Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json)
Hash identifier: Vu2olfgvxgh0THQWOkP1FJ8fpMtXfmKAudDIR8MkT6k=
Subject key identifier: 83:90:C2:F6:26:CE:3B:EA:1C:4C:A2:81:B6:63:B5:FB:27:50:A9:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68194CA2F96CB005064A48B09C4DF6DBA410E362
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:19:4c:a2:f9:6c:b0:05:06:4a:48:b0:9c:4d:f6:db:a4:10:e3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=d24c2a389d3933b6a216ad57e9fca4adc52e58736f21a6c9b163ade1b881afeb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:d4:ff:05:3f:cc:7b:5a:e6:bf:83:1f:e5:
9a:2d:d3:e7:ab:a3:6b:62:7f:55:6c:84:40:fc:8a:
36:32:64:be:d1:17:b5:ca:df:0c:49:78:9e:22:cc:
fc:eb:b5:80:c2:1f:29:ea:e8:75:da:16:38:24:b9:
25:de:64:b7:28:8d:22:81:82:09:5d:aa:23:17:2b:
0c:32:75:8f:4f:63:f1:57:b9:ba:78:e5:c3:83:45:
04:ef:43:30:95:8a:0a:7b:0d:55:44:07:60:88:8a:
f4:50:8a:7d:76:37:2a:87:fe:e7:b2:26:ff:e7:f7:
ef:a5:f2:35:e2:76:9a:35:4c:67:b3:b2:c4:5b:ef:
ba:ed:94:f3:98:38:8f:b6:6f:fd:15:72:f1:7a:1d:
ff:67:f2:c0:f1:4e:68:3f:ad:f1:0d:6b:b6:80:70:
16:0e:a1:48:aa:d5:fd:84:06:f7:07:9b:7d:84:73:
44:0c:53:d1:19:88:71:bd:7e:8e:c0:a4:94:cb:3f:
a1:29:3e:41:fb:49:04:8e:9d:79:3d:0e:b9:45:ff:
9c:73:29:eb:9b:e9:f8:ad:b9:0b:52:64:f7:36:ad:
21:93:a4:76:70:8d:65:57:5c:17:a6:f5:78:8a:a9:
e4:f9:ed:ac:a4:1d:bc:dd:0b:82:c7:f6:47:55:d2:
2f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:90:C2:F6:26:CE:3B:EA:1C:4C:A2:81:B6:63:B5:FB:27:50:A9:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:04:92:63:5f:d8:a6:48:f9:4f:50:e8:e9:3f:c3:22:df:f9:
41:a9:01:45:b6:6e:9b:97:87:f4:cc:0d:67:28:aa:2b:a8:cd:
a5:61:62:99:99:c7:f6:92:f2:43:44:be:19:e7:d5:43:d0:ae:
59:fd:52:1b:18:f8:c0:e7:cf:16:39:cf:f8:f6:de:8b:7d:e3:
27:51:d9:dc:63:15:ae:ea:e8:2a:d6:61:50:3b:d2:30:3f:62:
0b:c0:1b:33:a4:26:47:24:5b:a7:79:cb:ba:c3:09:00:53:b2:
9d:76:7f:eb:a5:33:b4:8b:1f:fd:f7:87:af:ce:1a:c4:23:78:
6e:9e:a8:2e:05:d9:a3:da:4e:4a:8e:99:80:ac:08:30:f2:1c:
57:5a:e9:ce:27:db:d7:63:11:6e:bb:0f:09:2b:25:01:18:3b:
64:3f:28:f9:c3:ed:fc:70:8e:20:ff:8d:f7:bc:ec:d0:2b:ad:
d8:19:84:06:47:bd:fd:de:b2:f4:8a:02:a2:a5:4d:9f:49:c0:
a4:e2:3b:5d:97:b8:93:25:f8:f5:60:b2:6b:f5:bc:5f:dd:1f:
35:b6:70:d9:49:a4:fd:28:74:9a:66:ee:81:1a:58:db:a0:91:
dc:64:64:8e:c5:79:19:83:3d:9b:91:94:d8:13:00:a9:f1:6d:
d4:f6:0a:56
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaBlMovlssAUGSkiwnE3226QQ42IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNGMyYTM4OWQzOTMzYjZhMjE2YWQ1N2U5ZmNhNGFkYzUyZTU4NzM2ZjIx
YTZjOWIxNjNhZGUxYjg4MWFmZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf71P8FP8x7Wua/gx/lmi3T56uja2J/VWyEQPyKNjJkvtEXtcrfDEl4niLM
/Ou1gMIfKeroddoWOCS5Jd5ktyiNIoGCCV2qIxcrDDJ1j09j8Ve5unjlw4NFBO9D
MJWKCnsNVUQHYIiK9FCKfXY3Kof+57Im/+f376XyNeJ2mjVMZ7OyxFvvuu2U85g4
j7Zv/RVy8Xod/2fywPFOaD+t8Q1rtoBwFg6hSKrV/YQG9webfYRzRAxT0RmIcb1+
jsCklMs/oSk+QftJBI6deT0OuUX/nHMp65vp+K25C1Jk9zatIZOkdnCNZVdcF6b1
eIqp5PntrKQdvN0Lgsf2R1XSL+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDkML2
Js476hxMooG2Y7X7J1Cp3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQC7BJJjX9imSPlPUOjpP8Mi3/lBqQFFtm6bl4f0zA1n
KKorqM2lYWKZmcf2kvJDRL4Z59VD0K5Z/VIbGPjA588WOc/49t6LfeMnUdncYxWu
6ugq1mFQO9IwP2ILwBszpCZHJFunecu6wwkAU7Kddn/rpTO0ix/994evzhrEI3hu
nqguBdmj2k5KjpmArAgw8hxXWunOJ9vXYxFuuw8JKyUBGDtkPyj5w+38cI4g/433
vOzQK63YGYQGR7393rL0igKipU2fScCk4jtdl7iTJfj1YLJr9bxf3R81tnDZSaT9
KHSaZu6BGljboJHcZGSOxXkZgz2bkZTYEwCp8W3U9gpW
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org