Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
File: 5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa (raw, json)
Hash identifier: 09+ICDqtEZJ1Y68BtRU/IRRupg4Z5S8X0hdBLNT4bnk=
Subject key identifier: E8:6D:93:E1:04:5B:48:07:76:44:54:BB:85:72:DB:B1:83:9D:E2:89
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0896B43892E42057E935924A0C5B4A7E5C6180E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:96:b4:38:92:e4:20:57:e9:35:92:4a:0c:5b:4a:7e:5c:61:80:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=52222616cc5b2bb7020026b411761944582b5de0e65b4894ae81fae670b26df2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:89:a0:02:6e:50:cd:13:98:1d:9d:ed:4e:
bc:57:0f:5d:cb:3f:b0:ae:12:56:3b:04:8d:fe:ae:
9b:ce:6e:06:c7:f7:07:95:c1:e6:52:a4:d5:d5:c0:
b3:df:09:7b:2b:68:4b:5f:31:3e:34:6a:73:30:7c:
6e:c5:6e:b4:82:26:c3:9e:62:2a:af:57:5f:40:a9:
88:f2:bc:8b:7b:f3:9c:81:84:c5:9b:a8:60:93:a9:
2d:ae:5c:e1:61:7e:48:56:15:6f:5c:e3:49:bf:6c:
45:b2:43:bd:79:5e:bc:ea:a5:4f:f6:2c:cc:1c:77:
ee:23:25:1d:22:4e:34:f4:e7:49:a4:9a:94:e5:e0:
04:4d:d9:47:41:c6:22:7b:bc:13:c6:c3:8a:7f:e1:
3c:96:e6:1c:ed:4f:84:4d:96:fc:87:88:68:d3:b2:
7c:c3:50:b5:ef:e5:69:97:80:11:69:bc:57:cf:a3:
c4:e6:ac:90:2b:84:68:de:53:f8:20:45:48:c5:44:
b3:b8:31:8f:64:38:78:f0:14:6b:4b:57:1d:92:57:
0a:94:22:2b:9d:5f:bc:7a:9a:8c:4c:4c:bf:e2:97:
6b:68:2d:e2:05:70:ec:b2:75:46:5d:ab:8e:b7:6f:
01:31:ef:3b:67:6b:33:26:60:fd:47:d0:5c:8e:95:
eb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:6D:93:E1:04:5B:48:07:76:44:54:BB:85:72:DB:B1:83:9D:E2:89
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
22:d4:6b:5c:06:96:f3:68:ed:1e:d4:c4:b3:a9:03:87:7c:79:
70:89:06:9c:6a:46:d3:65:d6:93:74:92:3c:21:5a:39:20:79:
fe:96:30:09:7c:47:cf:17:a8:c4:98:f8:cf:4d:b6:30:39:59:
53:00:f7:87:46:d6:b8:b2:33:5a:e4:57:97:b2:33:b0:b1:1f:
45:52:7a:dd:a1:04:e5:73:46:77:e8:99:f2:59:e5:26:b0:c1:
4d:91:c7:5e:f4:dd:4c:3d:10:d3:ce:7e:90:91:48:2a:57:9d:
30:9c:76:95:93:b9:2d:6f:16:cb:b9:d0:f8:cd:23:60:c5:7d:
98:23:a9:62:23:91:cc:6e:65:57:c4:f1:84:38:6d:19:a3:63:
ba:f0:15:16:bc:05:43:27:fa:18:ae:f2:70:63:0b:14:85:3b:
23:1d:cd:cb:11:c7:6f:ac:99:51:72:33:1d:d7:d8:c3:32:94:
33:87:6b:67:0a:7c:e3:8e:14:e3:02:54:e0:50:d1:21:a5:37:
61:dd:b0:94:c8:9c:6f:54:21:e1:cd:41:98:b5:cf:c0:ef:bb:
31:6a:b8:7e:01:6b:f1:a1:f2:15:72:ee:db:3a:8a:fb:de:95:
e9:58:41:da:9b:ea:74:1f:64:25:3c:6d:27:d8:11:23:a0:d3:
d0:d6:d1:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCJa0OJLkIFfpNZJKDFtKflxhgOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMjIyNjE2Y2M1YjJiYjcwMjAwMjZiNDExNzYxOTQ0NTgyYjVkZTBlNjVi
NDg5NGFlODFmYWU2NzBiMjZkZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5RiaACblDNE5gdne1OvFcPXcs/sK4SVjsEjf6um85uBsf3B5XB5lKk1dXA
s98JeytoS18xPjRqczB8bsVutIImw55iKq9XX0CpiPK8i3vznIGExZuoYJOpLa5c
4WF+SFYVb1zjSb9sRbJDvXlevOqlT/YszBx37iMlHSJONPTnSaSalOXgBE3ZR0HG
Inu8E8bDin/hPJbmHO1PhE2W/IeIaNOyfMNQte/laZeAEWm8V8+jxOaskCuEaN5T
+CBFSMVEs7gxj2Q4ePAUa0tXHZJXCpQiK51fvHqajExMv+KXa2gt4gVw7LJ1Rl2r
jrdvATHvO2drMyZg/UfQXI6V6/kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTobZPh
BFtIB3ZEVLuFctuxg53iiTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTAzOGQ0ZWEtOGJiMS00NTY2LTk3NzgtNWRmY2VhZWIzNjA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAi1GtcBpbzaO0e1MSzqQOHfHlwiQacakbTZdaTdJI8
IVo5IHn+ljAJfEfPF6jEmPjPTbYwOVlTAPeHRta4sjNa5FeXsjOwsR9FUnrdoQTl
c0Z36JnyWeUmsMFNkcde9N1MPRDTzn6QkUgqV50wnHaVk7ktbxbLudD4zSNgxX2Y
I6liI5HMbmVXxPGEOG0Zo2O68BUWvAVDJ/oYrvJwYwsUhTsjHc3LEcdvrJlRcjMd
19jDMpQzh2tnCnzjjhTjAlTgUNEhpTdh3bCUyJxvVCHhzUGYtc/A77sxarh+AWvx
ofIVcu7bOor73pXpWEHam+p0H2QlPG0n2BEjoNPQ1tEZ
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org