Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3071c2a4-bba6-4def-894d-a0bf6a718d91.roa
File: 3071c2a4-bba6-4def-894d-a0bf6a718d91.roa (raw, json)
Hash identifier: Wmg7wlnhGDugK1n4aXITEwnN2upE9Aa/v4/w5SuSxIw=
Subject key identifier: 82:F0:D0:3F:30:29:89:1D:AE:A2:AF:A3:66:33:B3:A9:34:A8:BE:B8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7ADDB5C1829304B92726644D81A5BC8B687301F6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3071c2a4-bba6-4def-894d-a0bf6a718d91.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:dd:b5:c1:82:93:04:b9:27:26:64:4d:81:a5:bc:8b:68:73:01:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=d66a5cafab6ccfdd6ea30483e50daa9e4b892ee035c08841dbc5a1c41a0719ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:8d:6c:da:23:01:20:12:39:95:85:29:6b:
fe:48:d2:3b:c4:2d:98:dc:20:95:e4:02:94:b5:59:
ea:de:3b:86:90:e2:6f:bc:0b:9d:d1:b5:89:5f:3d:
fc:f6:c4:9c:01:be:d2:a5:06:a3:ae:87:46:be:ce:
fb:31:ea:ff:f1:51:57:c9:03:ed:f8:e7:01:a5:5b:
1a:e0:2e:8e:d4:17:61:01:45:75:c1:3e:95:c8:24:
a8:cf:3d:c7:68:55:45:e0:85:7a:8d:07:7d:ca:37:
62:4f:6b:c9:31:05:5b:86:aa:87:32:0d:5b:5c:5c:
e3:63:f9:3e:4e:ab:ad:a6:a8:bc:cb:05:3a:00:55:
cb:a7:da:13:52:7d:4a:19:6c:8e:e1:ef:f0:db:c8:
36:23:33:34:20:66:43:da:cf:02:a7:3c:4a:0d:f8:
be:d0:a8:0f:87:55:0f:ab:64:a6:f3:61:da:24:fd:
6e:6a:64:3b:c1:a5:64:07:2f:ce:5b:14:c6:b8:eb:
ce:ae:6d:31:1a:6a:ae:2c:33:92:cd:7e:02:73:bd:
41:13:62:0c:50:e2:a4:ee:db:40:2c:31:0d:55:7e:
a4:a9:19:ed:90:88:53:18:c8:82:ac:8d:ec:7c:0c:
64:7c:02:54:56:c9:c0:62:a5:e5:31:70:2a:34:cc:
8e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F0:D0:3F:30:29:89:1D:AE:A2:AF:A3:66:33:B3:A9:34:A8:BE:B8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3071c2a4-bba6-4def-894d-a0bf6a718d91.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:05:1d:9e:8f:95:7c:18:fa:b5:66:cb:58:cb:87:16:95:8a:
98:db:76:b4:2a:dd:39:e1:a2:15:69:64:80:7e:95:b3:e5:e5:
03:b9:ca:33:59:5d:ae:c1:82:10:bb:b0:05:07:b7:8d:64:51:
ba:c4:96:0a:84:7c:79:bd:5b:dd:32:2e:8f:f2:29:b5:84:b9:
b5:ee:3e:21:74:f0:20:c2:42:a3:87:36:bf:18:0f:53:27:34:
44:c1:c1:b6:42:5b:70:ea:9a:dc:3c:4b:6d:3e:2c:51:29:4e:
80:d8:33:49:2e:4e:4b:c5:0e:3b:cf:2d:36:74:22:59:d1:95:
3a:31:dc:05:27:f1:38:64:27:14:92:d9:e6:3d:e4:fa:1d:f2:
4a:00:85:ed:ed:5b:b0:6e:9c:98:58:4b:66:0b:7b:36:c2:61:
0a:d0:19:11:01:f6:8b:56:28:e9:d2:c1:7e:67:c2:3a:ac:7b:
ee:52:48:3d:78:b2:bf:5f:6c:f6:ee:9b:02:0e:f8:f7:d2:94:
fc:7a:b2:a1:8a:6e:dc:22:a8:00:32:27:26:93:c1:db:e1:9b:
e7:b4:b3:19:7f:e5:5f:c6:32:09:54:2d:d7:cb:0c:b0:0a:79:
c2:c5:c5:7b:fd:43:6f:7b:c9:a3:4a:f7:b6:ed:24:ef:ca:72:
48:d8:ed:de
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUet21wYKTBLknJmRNgaW8i2hzAfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2NmE1Y2FmYWI2Y2NmZGQ2ZWEzMDQ4M2U1MGRhYTllNGI4OTJlZTAzNWMw
ODg0MWRiYzVhMWM0MWEwNzE5ZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiXjWzaIwEgEjmVhSlr/kjSO8QtmNwgleQClLVZ6t47hpDib7wLndG1iV89
/PbEnAG+0qUGo66HRr7O+zHq//FRV8kD7fjnAaVbGuAujtQXYQFFdcE+lcgkqM89
x2hVReCFeo0Hfco3Yk9ryTEFW4aqhzINW1xc42P5Pk6rraaovMsFOgBVy6faE1J9
ShlsjuHv8NvINiMzNCBmQ9rPAqc8Sg34vtCoD4dVD6tkpvNh2iT9bmpkO8GlZAcv
zlsUxrjrzq5tMRpqriwzks1+AnO9QRNiDFDipO7bQCwxDVV+pKkZ7ZCIUxjIgqyN
7HwMZHwCVFbJwGKl5TFwKjTMjocCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSC8NA/
MCmJHa6ir6NmM7OpNKi+uDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzA3MWMyYTQtYmJhNi00ZGVmLTg5NGQtYTBiZjZhNzE4ZDkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBmBR2ej5V8GPq1ZstYy4cWlYqY23a0Kt054aIVaWSA
fpWz5eUDucozWV2uwYIQu7AFB7eNZFG6xJYKhHx5vVvdMi6P8im1hLm17j4hdPAg
wkKjhza/GA9TJzREwcG2Qltw6prcPEttPixRKU6A2DNJLk5LxQ47zy02dCJZ0ZU6
MdwFJ/E4ZCcUktnmPeT6HfJKAIXt7VuwbpyYWEtmC3s2wmEK0BkRAfaLVijp0sF+
Z8I6rHvuUkg9eLK/X2z27psCDvj30pT8erKhim7cIqgAMicmk8Hb4ZvntLMZf+Vf
xjIJVC3XywywCnnCxcV7/UNve8mjSve27STvynJI2O3e
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org