Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
File: 4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa (raw, json)
Hash identifier: Hy4GsDC3aLtTWuA/Mm5EcGxR6NA7VIG5mPQb6TSNHHk=
Subject key identifier: 15:DA:0F:72:59:DE:BB:F9:C7:AB:1F:39:18:9A:64:71:14:2B:F5:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7772332BBCFEF243A3EA1264E833510A41A15ABE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
Signing time: Tue 28 May 2024 00:00:00 +0000
ROA not before: Tue 28 May 2024 00:00:00 +0000
ROA not after: Tue 02 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:72:33:2b:bc:fe:f2:43:a3:ea:12:64:e8:33:51:0a:41:a1:5a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 28 00:00:00 2024 GMT
Not After : Jul 2 23:59:59 2024 GMT
Subject: serialNumber=029bd74f5983c19c886204a7410ac9b55289971feaa8ed016e522ae7a5e2ee67, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ef:01:f3:f6:f8:c6:5d:3a:78:a0:5b:2a:18:
19:40:3a:d8:47:26:4d:4d:06:2b:48:5b:90:90:5d:
b4:13:eb:96:4b:ff:2d:cf:f5:9b:b0:6e:25:2d:e8:
66:9e:1f:95:31:5b:1b:2e:af:0e:b6:d2:89:c9:ed:
50:0d:86:19:01:9d:a4:59:8a:d1:f3:2f:4a:1f:4c:
d6:da:5c:74:22:76:73:18:56:73:9e:40:30:e1:8b:
ca:b5:e9:90:09:c2:70:6d:6f:12:95:7b:69:eb:c3:
c9:87:ce:ce:4f:62:2e:6f:09:fd:a3:e3:90:48:2e:
c4:ab:c3:61:09:89:5d:bd:b5:5e:7b:b0:ed:e9:f7:
4b:43:8c:29:cc:9f:dd:d1:5a:cc:14:13:e9:e0:98:
15:51:b1:69:2c:94:76:1e:af:16:d3:52:06:d7:49:
52:63:84:a7:99:a5:40:d6:db:19:e5:49:2c:17:0d:
de:b1:ca:af:4c:19:6c:c1:b9:e6:41:b3:3d:fc:8d:
d3:d4:67:47:1d:81:a6:64:2c:d4:dc:8b:cd:bb:0d:
15:8b:16:e1:ce:bb:9b:ac:9d:4c:ba:f6:2e:c5:42:
22:06:12:84:6c:66:38:a3:43:40:53:7a:4d:a1:d3:
b6:7c:43:7d:7b:98:8c:23:f6:32:00:13:25:52:c7:
8a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DA:0F:72:59:DE:BB:F9:C7:AB:1F:39:18:9A:64:71:14:2B:F5:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:dd:03:e9:e5:2d:39:95:88:5a:55:5f:5f:aa:b1:1e:18:56:
b9:9f:1b:9a:c0:64:19:52:0a:14:39:93:08:2a:4e:0c:b0:06:
d3:8d:b7:1e:d6:86:65:cb:02:a9:af:87:62:24:a3:0a:0b:48:
87:b1:80:bf:4f:44:c2:d9:26:67:0d:f3:f9:81:9c:38:6b:e8:
f9:cf:ff:b2:37:26:6a:25:c1:87:ff:6a:48:c3:d9:33:57:ff:
cc:fd:d5:82:4f:4c:af:bd:32:f7:24:8f:e5:4d:ad:2a:ef:1a:
17:aa:84:3c:cc:38:7c:94:11:ce:2d:4c:eb:c0:77:42:b3:68:
27:21:7b:05:6e:93:51:9d:e4:11:1e:af:51:c5:05:40:f2:91:
7a:8c:0b:d5:ee:0d:f1:0a:84:95:ea:26:b3:63:11:02:73:44:
44:36:5a:a3:39:db:76:e0:d5:0d:3c:67:0f:ad:19:61:3d:4c:
d0:32:0d:3a:8a:51:a2:b2:3c:cc:74:17:e9:f6:42:a8:90:d7:
37:2b:10:9e:20:23:43:74:3a:60:1e:f5:64:83:c2:0f:0b:bc:
e8:a5:38:47:48:ea:6a:f6:c8:00:0a:45:20:c9:97:7f:b7:ed:
d8:ab:68:dd:e3:a0:1f:3e:01:23:77:14:9b:7e:51:f7:9d:8a:
bd:de:7e:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd3IzK7z+8kOj6hJk6DNRCkGhWr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjgwMDAwMDBaFw0yNDA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyOWJkNzRmNTk4M2MxOWM4ODYyMDRhNzQxMGFjOWI1NTI4OTk3MWZlYWE4
ZWQwMTZlNTIyYWU3YTVlMmVlNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLvAfP2+MZdOnigWyoYGUA62EcmTU0GK0hbkJBdtBPrlkv/Lc/1m7BuJS3o
Zp4flTFbGy6vDrbSicntUA2GGQGdpFmK0fMvSh9M1tpcdCJ2cxhWc55AMOGLyrXp
kAnCcG1vEpV7aevDyYfOzk9iLm8J/aPjkEguxKvDYQmJXb21Xnuw7en3S0OMKcyf
3dFazBQT6eCYFVGxaSyUdh6vFtNSBtdJUmOEp5mlQNbbGeVJLBcN3rHKr0wZbMG5
5kGzPfyN09RnRx2BpmQs1NyLzbsNFYsW4c67m6ydTLr2LsVCIgYShGxmOKNDQFN6
TaHTtnxDfXuYjCP2MgATJVLHijECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQV2g9y
Wd67+cerHzkYmmRxFCv1UjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGIyYjkwZGItYjFjZS00YmE5LWE4YmItMTc0OTIzZjU1NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQAY3QPp5S05lYhaVV9fqrEeGFa5nxuawGQZUgoUOZMI
Kk4MsAbTjbce1oZlywKpr4diJKMKC0iHsYC/T0TC2SZnDfP5gZw4a+j5z/+yNyZq
JcGH/2pIw9kzV//M/dWCT0yvvTL3JI/lTa0q7xoXqoQ8zDh8lBHOLUzrwHdCs2gn
IXsFbpNRneQRHq9RxQVA8pF6jAvV7g3xCoSV6iazYxECc0RENlqjOdt24NUNPGcP
rRlhPUzQMg06ilGisjzMdBfp9kKokNc3KxCeICNDdDpgHvVkg8IPC7zopThHSOpq
9sgACkUgyZd/t+3Yq2jd46AfPgEjdxSbflH3nYq93n74
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org