Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
File: 77b69854-7acc-4257-9488-ffcab8197c82.roa (raw, json)
Hash identifier: bVXaBFxbLX5RO+hPQAkFLUBjcJ1WN5OmYlclXSvqqmE=
Subject key identifier: 86:A8:F7:D4:1E:9E:82:8E:85:F4:FE:60:86:20:DF:2A:8E:F5:41:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2113FC2467F1A8949346E4D68985126AF3F1286D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:13:fc:24:67:f1:a8:94:93:46:e4:d6:89:85:12:6a:f3:f1:28:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=89ae591d7d23557a55c09999ce9a38c8a9300fd10f1c6eac16be836d68099b17, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:6b:e0:bb:78:8e:4a:13:5c:ad:26:c7:06:
f9:7d:81:76:24:06:16:27:9e:7e:c1:94:c9:74:af:
e4:3c:7f:d8:df:e5:51:e1:91:ff:4b:a9:2e:f7:a9:
2e:05:27:b3:31:9d:42:2b:8b:92:5b:0f:3f:95:44:
fd:13:9f:7d:98:d2:dc:3c:99:6e:f1:17:41:8a:48:
ab:c3:ee:77:79:43:53:b0:ca:4c:b3:f8:ed:19:34:
22:b1:4b:4b:68:15:83:17:2b:13:08:a2:7a:f9:db:
b8:fd:db:bc:d3:ef:33:c1:1b:b9:29:57:e4:a0:8f:
ca:95:78:bb:bc:f0:bc:0f:f2:7d:6f:4b:36:7b:4e:
33:14:26:78:c3:38:25:46:1e:a3:b8:ea:e7:9e:25:
1a:ba:c5:ba:ed:95:10:d2:d8:fb:26:ba:25:3d:f4:
33:3f:ce:8d:f9:19:ec:0d:68:1c:ee:dd:39:08:d3:
71:23:ec:38:1d:2c:26:dd:35:32:53:59:29:ca:f1:
ca:ce:32:6b:7d:9f:2b:35:3e:65:29:9d:42:f5:b2:
d7:26:c7:f9:7a:2a:94:5f:7e:06:3b:0e:e5:bd:52:
14:32:6f:66:cd:bb:aa:3d:3b:56:35:44:21:ab:26:
35:af:c6:d4:8e:07:fa:27:fc:63:76:bf:b6:3c:86:
c3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A8:F7:D4:1E:9E:82:8E:85:F4:FE:60:86:20:DF:2A:8E:F5:41:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:85:df:28:d7:da:f3:e9:da:f8:c8:6e:62:74:4a:30:c3:63:
7e:0b:09:c9:a2:91:25:40:f7:0c:a8:e6:31:54:44:57:0d:eb:
42:79:79:3e:64:be:73:ad:9b:9e:03:1e:44:47:c4:97:29:c6:
b4:33:9a:e7:59:61:31:f4:4b:90:d2:b0:a3:0c:fc:a0:ef:74:
cd:ba:43:67:fa:1c:ba:fe:eb:9d:15:48:15:1d:df:a7:76:9f:
a7:2a:6e:9b:d4:b7:f0:ab:b2:a5:41:3b:75:76:9f:23:17:c2:
9a:d5:71:42:ea:22:e3:1c:d6:8f:08:e5:63:5a:27:f7:52:42:
a9:5a:46:05:d7:d4:69:2c:c5:34:a5:d5:f1:2f:6f:cd:5f:56:
6c:13:ca:7b:66:2a:e8:61:98:87:fb:f3:65:b8:05:3b:91:d8:
37:10:7d:a7:36:16:b5:06:18:0e:fe:f3:10:a2:81:ab:41:0e:
43:01:e5:25:ae:28:25:26:ae:3d:5f:f1:e6:a1:ec:57:c4:1a:
f7:89:c0:38:55:db:c5:49:b9:34:9d:c1:e3:cb:d9:a2:6a:46:
e4:8e:f4:38:ff:7b:dc:47:be:50:ba:53:10:67:65:47:0c:2b:
a9:69:b5:c1:2c:e1:33:ca:16:e7:7a:9e:c0:56:c0:2d:3a:3f:
72:a8:e1:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIRP8JGfxqJSTRuTWiYUSavPxKG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YWU1OTFkN2QyMzU1N2E1NWMwOTk5OWNlOWEzOGM4YTkzMDBmZDEwZjFj
NmVhYzE2YmU4MzZkNjgwOTliMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf5a+C7eI5KE1ytJscG+X2BdiQGFieefsGUyXSv5Dx/2N/lUeGR/0upLvep
LgUnszGdQiuLklsPP5VE/ROffZjS3DyZbvEXQYpIq8Pud3lDU7DKTLP47Rk0IrFL
S2gVgxcrEwiievnbuP3bvNPvM8EbuSlX5KCPypV4u7zwvA/yfW9LNntOMxQmeMM4
JUYeo7jq554lGrrFuu2VENLY+ya6JT30Mz/OjfkZ7A1oHO7dOQjTcSPsOB0sJt01
MlNZKcrxys4ya32fKzU+ZSmdQvWy1ybH+XoqlF9+BjsO5b1SFDJvZs27qj07VjVE
IasmNa/G1I4H+if8Y3a/tjyGw2sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSGqPfU
Hp6CjoX0/mCGIN8qjvVBGDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzdiNjk4NTQtN2FjYy00MjU3LTk0ODgtZmZjYWI4MTk3YzgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQCZhd8o19rz6dr4yG5idEoww2N+CwnJopElQPcMqOYx
VERXDetCeXk+ZL5zrZueAx5ER8SXKca0M5rnWWEx9EuQ0rCjDPyg73TNukNn+hy6
/uudFUgVHd+ndp+nKm6b1Lfwq7KlQTt1dp8jF8Ka1XFC6iLjHNaPCOVjWif3UkKp
WkYF19RpLMU0pdXxL2/NX1ZsE8p7ZiroYZiH+/NluAU7kdg3EH2nNha1BhgO/vMQ
ooGrQQ5DAeUlriglJq49X/HmoexXxBr3icA4VdvFSbk0ncHjy9miakbkjvQ4/3vc
R75QulMQZ2VHDCupabXBLOEzyhbnep7AVsAtOj9yqOFK
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org