Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
File: 24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa (raw, json)
Hash identifier: +U3gGcsZMKEMCMPdw52nMQg2Nwr8pEPc+bBA++qgk7E=
Subject key identifier: FF:D7:6B:51:B3:83:EE:EB:CA:2C:FC:F4:24:3E:57:21:D4:E8:CD:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 752C6966E63D769BFC4C4E93C962BFE5362CD80C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:2c:69:66:e6:3d:76:9b:fc:4c:4e:93:c9:62:bf:e5:36:2c:d8:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=49dfad4a2bf8b0698d75281867009a2f8b2c72a731a012e52181aec8ae9ec346, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0a:00:50:43:1a:70:d7:6a:db:62:4b:4d:b7:
12:b3:ce:d7:0a:e4:13:09:d2:8e:31:c4:89:56:2d:
89:52:25:0a:28:9c:bc:c8:0b:cb:67:ce:3e:ee:27:
f8:7c:67:de:d9:f4:e6:20:e3:a7:99:77:43:a7:8f:
c6:d8:4e:0e:ed:24:f5:52:4f:6d:d4:49:c6:3e:39:
c3:13:09:b0:84:2b:25:9d:f1:13:f3:fd:9c:cd:a6:
8e:2a:3f:a9:a3:cd:ad:56:d7:70:83:f1:af:cc:6a:
8d:44:4e:56:22:a8:86:f7:64:df:8b:c8:9f:81:e0:
85:d7:2e:15:7b:83:4a:fc:7d:35:9a:1a:8d:b2:31:
39:6f:af:e5:e0:00:84:a2:ef:70:fc:61:5d:68:49:
32:73:4b:e0:a2:08:cd:bc:06:37:d4:8a:54:a6:fc:
bb:c5:bd:fb:a3:6d:11:85:4e:14:7e:36:ac:05:10:
f9:7f:ba:52:a7:db:43:69:68:2a:9a:b8:33:2f:f0:
fa:00:44:2d:c9:11:95:65:0a:9a:0a:a0:2c:4c:ca:
48:b6:38:42:f0:8f:74:ce:bc:d4:e4:84:c0:27:57:
01:65:28:c6:68:fe:c9:7d:2d:a8:b1:9e:33:02:27:
bc:bc:80:fb:99:c0:cd:61:6d:10:99:1a:98:55:7c:
2f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:D7:6B:51:B3:83:EE:EB:CA:2C:FC:F4:24:3E:57:21:D4:E8:CD:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
d1:19:bc:79:bf:96:1a:db:9a:76:74:99:82:4d:ce:43:8f:24:
80:c4:a6:b3:ac:29:e2:ef:64:7f:36:de:a9:d2:4f:2f:49:e1:
77:77:50:b9:40:ac:de:67:5a:37:98:52:22:ad:2e:37:b3:8e:
87:3e:02:e0:77:23:06:bd:ec:5d:e8:e1:0d:5e:c3:3d:cf:c0:
2b:2a:ee:e8:8f:c5:78:ac:b2:e5:58:13:2e:54:4a:45:0b:39:
2f:02:7d:32:e7:ef:bd:e8:dd:d4:77:34:65:41:51:7d:b4:15:
68:3d:19:13:5d:22:ba:39:e1:67:e9:5a:5e:3e:e5:95:98:7e:
d8:c2:c1:87:1e:e1:58:ac:77:ba:1c:14:28:ec:03:aa:40:c9:
6a:4b:eb:6b:9c:1d:d5:35:6d:bb:d1:21:a5:ac:8c:2e:80:58:
37:db:24:69:0c:96:11:a0:5f:2b:16:d8:5c:34:da:1c:1d:35:
c7:54:0a:b6:52:3b:da:cb:04:52:51:b3:46:53:20:58:96:b3:
80:14:a9:fd:05:de:46:44:21:b9:95:89:bf:0e:6e:70:e2:27:
b3:1a:30:0c:f5:ff:5f:15:79:95:2b:ce:8d:5d:07:59:05:f7:
b3:76:3a:21:da:d3:df:ac:61:26:8f:be:74:48:31:0a:91:b5:
35:7e:d0:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdSxpZuY9dpv8TE6TyWK/5TYs2AwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ZGZhZDRhMmJmOGIwNjk4ZDc1MjgxODY3MDA5YTJmOGIyYzcyYTczMWEw
MTJlNTIxODFhZWM4YWU5ZWMzNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIoKAFBDGnDXattiS023ErPO1wrkEwnSjjHEiVYtiVIlCiicvMgLy2fOPu4n
+Hxn3tn05iDjp5l3Q6ePxthODu0k9VJPbdRJxj45wxMJsIQrJZ3xE/P9nM2mjio/
qaPNrVbXcIPxr8xqjUROViKohvdk34vIn4HghdcuFXuDSvx9NZoajbIxOW+v5eAA
hKLvcPxhXWhJMnNL4KIIzbwGN9SKVKb8u8W9+6NtEYVOFH42rAUQ+X+6UqfbQ2lo
Kpq4My/w+gBELckRlWUKmgqgLEzKSLY4QvCPdM681OSEwCdXAWUoxmj+yX0tqLGe
MwInvLyA+5nAzWFtEJkamFV8L9kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/12tR
s4Pu68os/PQkPlch1OjN2DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjRjNjNiOTctNWI1ZS00NDlkLWI4NmItN2U5ZTUzYjE4MmJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQDRGbx5v5Ya25p2dJmCTc5DjySAxKazrCni72R/Nt6p
0k8vSeF3d1C5QKzeZ1o3mFIirS43s46HPgLgdyMGvexd6OENXsM9z8ArKu7oj8V4
rLLlWBMuVEpFCzkvAn0y5++96N3UdzRlQVF9tBVoPRkTXSK6OeFn6VpePuWVmH7Y
wsGHHuFYrHe6HBQo7AOqQMlqS+trnB3VNW270SGlrIwugFg32yRpDJYRoF8rFthc
NNocHTXHVAq2UjvaywRSUbNGUyBYlrOAFKn9Bd5GRCG5lYm/Dm5w4iezGjAM9f9f
FXmVK86NXQdZBfezdjoh2tPfrGEmj750SDEKkbU1ftAn
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org