Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
File: 79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa (raw, json)
Hash identifier: w6ztknqc7UfYaph7au5xP6wFRe9Zi7mp41WkQG4eyIg=
Subject key identifier: 50:7B:3F:D5:E9:E3:0F:92:25:EF:4A:9E:D1:05:DD:14:E2:3D:3A:03
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 03C1E4D0AC6D89B46377367FB6FB8EB99E243F12
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c1:e4:d0:ac:6d:89:b4:63:77:36:7f:b6:fb:8e:b9:9e:24:3f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=2540fd10d5b8b21c63ded75a0a44caf355e60f5e6c3e3bb032fd32c345aa6d21, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ee:7e:79:d4:ef:b7:40:78:2a:6b:ed:02:93:
7a:b0:09:81:54:c5:f5:0c:9f:0b:32:70:08:30:cc:
bc:34:1c:38:99:20:7a:29:e7:5f:1d:1b:27:0a:8f:
07:4c:da:62:50:fd:72:44:81:3c:43:e3:2c:6c:f5:
0e:7f:ea:64:0a:79:33:06:7d:07:26:9f:28:34:ea:
d5:75:35:61:18:5b:10:d8:b1:4f:d4:2d:eb:8e:26:
41:06:d9:dd:fb:ec:a6:d2:c7:d1:e4:91:9f:91:41:
55:5f:27:85:b8:15:0d:c4:58:bf:35:e6:af:98:34:
c0:0f:3e:55:3d:ae:d5:c5:bd:bd:4e:ff:84:b8:6d:
d7:a3:32:94:92:fa:eb:98:05:a5:14:7d:e7:36:f5:
d5:61:da:e7:3d:76:8a:46:4f:ee:2d:08:99:4c:51:
2d:ea:4d:cb:be:60:61:12:fb:62:34:a8:38:0a:34:
66:bf:e1:0d:bb:b0:1d:29:5b:1d:6e:d2:e8:01:17:
cd:2e:5b:55:89:e7:ca:32:72:52:44:ca:51:52:d0:
49:a2:e2:cd:93:50:39:79:5b:d4:16:b0:60:61:c7:
85:14:00:92:32:8b:01:d2:1d:08:48:15:30:05:76:
27:07:ae:c8:61:65:83:59:4d:98:1a:fe:a2:5f:37:
0a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7B:3F:D5:E9:E3:0F:92:25:EF:4A:9E:D1:05:DD:14:E2:3D:3A:03
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3e:d9:85:76:a0:18:e4:6d:19:02:41:5e:82:da:15:c1:7f:0f:
45:e0:9a:6f:a8:29:8f:c2:d8:2c:b9:c6:4d:3d:5f:08:1e:9c:
d9:0f:c5:fb:6d:34:49:4d:bf:aa:a4:2a:25:57:ef:29:1d:c2:
89:ef:cf:31:9c:cd:2d:c9:54:fe:fb:88:d2:af:82:e6:66:e0:
70:a2:b9:85:6f:3c:1d:8a:da:0c:57:54:dc:64:76:82:c1:b6:
c7:25:a2:b8:f1:7e:e4:7d:2f:6e:47:32:cc:c6:ea:82:e3:a4:
d7:f7:f0:00:4f:fd:38:68:d4:8c:d3:9f:3b:eb:b5:a9:00:fb:
18:a9:7f:27:31:83:f9:e0:cc:41:cd:56:2a:9b:23:91:c5:1e:
14:6f:47:42:c0:35:5b:a2:f6:ce:55:4d:5f:e4:98:e5:7f:aa:
f4:ae:95:99:4b:44:8d:eb:db:fa:45:f2:5e:98:50:64:6b:70:
86:48:45:74:1c:3b:4a:8b:d2:e9:99:75:bb:bb:f3:80:4a:4a:
53:43:f0:bf:35:05:3a:95:15:98:8b:87:d4:34:dc:f8:a6:de:
bf:b4:9b:24:36:5c:14:50:37:94:b6:cc:5e:92:95:bc:95:41:
a3:dc:c2:1c:10:6e:03:8d:51:94:a7:ed:08:72:da:ec:2f:be:
44:4a:db:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA8Hk0KxtibRjdzZ/tvuOuZ4kPxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NDBmZDEwZDViOGIyMWM2M2RlZDc1YTBhNDRjYWYzNTVlNjBmNWU2YzNl
M2JiMDMyZmQzMmMzNDVhYTZkMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPufnnU77dAeCpr7QKTerAJgVTF9QyfCzJwCDDMvDQcOJkgeinnXx0bJwqP
B0zaYlD9ckSBPEPjLGz1Dn/qZAp5MwZ9ByafKDTq1XU1YRhbENixT9Qt644mQQbZ
3fvsptLH0eSRn5FBVV8nhbgVDcRYvzXmr5g0wA8+VT2u1cW9vU7/hLht16MylJL6
65gFpRR95zb11WHa5z12ikZP7i0ImUxRLepNy75gYRL7YjSoOAo0Zr/hDbuwHSlb
HW7S6AEXzS5bVYnnyjJyUkTKUVLQSaLizZNQOXlb1BawYGHHhRQAkjKLAdIdCEgV
MAV2JweuyGFlg1lNmBr+ol83ChkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRQez/V
6eMPkiXvSp7RBd0U4j06AzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzlhYzk2ODItZjM4ZC00YTI3LWE2NzQtNmZmYTY3ZDE1ZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQA+2YV2oBjkbRkCQV6C2hXBfw9F4JpvqCmPwtgsucZN
PV8IHpzZD8X7bTRJTb+qpColV+8pHcKJ788xnM0tyVT++4jSr4LmZuBwormFbzwd
itoMV1TcZHaCwbbHJaK48X7kfS9uRzLMxuqC46TX9/AAT/04aNSM058767WpAPsY
qX8nMYP54MxBzVYqmyORxR4Ub0dCwDVbovbOVU1f5Jjlf6r0rpWZS0SN69v6RfJe
mFBka3CGSEV0HDtKi9LpmXW7u/OASkpTQ/C/NQU6lRWYi4fUNNz4pt6/tJskNlwU
UDeUtsxekpW8lUGj3MIcEG4DjVGUp+0IctrsL75EStv0
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org