Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9f138a04-74b4-40a4-b21b-04714bb0f86e.roa
File: 9f138a04-74b4-40a4-b21b-04714bb0f86e.roa (raw, json)
Hash identifier: YP/gY4tJNOhFVuJpVodoIyxM7dNXFh+95xegAwAtvM4=
Subject key identifier: B5:61:7F:60:78:C4:7F:7D:EB:92:CA:40:32:48:83:26:24:57:5E:37
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1033929520823276A21ED7061B16A8EF0416F14C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9f138a04-74b4-40a4-b21b-04714bb0f86e.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:33:92:95:20:82:32:76:a2:1e:d7:06:1b:16:a8:ef:04:16:f1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=3e366611582a791b232f621e1b3d7f40fc5b0c1d14c5911ce2fa5fb13d982386, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:57:68:a0:8c:e3:32:ef:f3:f8:df:f8:08:
06:a4:ca:f7:ef:21:03:fb:3b:34:d4:4c:79:a4:2b:
5d:be:f7:dc:a3:45:f4:e1:f0:6e:a2:7d:bc:d9:5a:
ab:9c:07:14:61:f9:e6:a8:3a:e7:e2:88:a8:61:48:
0a:a8:54:3a:98:d1:5a:de:fe:57:07:48:6f:86:0b:
41:a0:79:2e:93:99:7b:75:9f:29:18:14:f0:48:35:
8c:a6:25:b1:a5:0b:50:49:e5:85:2d:01:33:72:90:
d7:fc:a0:0e:3b:a5:16:9f:2f:7b:c1:1b:06:43:96:
00:e7:a0:d2:8c:0f:52:ba:a6:ef:c6:db:7a:6f:90:
b6:30:84:6a:b5:19:22:17:af:b7:86:a6:70:1e:01:
ed:f7:7b:24:f0:cd:eb:0a:4f:00:a9:b7:6a:65:2e:
f2:f0:e7:64:68:07:86:35:5e:8f:0e:62:7e:23:22:
07:10:68:ba:76:f3:d0:bb:05:02:0e:69:57:9c:f7:
96:a5:d1:a9:c8:a7:ee:2a:0b:a5:1d:c0:88:9b:20:
80:11:57:4c:60:07:0d:28:a7:8c:43:8c:f9:7a:52:
b0:52:e2:a5:3c:3d:da:f8:69:c0:58:38:6b:30:eb:
90:42:eb:65:b8:1d:aa:5f:58:f2:66:0a:b5:aa:10:
56:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:61:7F:60:78:C4:7F:7D:EB:92:CA:40:32:48:83:26:24:57:5E:37
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9f138a04-74b4-40a4-b21b-04714bb0f86e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:09:c3:0a:65:00:72:f1:75:30:19:68:70:00:08:de:9a:c1:
a2:b7:21:48:6e:6d:e0:f7:56:43:ab:21:91:a8:bb:23:9f:c8:
fc:66:57:26:65:ec:14:7d:21:30:d9:16:d6:6e:32:39:8c:89:
15:ae:ea:cd:fd:fc:1f:10:b1:1a:20:c2:51:c4:99:f9:75:3a:
7e:6f:5b:11:6b:1e:5f:2d:62:83:1b:31:83:4f:ba:bf:69:23:
4a:15:1c:d2:a3:df:36:34:d4:23:39:23:01:7d:d0:c5:36:28:
7a:68:3f:ab:bd:48:7c:c3:3d:3e:2f:4c:55:c2:73:64:36:57:
1d:a0:8c:35:5e:e1:e8:e2:4f:23:b8:eb:3d:4c:ce:45:47:f5:
66:6a:31:cb:a9:94:bc:8e:66:78:e9:a7:cc:47:bd:96:10:83:
ce:54:ac:97:14:98:8a:ae:a7:fe:fb:81:4d:ac:57:35:d5:10:
da:4e:08:d8:4f:17:4d:99:81:ff:20:0d:85:df:77:2a:6c:1e:
42:17:68:5b:14:9a:3f:5f:90:ac:42:85:46:e9:5d:e1:50:c0:
91:36:90:e6:b0:8f:89:e9:a1:16:c0:ab:2d:c9:33:4d:57:28:
9a:e5:e0:53:c9:22:07:7f:3e:68:2b:47:e5:16:1d:c0:6c:c7:
c0:98:74:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEDOSlSCCMnaiHtcGGxao7wQW8UwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMzY2NjExNTgyYTc5MWIyMzJmNjIxZTFiM2Q3ZjQwZmM1YjBjMWQxNGM1
OTExY2UyZmE1ZmIxM2Q5ODIzODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIiV2igjOMy7/P43/gIBqTK9+8hA/s7NNRMeaQrXb733KNF9OHwbqJ9vNla
q5wHFGH55qg65+KIqGFICqhUOpjRWt7+VwdIb4YLQaB5LpOZe3WfKRgU8Eg1jKYl
saULUEnlhS0BM3KQ1/ygDjulFp8ve8EbBkOWAOeg0owPUrqm78bbem+QtjCEarUZ
Ihevt4amcB4B7fd7JPDN6wpPAKm3amUu8vDnZGgHhjVejw5ifiMiBxBounbz0LsF
Ag5pV5z3lqXRqcin7ioLpR3AiJsggBFXTGAHDSinjEOM+XpSsFLipTw92vhpwFg4
azDrkELrZbgdql9Y8mYKtaoQVskCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS1YX9g
eMR/feuSykAySIMmJFdeNzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWYxMzhhMDQtNzRiNC00MGE0LWIyMWItMDQ3MTRiYjBmODZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAXwnDCmUAcvF1MBlocAAI3prBorchSG5t4PdWQ6sh
kai7I5/I/GZXJmXsFH0hMNkW1m4yOYyJFa7qzf38HxCxGiDCUcSZ+XU6fm9bEWse
Xy1igxsxg0+6v2kjShUc0qPfNjTUIzkjAX3QxTYoemg/q71IfMM9Pi9MVcJzZDZX
HaCMNV7h6OJPI7jrPUzORUf1Zmoxy6mUvI5meOmnzEe9lhCDzlSslxSYiq6n/vuB
TaxXNdUQ2k4I2E8XTZmB/yANhd93KmweQhdoWxSaP1+QrEKFRuld4VDAkTaQ5rCP
iemhFsCrLckzTVcomuXgU8kiB38+aCtH5RYdwGzHwJh0oA==
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org