Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
File: 64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa (raw, json)
Hash identifier: nYOun7zrDAka2ZgC/bx5HoAUnTHARxcKtaoh2ZOgdjE=
Subject key identifier: 1C:26:87:06:4E:C8:A2:0B:D2:E3:75:36:F0:EA:46:72:4B:2C:F7:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57475149ACB59448615273DFF65741DE68E08EB4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:47:51:49:ac:b5:94:48:61:52:73:df:f6:57:41:de:68:e0:8e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=c462de3ae7bf1ea7c99719bf9482009b7a574de8fae3dec776b501b9f7e23a0c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bf:5d:f9:d8:14:8e:16:b9:b9:a2:14:a8:cc:
da:c9:7f:27:97:ef:99:6a:e9:12:d0:c6:85:65:ea:
4b:ec:2b:68:1a:c3:ef:e1:8e:a2:35:7d:b3:95:39:
48:6a:a4:7f:7f:08:48:8b:0c:ad:5f:89:8d:23:81:
32:a3:67:e7:7b:b2:92:6b:1c:85:5c:60:34:2c:cd:
cc:c2:96:b2:82:6f:6b:ee:f1:cc:7d:f3:93:69:0e:
d7:b6:88:0b:eb:94:23:24:91:51:3c:31:43:17:ea:
2f:4d:ea:86:f9:1b:2f:8f:70:83:81:ad:a0:db:f0:
62:fa:74:c7:25:2d:97:24:8e:6a:dd:83:a1:5e:14:
ae:4e:e4:6f:b9:5e:76:c9:be:6a:70:21:4b:92:c0:
08:b5:3f:5c:b7:0a:77:91:bb:58:2f:f6:c2:3c:70:
e7:ee:73:d2:de:ea:f8:b5:6a:1a:bb:8b:47:19:d1:
b7:72:a8:b6:7f:67:10:72:f7:d0:7f:46:96:26:38:
56:16:a1:de:8b:1d:eb:aa:68:15:ac:40:44:aa:94:
4a:b4:11:67:76:70:37:fa:27:a5:be:11:e2:ae:3b:
85:15:5b:d8:46:9a:43:b4:2e:00:b1:fe:ad:d6:88:
27:5a:8f:5e:63:5a:16:c8:9f:3b:71:04:2c:b9:00:
47:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:26:87:06:4E:C8:A2:0B:D2:E3:75:36:F0:EA:46:72:4B:2C:F7:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d5:55:e0:65:5f:62:3b:c5:e7:6b:26:a9:29:e1:ee:0c:1b:92:
72:86:0c:8a:d1:7e:5f:37:1c:ff:9c:85:be:c0:be:b1:ff:76:
70:37:0e:99:f1:de:a7:d1:1e:9e:43:ed:3c:3c:d7:06:fb:b6:
0c:b4:b0:95:be:23:b7:1b:8e:98:e8:11:1f:83:67:99:09:8c:
68:64:76:38:a0:f1:87:4e:61:0d:3f:c3:a3:62:34:a4:8a:b2:
27:c8:90:2f:b8:2d:18:f8:24:66:cb:10:9a:c2:64:0f:58:9d:
e9:f5:79:01:84:b7:76:a0:f6:f6:9b:0a:3b:55:21:a0:69:94:
ac:32:9e:3a:14:13:37:81:42:67:d3:f8:0b:18:8a:80:8e:23:
d9:43:12:7e:06:ef:63:37:80:2c:8b:c8:91:3d:88:8e:49:6e:
7a:f4:9a:f1:13:78:c7:3f:24:3e:7e:b0:52:3e:ca:26:79:21:
d0:73:92:e0:25:b4:6b:f1:6d:34:18:be:d0:8b:ea:85:50:e2:
84:33:e3:18:ef:e1:4e:6d:3b:e9:fe:b8:9a:75:68:70:37:68:
19:f4:7a:ca:c9:95:26:03:6d:30:64:05:80:4e:dc:71:9d:a0:
58:a4:41:5e:8e:8c:ba:c9:e0:5a:65:7e:6b:06:fa:f2:4f:00:
27:16:8a:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV0dRSay1lEhhUnPf9ldB3mjgjrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0NjJkZTNhZTdiZjFlYTdjOTk3MTliZjk0ODIwMDliN2E1NzRkZThmYWUz
ZGVjNzc2YjUwMWI5ZjdlMjNhMGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMu/XfnYFI4WubmiFKjM2sl/J5fvmWrpEtDGhWXqS+wraBrD7+GOojV9s5U5
SGqkf38ISIsMrV+JjSOBMqNn53uykmschVxgNCzNzMKWsoJva+7xzH3zk2kO17aI
C+uUIySRUTwxQxfqL03qhvkbL49wg4GtoNvwYvp0xyUtlySOat2DoV4Urk7kb7le
dsm+anAhS5LACLU/XLcKd5G7WC/2wjxw5+5z0t7q+LVqGruLRxnRt3Kotn9nEHL3
0H9GliY4Vhah3osd66poFaxARKqUSrQRZ3ZwN/onpb4R4q47hRVb2EaaQ7QuALH+
rdaIJ1qPXmNaFsifO3EELLkAR1MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQcJocG
TsiiC9LjdTbw6kZySyz3rjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjQzNDdmMzYtZTFhMS00NzI2LThiYTItZjFhMDlkYWFiN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQDVVeBlX2I7xedrJqkp4e4MG5JyhgyK0X5fNxz/nIW+
wL6x/3ZwNw6Z8d6n0R6eQ+08PNcG+7YMtLCVviO3G46Y6BEfg2eZCYxoZHY4oPGH
TmENP8OjYjSkirInyJAvuC0Y+CRmyxCawmQPWJ3p9XkBhLd2oPb2mwo7VSGgaZSs
Mp46FBM3gUJn0/gLGIqAjiPZQxJ+Bu9jN4Asi8iRPYiOSW569JrxE3jHPyQ+frBS
PsomeSHQc5LgJbRr8W00GL7Qi+qFUOKEM+MY7+FObTvp/riadWhwN2gZ9HrKyZUm
A20wZAWATtxxnaBYpEFejoy6yeBaZX5rBvryTwAnFooS
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org