6f:
ec:22:50:db:29:dd:9c:01:ab:16:f7:e8:f8:4b:c7:b6:de:78:
7b:f1:ea:85:3d:61:57:bc:67:85:4e:00:31:f7:23:7b:40:fa:
39:07:57:21:54:04:54:9a:9e:9f:e0:1e:e0:7c:70:0a:92:7d:
bf:a1:52:c1:ee:1c:f6:ec:b1:73:09:5c:96:6a:08:42:f0:a3:
ec:3a:d6:82:a3:f6:a4:1b:2e:c5:01:92:a2:2d:b6:98:0a:d3:
79:8f:df:52:e2:3a:52:2f:fa:6d:1b:e5:0e:59:49:e4:5f:6a:
db:61:f7:af:7b:cd:f7:08:a6:1e:7f:60:82:81:7d:39:14:1e:
e9:3f:f8:45:73:3f:8d:ea:b3:4b:27:d9:8b:00:83:d8:ed:e3:
dd:c4:14:b3:dc:35:da:f6:1d:27:1d:9d:07:38:5b:e1:4e:71:
a6:3f:24:67:24:bb:25:a3:f2:2b:54:7b:c7:3a:28:2e:ac:6c:
b2:f7:df:90:a0:01:5a:aa:17:e6:2e:cc:11:46:4d:03:93:44:
fb:7d:74:2d:11:69:28:d8:4c:52:4e:02:83:16:3f:80:bb:99:
fc:9f:9b:9e:20:72:a8:a5:ac:2d:f5:40:2b:a6:51:43:c9:7e:
1c:7d:0a:1b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPGMKp/jMei+skwlOnIEGpKus2ZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiYzgyZjM0ZGEzMTU2ZDE5YzI0NmM0Y2I0ODJlOGU1ZjkwYjZiYzdkNTM0
MzllMWI4NDg5MTFhZWI0ZWYyN2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeKbet5rG+BiRqM6bkJYncc87OEN2T9U8s6rwvoFfWQDXOo9+DFjjt7B30Z
BBHdK/Efv7cLIC86y3Z7nftrE0Qd3OqVvTqHqIdU02CXmkUnpFnDWDZ9lUuJ7+9x
5b/r7V6WvawTrJO8+Y6CzQ2OuKb/w7WJ8flWc6nSslwrgOQvv+L5p3/H5WU4cHMm
R12YSUxNVz3s1w2xqNK1srIXy/rgF5IuvEpCmT52wMCljecYPZGhgpMwo2Cpbysm
Dmxj1rVIpQsifnO+lTwrxk7adviRFjy9iNI3PgAcctCcaTbvf1K+21LDKPUIiali
Rr10U4HZnaCTU/VkNfl+b25nizECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ8pkVq
YBphtFT3kl2bysj002MlwTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTMyYzc1MTgtZGRkZC00NTA2LThjNTMtNjQwNDExZDgxMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQDSR49GZIwXBqdGWP7lfPp5FW/sIlDbKd2cAasW9+j4
S8e23nh78eqFPWFXvGeFTgAx9yN7QPo5B1chVARUmp6f4B7gfHAKkn2/oVLB7hz2
7LFzCVyWaghC8KPsOtaCo/akGy7FAZKiLbaYCtN5j99S4jpSL/ptG+UOWUnkX2rb
Yfeve833CKYef2CCgX05FB7pP/hFcz+N6rNLJ9mLAIPY7ePdxBSz3DXa9h0nHZ0H
OFvhTnGmPyRnJLslo/IrVHvHOigurGyy99+QoAFaqhfmLswRRk0Dk0T7fXQtEWko
2ExSTgKDFj+Au5n8n5ueIHKopawt9UArplFDyX4cfQob
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org