Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
File: 7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa (raw, json)
Hash identifier: ALsvxc3B5F360Ck5RhHg8kthbZpCslaNceQMX216oe8=
Subject key identifier: DD:16:26:10:62:6F:FD:55:E6:18:94:34:41:79:0A:3F:B6:15:AA:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23142EB21286A73FF97F551E16982EAE0077EAB8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:14:2e:b2:12:86:a7:3f:f9:7f:55:1e:16:98:2e:ae:00:77:ea:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=03179688350750322ca33aa530b7d85502910125944bc218217b1733c233d660, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:38:ca:96:e3:f3:5d:15:4a:11:10:6d:af:66:
68:6e:1f:cd:85:36:f9:22:27:fe:6f:92:e7:c8:8c:
f1:01:9a:08:73:48:ca:3d:12:7c:95:e4:83:1a:a9:
38:fe:b7:d5:e7:9c:02:1d:28:c7:f5:0e:3c:73:0a:
9e:d4:70:e2:54:4d:75:96:4d:00:b5:14:db:0d:73:
3f:99:ce:7b:3e:1c:7c:46:35:90:7c:2c:9c:79:b4:
fc:ca:d9:83:55:48:ca:89:f9:49:be:e3:22:42:cf:
20:85:e6:d6:02:10:84:f1:dd:70:f1:03:42:3a:6e:
a8:0a:4f:34:0c:93:4a:12:de:08:5b:7d:9c:a4:c9:
3c:1c:a3:0e:0c:ed:6f:9e:37:0a:0f:e1:79:a5:1e:
c9:7f:e3:09:e2:f1:8d:97:72:56:fd:13:28:37:aa:
7c:42:1f:be:02:48:3b:d4:1f:89:02:b2:5d:16:07:
37:e4:c0:65:3f:7f:c6:a9:09:94:70:41:63:72:37:
46:68:76:13:65:25:16:34:7a:c4:4e:c0:3a:bf:9f:
bf:b8:ce:32:53:e6:0b:b8:9e:7c:1b:18:16:db:d4:
01:bf:1a:78:9d:3e:8a:b4:72:8a:e1:05:4f:37:9a:
11:34:7c:75:ed:e4:fc:da:e6:cf:16:be:b6:f5:47:
de:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:16:26:10:62:6F:FD:55:E6:18:94:34:41:79:0A:3F:B6:15:AA:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c0:c4:a9:80:80:08:16:d9:6d:52:b3:80:8d:85:0a:d5:4d:3c:
f8:d8:07:ba:3a:11:d2:4a:37:9c:d1:c6:c8:da:0a:03:f0:bd:
58:f6:5c:5c:be:9d:fa:4b:16:3b:7c:bc:8b:56:7f:27:42:f5:
de:01:55:81:42:87:61:8c:88:48:af:68:4c:5a:3f:4e:84:12:
59:dc:a9:d1:ea:e9:d5:53:f2:e6:c7:64:3c:57:01:0d:46:3b:
94:34:4e:0a:08:2e:7b:5d:46:a9:54:f2:ba:18:62:e3:c6:1f:
03:66:b9:30:d5:f6:cc:24:7f:4c:a5:5b:5b:79:e3:88:e8:88:
41:c1:88:58:fa:e8:3c:c9:66:81:74:8b:55:47:ba:ba:28:ba:
0d:1f:58:90:0e:a9:59:17:08:22:46:ec:74:25:14:9a:f2:20:
2f:75:7d:ff:9d:6c:35:d6:99:59:a0:68:5a:c6:3b:a7:1a:77:
5b:24:8c:a9:bd:43:6d:33:8b:57:18:82:e2:b9:ab:a5:96:b7:
8a:95:74:4a:02:32:98:65:e8:8c:18:34:24:07:8e:3e:54:de:
da:4d:3c:e3:37:5b:ce:73:fc:21:23:41:e6:78:77:5b:9c:cb:
96:7e:e6:16:f9:6c:ab:94:cc:f1:81:a3:15:9c:05:b9:df:06:
99:ac:d0:fe
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIxQushKGpz/5f1UeFpgurgB36rgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMTc5Njg4MzUwNzUwMzIyY2EzM2FhNTMwYjdkODU1MDI5MTAxMjU5NDRi
YzIxODIxN2IxNzMzYzIzM2Q2NjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME4ypbj810VShEQba9maG4fzYU2+SIn/m+S58iM8QGaCHNIyj0SfJXkgxqp
OP631eecAh0ox/UOPHMKntRw4lRNdZZNALUU2w1zP5nOez4cfEY1kHwsnHm0/MrZ
g1VIyon5Sb7jIkLPIIXm1gIQhPHdcPEDQjpuqApPNAyTShLeCFt9nKTJPByjDgzt
b543Cg/heaUeyX/jCeLxjZdyVv0TKDeqfEIfvgJIO9QfiQKyXRYHN+TAZT9/xqkJ
lHBBY3I3Rmh2E2UlFjR6xE7AOr+fv7jOMlPmC7iefBsYFtvUAb8aeJ0+irRyiuEF
TzeaETR8de3k/Nrmzxa+tvVH3vsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdFiYQ
Ym/9VeYYlDRBeQo/thWqhDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y3NDJiOTEtZGVkNC00ZDhlLWJkMzYtMGIxODdmMjdmYjIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQDAxKmAgAgW2W1Ss4CNhQrVTTz42Ae6OhHSSjec0cbI
2goD8L1Y9lxcvp36SxY7fLyLVn8nQvXeAVWBQodhjIhIr2hMWj9OhBJZ3KnR6unV
U/Lmx2Q8VwENRjuUNE4KCC57XUapVPK6GGLjxh8DZrkw1fbMJH9MpVtbeeOI6IhB
wYhY+ug8yWaBdItVR7q6KLoNH1iQDqlZFwgiRux0JRSa8iAvdX3/nWw11plZoGha
xjunGndbJIypvUNtM4tXGILiuaullreKlXRKAjKYZeiMGDQkB44+VN7aTTzjN1vO
c/whI0HmeHdbnMuWfuYW+WyrlMzxgaMVnAW53waZrND+
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org