Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
File: 673e8a42-e7d4-46a9-8302-c771426cd407.roa (raw, json)
Hash identifier: bQHQoZP11wJnfuE70Rgc4uxN8IKVt9MmiyohGw0WWsw=
Subject key identifier: 21:8F:C9:25:5A:15:52:58:38:11:DB:F9:78:2C:0D:93:63:D3:96:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 663A8222BE6E597A7B97C320851801B53F914623
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:3a:82:22:be:6e:59:7a:7b:97:c3:20:85:18:01:b5:3f:91:46:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=323d75e952e4bd563f9c62b30e73add6f960c885f632d5cd1ec0e00167dafb38, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:5b:5e:14:13:0e:ae:3c:ec:bc:d8:83:c7:
90:99:57:4c:30:05:2c:12:b5:60:6a:bd:fc:78:af:
7a:ed:af:14:8d:30:fa:c4:6f:f6:bd:e5:1d:b0:11:
1b:a8:d5:22:77:77:76:7e:2a:4b:43:fc:04:71:da:
e8:37:6b:bf:93:54:b5:2c:4a:91:f6:2c:81:20:0b:
6c:5b:d4:2b:e5:14:2c:39:b5:6a:8d:58:a5:19:a6:
3a:4a:57:75:7b:7d:46:4e:ce:f1:15:b7:2a:7a:b0:
f6:d7:b0:f7:9c:86:a8:12:ed:95:f0:2d:12:41:a0:
e6:7e:f3:73:c4:1e:6c:32:b7:fd:bb:7e:02:bd:96:
77:d9:73:69:1c:23:47:88:7b:41:87:52:42:cd:97:
f5:b8:05:e5:28:ba:ec:54:7f:bf:5d:d0:27:c7:b6:
ba:3d:46:12:93:75:96:d2:bb:c6:2c:ca:c2:c9:01:
42:eb:9c:4c:1c:d9:d8:62:e9:15:14:9f:32:9d:87:
eb:91:41:74:75:1e:aa:8a:56:b9:07:bc:a0:84:69:
f7:19:b6:81:90:72:b9:2f:28:d4:04:96:d9:2a:d6:
ab:fa:ab:71:e4:b4:81:55:6f:6e:fa:de:a9:6e:aa:
e0:b9:04:70:f5:81:64:aa:4e:5b:fc:e0:08:03:a6:
21:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8F:C9:25:5A:15:52:58:38:11:DB:F9:78:2C:0D:93:63:D3:96:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1a:8a:17:e8:58:ea:dc:9d:87:72:18:9d:aa:e8:3d:c0:55:19:
2c:57:d9:57:b7:c6:18:bc:b5:ce:67:a1:75:23:6f:9c:d9:e6:
2a:fb:a4:51:b5:50:ca:17:07:70:84:ce:97:4e:6d:52:5d:15:
67:a7:0a:d1:d7:35:8e:74:af:3d:19:83:2a:02:f7:88:64:f8:
a6:f2:cd:39:e3:d1:2d:01:d5:66:6a:ef:6a:be:3d:47:50:4c:
fa:3d:f0:65:c4:61:23:ed:c5:05:f0:55:dd:87:fa:eb:16:6b:
e0:c1:0e:5e:59:1e:7f:6e:bb:20:bf:cc:2c:59:f2:d2:0b:95:
6b:fd:92:25:d1:9b:e6:e8:d9:ef:28:11:a0:ac:62:4e:2d:8b:
fe:cc:c5:5d:2c:43:7b:44:e9:2f:34:73:29:7d:57:d3:3c:3b:
0e:e9:12:e4:5e:96:6e:cd:cb:0c:53:c1:a3:f2:92:71:7c:ef:
e6:fa:e5:f4:29:b3:a1:7c:aa:16:8e:7c:f1:9a:7c:bd:ac:87:
20:5a:e2:5b:c5:ea:0e:99:6a:48:16:ef:35:dd:a0:86:a4:96:
9e:2b:f9:4f:f4:6b:0e:07:6c:47:fc:ee:08:a1:1f:c1:ae:39:
67:63:d4:63:eb:33:f9:1a:58:7b:d6:3f:07:7a:97:65:76:a7:
ee:47:f0:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZjqCIr5uWXp7l8MghRgBtT+RRiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyM2Q3NWU5NTJlNGJkNTYzZjljNjJiMzBlNzNhZGQ2Zjk2MGM4ODVmNjMy
ZDVjZDFlYzBlMDAxNjdkYWZiMzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMvW14UEw6uPOy82IPHkJlXTDAFLBK1YGq9/Hiveu2vFI0w+sRv9r3lHbAR
G6jVInd3dn4qS0P8BHHa6Ddrv5NUtSxKkfYsgSALbFvUK+UULDm1ao1YpRmmOkpX
dXt9Rk7O8RW3Knqw9tew95yGqBLtlfAtEkGg5n7zc8QebDK3/bt+Ar2Wd9lzaRwj
R4h7QYdSQs2X9bgF5Si67FR/v13QJ8e2uj1GEpN1ltK7xizKwskBQuucTBzZ2GLp
FRSfMp2H65FBdHUeqopWuQe8oIRp9xm2gZByuS8o1ASW2SrWq/qrceS0gVVvbvre
qW6q4LkEcPWBZKpOW/zgCAOmIW8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQhj8kl
WhVSWDgR2/l4LA2TY9OWCzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjczZThhNDItZTdkNC00NmE5LTgzMDItYzc3MTQyNmNkNDA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQAaihfoWOrcnYdyGJ2q6D3AVRksV9lXt8YYvLXOZ6F1
I2+c2eYq+6RRtVDKFwdwhM6XTm1SXRVnpwrR1zWOdK89GYMqAveIZPim8s0549Et
AdVmau9qvj1HUEz6PfBlxGEj7cUF8FXdh/rrFmvgwQ5eWR5/brsgv8wsWfLSC5Vr
/ZIl0Zvm6NnvKBGgrGJOLYv+zMVdLEN7ROkvNHMpfVfTPDsO6RLkXpZuzcsMU8Gj
8pJxfO/m+uX0KbOhfKoWjnzxmny9rIcgWuJbxeoOmWpIFu813aCGpJaeK/lP9GsO
B2xH/O4IoR/BrjlnY9Rj6zP5Glh71j8HepdldqfuR/A6
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org