Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
File: 2d0b0f83-8102-46aa-aad9-aae539204639.roa (raw, json)
Hash identifier: 3iQFxQKsSemVNlPCaaKJo2QeFGCxDIuQBI5xPWlG+As=
Subject key identifier: FA:85:21:95:45:5A:C3:F9:4D:03:54:7E:6E:3E:9F:BD:CE:55:61:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64DD7DFDFAEAFB2FB3FBB8551E01AB923607FDC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:dd:7d:fd:fa:ea:fb:2f:b3:fb:b8:55:1e:01:ab:92:36:07:fd:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=b9c4a958db765bf39dd0615c39289c2f3a2b05c0b18be94c33bc09f267004910, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:02:b2:30:6d:7e:1f:f2:bc:d8:31:c5:08:
fd:db:6c:f0:98:8a:81:ab:00:0f:37:24:1f:65:d7:
86:d2:e4:b9:e5:27:25:f9:3e:3e:dd:6f:00:ab:a2:
11:a2:96:bc:1d:a7:c0:e4:71:c2:bd:d5:cb:46:3a:
69:1d:3b:37:91:55:a0:b6:aa:19:22:6f:32:d2:79:
f9:16:db:3d:d5:53:81:3a:b1:0d:4c:08:e4:d8:ff:
3a:b8:8c:ac:61:a3:5d:c3:18:72:eb:0f:ef:e5:20:
e3:1c:1c:3f:19:bd:ef:ff:11:c1:a8:52:ff:d3:43:
ce:49:aa:1b:1a:4f:b3:68:93:95:48:9a:ce:94:f1:
b9:3c:77:23:b6:8a:75:82:85:86:d7:c3:88:96:c3:
22:b6:d3:89:f6:1b:3c:72:64:da:29:32:5b:31:c2:
18:40:69:be:36:78:37:44:58:a9:af:4f:50:b2:58:
32:c5:7c:53:aa:c3:94:95:61:9e:3d:74:f2:98:7c:
2a:b8:0e:a6:8d:88:3e:8d:31:d3:5d:86:88:f4:99:
e0:97:79:1d:55:5d:41:1b:6e:3b:aa:41:6e:3e:73:
59:cc:ef:14:44:a2:cd:ac:b6:30:da:5d:4c:e9:62:
f3:89:2d:98:bc:5b:78:66:5c:74:1e:7a:04:2f:4f:
2d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:85:21:95:45:5A:C3:F9:4D:03:54:7E:6E:3E:9F:BD:CE:55:61:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
3a:cd:de:30:68:16:4a:fb:ff:48:12:69:04:ad:d6:a5:d4:2b:
3f:cf:c0:78:b0:e6:34:cf:38:b1:02:6f:42:bb:5e:98:b7:ec:
e9:e5:f3:dd:de:b3:1c:8b:b1:1b:cf:82:43:91:d4:46:6c:36:
b4:da:d1:0d:eb:7c:ba:c7:3b:8f:db:c5:f5:c0:26:84:1f:7e:
b2:ef:26:a4:ee:3b:97:55:3c:bb:ab:f2:9f:c9:ad:c1:94:f6:
ff:cd:56:05:46:cc:e9:ad:36:10:8f:c8:85:a4:dd:02:6c:68:
f0:b6:b2:ed:c8:28:b3:de:8f:42:37:85:6c:66:a1:0a:1f:b9:
c7:0a:ac:1a:d9:78:52:bd:4d:1d:45:6d:03:43:93:91:56:54:
1d:a0:55:40:e9:e2:fa:87:b7:3d:7c:ae:20:5e:71:c9:0a:bf:
28:7e:cc:c3:40:88:db:1c:fc:38:57:07:ba:fc:63:aa:26:67:
8e:88:69:38:36:42:48:41:b3:3e:4e:65:4c:1b:73:d0:35:70:
33:13:9c:1b:01:f0:f5:fe:5b:2f:2a:7e:fe:7e:21:50:9a:31:
dc:6e:97:8b:4c:44:6a:bb:b3:3f:87:e9:1f:33:bd:46:d5:5e:
fb:15:5a:6e:a1:21:f5:0f:a6:54:27:a4:47:f2:cd:23:95:3c:
f2:6f:af:e9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZN19/frq+y+z+7hVHgGrkjYH/cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5YzRhOTU4ZGI3NjViZjM5ZGQwNjE1YzM5Mjg5YzJmM2EyYjA1YzBiMThi
ZTk0YzMzYmMwOWYyNjcwMDQ5MTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMvArIwbX4f8rzYMcUI/dts8JiKgasADzckH2XXhtLkueUnJfk+Pt1vAKui
EaKWvB2nwORxwr3Vy0Y6aR07N5FVoLaqGSJvMtJ5+RbbPdVTgTqxDUwI5Nj/OriM
rGGjXcMYcusP7+Ug4xwcPxm97/8RwahS/9NDzkmqGxpPs2iTlUiazpTxuTx3I7aK
dYKFhtfDiJbDIrbTifYbPHJk2ikyWzHCGEBpvjZ4N0RYqa9PULJYMsV8U6rDlJVh
nj108ph8KrgOpo2IPo0x012GiPSZ4Jd5HVVdQRtuO6pBbj5zWczvFESizay2MNpd
TOli84ktmLxbeGZcdB56BC9PLUECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6hSGV
RVrD+U0DVH5uPp+9zlVhijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQwYjBmODMtODEwMi00NmFhLWFhZDktYWFlNTM5MjA0NjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQA6zd4waBZK+/9IEmkErdal1Cs/z8B4sOY0zzixAm9C
u16Yt+zp5fPd3rMci7Ebz4JDkdRGbDa02tEN63y6xzuP28X1wCaEH36y7yak7juX
VTy7q/Kfya3BlPb/zVYFRszprTYQj8iFpN0CbGjwtrLtyCiz3o9CN4VsZqEKH7nH
Cqwa2XhSvU0dRW0DQ5ORVlQdoFVA6eL6h7c9fK4gXnHJCr8ofszDQIjbHPw4Vwe6
/GOqJmeOiGk4NkJIQbM+TmVMG3PQNXAzE5wbAfD1/lsvKn7+fiFQmjHcbpeLTERq
u7M/h+kfM71G1V77FVpuoSH1D6ZUJ6RH8s0jlTzyb6/p
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org