Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
File: 1988904e-7fdf-4bdf-b594-825eb95caf68.roa (raw, json)
Hash identifier: BaM+8gsfReG5Fe6GLlnarOzAedpHX76DyKI01+q420Y=
Subject key identifier: 21:61:1F:7E:60:0E:1A:94:B7:A4:EB:28:AB:E5:0B:38:C6:89:A4:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 039CEB7296AA3F43E3EE781A9B02B1CE6AF47C1A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:9c:eb:72:96:aa:3f:43:e3:ee:78:1a:9b:02:b1:ce:6a:f4:7c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=9550520a8356008a777a69d91b478da9afc0cd489696108a87e129d45ae14231, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c0:01:42:24:b6:77:49:9b:fe:fb:cd:f7:b2:
15:98:9d:61:48:7d:26:f8:44:e9:70:2d:de:28:84:
64:13:ff:65:d9:9e:ff:10:91:82:9b:0b:61:e5:e6:
df:05:14:e3:e0:dc:df:5e:48:59:cc:08:e5:8a:dc:
30:37:27:ff:29:b5:d3:fd:6e:44:0d:cd:24:ef:15:
ac:08:0f:5d:be:ff:6a:7c:1f:db:46:39:5f:48:4c:
b4:20:8c:21:8d:1c:40:da:55:08:4f:47:ec:d2:93:
e7:84:fa:10:4f:26:d5:11:7c:d7:cc:fc:2c:26:59:
36:de:26:40:65:7f:ac:4d:c4:24:94:27:fb:61:5c:
e7:3a:89:62:e2:5e:f8:a8:c7:ba:37:c5:4e:74:62:
32:47:52:83:fc:fc:e1:71:d0:2f:e9:24:a6:91:aa:
fa:3f:37:ad:93:da:33:48:63:ce:55:49:b1:95:7e:
86:36:66:a6:f1:cf:4d:b6:a7:b0:0b:7f:0c:01:59:
4d:68:e3:8d:19:fd:cb:8b:98:0c:02:77:94:dc:08:
18:6f:ef:fe:04:da:d2:10:59:cf:15:98:b5:67:8b:
62:6d:2d:f9:dd:bb:f0:4d:f9:71:33:7b:1e:3d:85:
b3:58:ab:25:ec:96:27:a8:ff:f6:96:a9:a0:76:77:
bc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:61:1F:7E:60:0E:1A:94:B7:A4:EB:28:AB:E5:0B:38:C6:89:A4:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9c:18:35:53:a4:bd:19:fc:cc:d5:1b:3b:ba:f3:e5:bb:3d:ce:
d5:e0:2f:80:8f:d4:b8:80:07:f0:4b:b0:de:19:87:24:e7:21:
b3:d4:05:74:86:d8:df:a8:7b:95:c8:5b:a5:73:b0:3a:bf:95:
7c:68:be:4a:48:14:ee:92:71:5e:74:54:df:57:03:dc:4f:31:
9d:52:f0:53:09:39:01:74:cb:59:72:f4:fa:8c:7f:f1:4d:6b:
70:8e:d8:ac:84:ab:27:8f:b7:4b:5a:18:15:af:b8:3b:2a:53:
b0:e0:fc:b8:2b:ca:91:e5:7d:16:35:26:fa:d3:87:4e:98:0d:
aa:36:71:a9:7e:b7:f4:13:be:e8:33:62:b1:d2:e3:b9:66:69:
25:91:ef:23:1b:68:77:ac:9a:05:20:5f:cb:97:cb:b8:71:d0:
28:bf:9f:60:72:e0:b4:13:bf:51:4f:ff:42:84:e1:c0:47:89:
a6:f2:70:53:0f:8a:26:ad:b4:5a:a4:97:4b:d1:dd:99:87:f3:
f5:00:d3:c0:61:b1:10:04:75:5b:bf:b0:00:04:1e:dd:d2:76:
49:d1:8a:b4:79:26:08:e1:bd:a4:11:f5:d4:d8:19:2a:b1:63:
07:3f:d2:7b:2c:28:47:9f:07:88:71:07:29:fd:65:f2:28:64:
4a:bb:c7:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA5zrcpaqP0Pj7ngamwKxzmr0fBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1NTA1MjBhODM1NjAwOGE3NzdhNjlkOTFiNDc4ZGE5YWZjMGNkNDg5Njk2
MTA4YTg3ZTEyOWQ0NWFlMTQyMzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTAAUIktndJm/77zfeyFZidYUh9JvhE6XAt3iiEZBP/Zdme/xCRgpsLYeXm
3wUU4+Dc315IWcwI5YrcMDcn/ym10/1uRA3NJO8VrAgPXb7/anwf20Y5X0hMtCCM
IY0cQNpVCE9H7NKT54T6EE8m1RF818z8LCZZNt4mQGV/rE3EJJQn+2Fc5zqJYuJe
+KjHujfFTnRiMkdSg/z84XHQL+kkppGq+j83rZPaM0hjzlVJsZV+hjZmpvHPTban
sAt/DAFZTWjjjRn9y4uYDAJ3lNwIGG/v/gTa0hBZzxWYtWeLYm0t+d278E35cTN7
Hj2Fs1irJeyWJ6j/9papoHZ3vB8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQhYR9+
YA4alLek6yir5Qs4xomkXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTk4ODkwNGUtN2ZkZi00YmRmLWI1OTQtODI1ZWI5NWNhZjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQCcGDVTpL0Z/MzVGzu68+W7Pc7V4C+Aj9S4gAfwS7De
GYck5yGz1AV0htjfqHuVyFulc7A6v5V8aL5KSBTuknFedFTfVwPcTzGdUvBTCTkB
dMtZcvT6jH/xTWtwjtishKsnj7dLWhgVr7g7KlOw4Py4K8qR5X0WNSb604dOmA2q
NnGpfrf0E77oM2Kx0uO5Zmklke8jG2h3rJoFIF/Ll8u4cdAov59gcuC0E79RT/9C
hOHAR4mm8nBTD4omrbRapJdL0d2Zh/P1ANPAYbEQBHVbv7AABB7d0nZJ0Yq0eSYI
4b2kEfXU2BkqsWMHP9J7LChHnweIcQcp/WXyKGRKu8fK
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org