Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: wP+L8ZXC/dH6ij6QyvHf6lgaoBzZ1GE3bqwvVZrghfQ=
Subject key identifier: 89:F2:48:3F:3B:BA:93:BD:7F:2A:BA:67:82:2B:73:C5:71:E1:90:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 17C273B94661781E8FDF2C4958F9190C517CECC2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:c2:73:b9:46:61:78:1e:8f:df:2c:49:58:f9:19:0c:51:7c:ec:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=f911c10d88c8875fb8fa8ecd024dc01f59332951938b9556094f91f28c9395c1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:1b:e9:d3:ed:b1:cb:21:98:39:fc:8d:c3:
2a:9f:e8:64:6f:d4:8f:de:68:5f:37:cb:04:a6:51:
5c:75:c2:ab:a2:c0:fa:83:29:c8:1b:33:f9:53:dd:
cc:3c:73:e4:cc:9f:00:d0:e8:1d:3f:6d:2a:bc:27:
ce:cd:96:1b:b8:eb:9f:07:ff:ac:77:26:8d:fe:61:
45:53:3f:89:50:43:59:86:50:79:26:88:7e:32:0c:
c7:0f:7e:0f:fe:38:7e:b7:55:e0:c4:de:26:b4:14:
32:8a:cf:95:80:a1:af:96:7b:13:d0:dd:66:8a:03:
e5:50:a2:15:62:79:75:27:f4:69:41:9a:a2:94:17:
a3:25:e0:64:23:74:22:5e:67:ff:4f:31:84:5f:9b:
6d:98:33:66:ec:9d:bf:89:30:82:ef:b5:99:fb:9d:
8f:51:6c:4f:01:7c:82:3e:e5:70:d3:63:ae:21:78:
09:64:43:6a:ca:27:64:a7:ad:e6:9c:d6:34:bb:49:
0e:5a:05:c3:88:2b:64:ce:2d:ed:22:3f:83:1e:63:
ac:92:b4:6c:be:87:1b:07:c6:c7:17:67:db:6d:db:
27:37:d0:a8:2b:21:51:ef:ca:f9:e2:ab:31:0b:d0:
ea:17:d3:5f:c6:a8:d1:62:36:3f:a6:e2:b2:6c:1a:
a0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F2:48:3F:3B:BA:93:BD:7F:2A:BA:67:82:2B:73:C5:71:E1:90:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9c:89:9b:b9:f3:ef:25:e7:0b:ff:32:09:35:9f:7b:b7:9b:df:
e7:96:50:df:f8:9e:0d:24:2a:f8:23:ea:43:ee:11:97:ad:0d:
6a:7b:5f:cd:9c:7e:b2:50:30:04:45:58:6a:bf:85:f4:5c:b5:
3a:b5:40:5e:3a:d3:1c:8a:88:6b:25:56:36:f3:2c:1a:65:80:
7a:84:21:e4:4d:eb:50:e2:9a:2b:c9:ea:4d:13:5f:71:45:ad:
f2:26:2c:f7:ec:5f:c4:4d:1e:9a:b8:01:aa:b3:1e:88:c4:e4:
0f:52:43:95:13:1f:94:4a:71:8e:6e:7f:4d:bb:53:31:ca:34:
0d:a6:3e:65:c2:d0:74:e5:6d:0e:ac:cc:79:39:88:51:74:53:
14:04:4f:7c:81:25:69:3f:90:c1:42:fc:70:38:de:a1:0b:95:
f6:54:5c:10:ea:d2:1a:6a:94:ad:4f:b9:4c:9c:3f:3a:84:3a:
50:cd:2a:45:b8:b0:8e:bc:d5:dd:6c:80:6a:60:a9:21:27:43:
9e:a1:7a:07:bb:71:8d:50:d9:56:87:36:6f:f1:a1:5b:bf:20:
a6:3f:7a:02:a7:fc:3a:36:1c:fb:e1:7e:53:cd:aa:bc:05:29:
69:f6:e5:ea:d3:3f:20:2f:09:f5:ef:13:dc:86:b0:4d:11:2c:
1b:52:9b:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF8JzuUZheB6P3yxJWPkZDFF87MIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5MTFjMTBkODhjODg3NWZiOGZhOGVjZDAyNGRjMDFmNTkzMzI5NTE5Mzhi
OTU1NjA5NGY5MWYyOGM5Mzk1YzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKy7G+nT7bHLIZg5/I3DKp/oZG/Uj95oXzfLBKZRXHXCq6LA+oMpyBsz+VPd
zDxz5MyfANDoHT9tKrwnzs2WG7jrnwf/rHcmjf5hRVM/iVBDWYZQeSaIfjIMxw9+
D/44frdV4MTeJrQUMorPlYChr5Z7E9DdZooD5VCiFWJ5dSf0aUGaopQXoyXgZCN0
Il5n/08xhF+bbZgzZuydv4kwgu+1mfudj1FsTwF8gj7lcNNjriF4CWRDasonZKet
5pzWNLtJDloFw4grZM4t7SI/gx5jrJK0bL6HGwfGxxdn223bJzfQqCshUe/K+eKr
MQvQ6hfTX8ao0WI2P6bismwaoOkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSJ8kg/
O7qTvX8qumeCK3PFceGQmjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQCciZu58+8l5wv/Mgk1n3u3m9/nllDf+J4NJCr4I+pD
7hGXrQ1qe1/NnH6yUDAERVhqv4X0XLU6tUBeOtMciohrJVY28ywaZYB6hCHkTetQ
4poryepNE19xRa3yJiz37F/ETR6auAGqsx6IxOQPUkOVEx+USnGObn9Nu1MxyjQN
pj5lwtB05W0OrMx5OYhRdFMUBE98gSVpP5DBQvxwON6hC5X2VFwQ6tIaapStT7lM
nD86hDpQzSpFuLCOvNXdbIBqYKkhJ0OeoXoHu3GNUNlWhzZv8aFbvyCmP3oCp/w6
Nhz74X5Tzaq8BSlp9uXq0z8gLwn17xPchrBNESwbUpun
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org