Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
File: 1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa (raw, json)
Hash identifier: b0HpBm39S931A3tYvp5SKF22poWjHR096YZen2hUg98=
Subject key identifier: 6C:15:D7:39:C4:74:09:35:8F:45:D7:EC:4C:F9:85:9E:B6:64:B6:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2BB238C36185A5ECD7F62BCA036417243B06631E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:b2:38:c3:61:85:a5:ec:d7:f6:2b:ca:03:64:17:24:3b:06:63:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=74ce41ac261df60696214970bf26ce63275fc2e50f0c8dddbdbb96cd94dd085a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a4:33:b9:a2:ed:10:28:3e:be:cb:4f:be:56:
1a:97:cb:18:75:79:eb:58:0c:3c:d9:19:0a:ce:55:
69:ac:e4:9a:ed:9f:70:21:f4:70:72:df:ac:44:1d:
c4:5c:56:ac:76:04:0f:54:de:45:33:ec:cd:11:73:
09:b4:2b:44:0f:63:3f:b5:5f:b0:30:c6:8a:72:a0:
90:47:e0:21:f0:c6:9c:7e:f5:25:00:43:15:b7:51:
23:7d:50:25:47:b1:b7:aa:1f:b5:64:c8:fb:77:24:
2b:f1:e7:40:d2:d1:3f:53:10:c5:9d:4a:dd:cf:f5:
01:bc:e3:37:77:8d:da:73:0a:b9:64:4c:8c:cb:88:
e2:b8:19:09:50:56:b1:9c:29:e9:03:3a:5c:9e:a6:
ab:7d:2b:73:7b:7b:5b:cb:92:16:d8:e7:11:8a:e7:
68:be:a7:1d:31:04:68:1a:15:c6:44:dd:b0:f8:68:
65:da:59:eb:48:21:fe:e9:c7:1f:fd:e0:f4:1b:39:
9c:40:ed:a9:15:0c:ce:ef:d3:e5:72:d1:92:09:4e:
3e:96:c7:b1:a8:e4:33:4b:4f:da:92:48:eb:9b:e7:
e8:be:86:e2:50:7c:40:21:86:36:31:e4:a0:a1:37:
b1:ef:c6:3f:a0:3d:88:95:03:6d:2e:87:95:a7:47:
28:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:15:D7:39:C4:74:09:35:8F:45:D7:EC:4C:F9:85:9E:B6:64:B6:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:1c:4f:57:61:9f:46:ce:bd:14:ce:ca:ab:db:c2:53:be:4e:
71:a8:d1:52:5a:e1:a7:b9:46:17:cd:ec:bf:55:28:30:81:22:
8d:44:45:5f:ea:54:38:04:4b:30:b5:00:20:11:dd:51:ae:28:
a5:f7:30:4d:1d:f8:88:7b:40:ee:27:b4:5b:af:13:8a:e8:7a:
bc:10:c1:e8:b5:29:43:05:79:2d:ca:cb:b3:dd:97:d3:b0:16:
d4:e2:6f:5b:00:84:f2:fa:74:2f:1e:da:ed:44:b1:20:c0:06:
0d:f7:fa:bf:23:a4:2d:6a:ba:88:6a:dc:7c:36:22:ac:52:4e:
72:2d:0e:cc:8b:02:f4:a7:c8:fc:d0:04:a3:5b:2a:94:9c:5f:
65:81:2a:fe:69:20:e3:28:ae:2c:2c:1d:d9:a9:9a:93:03:7a:
ae:60:16:57:14:64:93:1d:89:0a:76:45:28:66:e5:a2:4e:00:
21:02:61:71:4b:1f:62:7f:04:ba:67:cd:4b:cd:af:36:1a:f5:
d6:01:86:9c:d3:38:69:00:5f:92:ac:15:19:c3:a1:c3:bd:fc:
74:1d:07:1e:82:15:e3:19:37:5c:b6:c5:cd:e1:54:e1:9f:8b:
e1:16:5c:ec:35:8b:a5:6d:b0:88:7d:c7:80:88:67:49:2e:9f:
bc:2b:e6:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK7I4w2GFpezX9ivKA2QXJDsGYx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0Y2U0MWFjMjYxZGY2MDY5NjIxNDk3MGJmMjZjZTYzMjc1ZmMyZTUwZjBj
OGRkZGJkYmI5NmNkOTRkZDA4NWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKikM7mi7RAoPr7LT75WGpfLGHV561gMPNkZCs5Vaazkmu2fcCH0cHLfrEQd
xFxWrHYED1TeRTPszRFzCbQrRA9jP7VfsDDGinKgkEfgIfDGnH71JQBDFbdRI31Q
JUext6oftWTI+3ckK/HnQNLRP1MQxZ1K3c/1AbzjN3eN2nMKuWRMjMuI4rgZCVBW
sZwp6QM6XJ6mq30rc3t7W8uSFtjnEYrnaL6nHTEEaBoVxkTdsPhoZdpZ60gh/unH
H/3g9Bs5nEDtqRUMzu/T5XLRkglOPpbHsajkM0tP2pJI65vn6L6G4lB8QCGGNjHk
oKE3se/GP6A9iJUDbS6HladHKBsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsFdc5
xHQJNY9F1+xM+YWetmS2/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWIzOWU5YTctNGYzZC00Y2ZjLTk3NWYtZDllYWNlZWQwZWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQDLHE9XYZ9Gzr0Uzsqr28JTvk5xqNFSWuGnuUYXzey/
VSgwgSKNREVf6lQ4BEswtQAgEd1Rriil9zBNHfiIe0DuJ7RbrxOK6Hq8EMHotSlD
BXktysuz3ZfTsBbU4m9bAITy+nQvHtrtRLEgwAYN9/q/I6QtarqIatx8NiKsUk5y
LQ7MiwL0p8j80ASjWyqUnF9lgSr+aSDjKK4sLB3ZqZqTA3quYBZXFGSTHYkKdkUo
ZuWiTgAhAmFxSx9ifwS6Z81Lza82GvXWAYac0zhpAF+SrBUZw6HDvfx0HQceghXj
GTdctsXN4VThn4vhFlzsNYulbbCIfceAiGdJLp+8K+ZP
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org