Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9fded231-716b-4fdc-a800-fd1e332cb487.roa
File: 9fded231-716b-4fdc-a800-fd1e332cb487.roa (raw, json)
Hash identifier: AilnNXSh5UN+JJhZhdW1SMC/UFC1putzrbN/0RUrEis=
Subject key identifier: B5:59:02:D2:F0:1D:01:CF:6C:3D:E5:55:17:F1:32:F6:FC:5E:18:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5049B617AA2DCD9CBBCD94F51EAD306EEDC964D0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9fded231-716b-4fdc-a800-fd1e332cb487.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:49:b6:17:aa:2d:cd:9c:bb:cd:94:f5:1e:ad:30:6e:ed:c9:64:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=14e6724babdca33bac9a8e7686c046a379cd57f2bef5a8591d1f24b4cdb93dd9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:e0:04:4c:a2:a9:12:29:5b:49:65:41:54:
3b:15:e2:34:97:3b:e6:bc:10:3c:2f:da:23:79:b5:
ed:37:0b:cc:fa:ee:f0:b8:92:44:1d:04:17:5b:c1:
34:d9:af:52:48:27:42:48:a6:32:a3:76:b7:cc:56:
63:13:88:b3:46:2d:c0:89:e0:b6:e2:4a:d7:e8:8d:
ed:64:72:f2:1f:ac:09:4f:86:15:4f:8e:b5:eb:5d:
1e:49:c5:e1:c1:03:b9:cb:a0:95:7c:dd:36:f5:89:
de:5a:d7:79:7e:d6:f6:42:cd:1a:60:4a:4a:b6:71:
e7:e4:f5:3b:6c:42:2c:95:fd:b9:e3:11:2a:88:ba:
5e:18:ef:15:56:ea:21:19:a2:79:b3:69:da:ed:4f:
ea:d7:77:05:ae:77:72:4b:b1:dc:3a:13:a1:86:0a:
08:25:1f:79:77:72:79:80:30:c2:60:65:5a:ef:4a:
c2:25:ed:12:50:38:63:05:5e:e2:ea:d0:11:6f:7a:
41:75:2c:a2:81:d7:38:e2:20:97:30:57:a7:fa:27:
12:dc:d8:1e:a8:15:95:6e:2e:c2:ee:a7:c6:b6:ec:
16:d9:11:51:0e:a7:9e:70:5d:e8:1a:f3:7c:d4:d3:
5f:7b:a1:5e:a7:19:0e:49:05:47:07:53:95:7f:a4:
f8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:59:02:D2:F0:1D:01:CF:6C:3D:E5:55:17:F1:32:F6:FC:5E:18:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9fded231-716b-4fdc-a800-fd1e332cb487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
02:98:2e:e3:e1:43:f8:25:5e:cc:b5:66:0f:9e:db:69:37:c3:
d1:52:c7:b4:24:40:30:c8:2c:d5:b3:f2:c5:fc:7a:af:ca:54:
c0:b5:b9:51:f9:ad:12:fc:ce:7c:20:97:c7:21:dc:22:b3:ca:
b9:de:a8:62:10:10:e7:1c:21:ec:7d:ce:7b:79:97:65:22:6c:
fe:e3:40:54:08:52:5f:bd:47:d5:9a:93:1c:99:0b:65:82:3d:
49:37:be:8f:0d:0b:0f:fe:ac:12:aa:a2:a6:8e:67:b0:ae:b0:
f7:af:50:a1:6d:ef:9c:b0:14:b2:c1:d3:70:3d:b6:a9:65:95:
cb:1d:27:e7:f0:df:e5:e1:ea:69:6e:98:8c:a5:e6:d1:97:d3:
38:cd:cb:8b:70:ed:a0:b3:df:dd:7a:27:19:5c:c3:14:30:ec:
9c:9b:e3:36:bb:43:51:64:ba:a5:90:4e:cc:32:d7:f0:a8:37:
82:64:98:a7:74:e3:df:e1:89:b3:f2:bc:93:f3:67:99:e2:6b:
a6:e9:8e:d2:c7:d2:f4:c2:8a:95:d6:06:55:0a:a4:8f:b1:de:
06:73:a4:31:c8:ee:e5:4a:5e:49:29:8a:0d:b0:bc:e4:80:9c:
0d:de:86:cb:dc:89:44:5b:dd:9d:df:50:a0:96:ac:22:3f:b4:
c3:8b:97:49
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUEm2F6otzZy7zZT1Hq0wbu3JZNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0ZTY3MjRiYWJkY2EzM2JhYzlhOGU3Njg2YzA0NmEzNzljZDU3ZjJiZWY1
YTg1OTFkMWYyNGI0Y2RiOTNkZDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIf4ARMoqkSKVtJZUFUOxXiNJc75rwQPC/aI3m17TcLzPru8LiSRB0EF1vB
NNmvUkgnQkimMqN2t8xWYxOIs0YtwIngtuJK1+iN7WRy8h+sCU+GFU+OtetdHknF
4cEDucuglXzdNvWJ3lrXeX7W9kLNGmBKSrZx5+T1O2xCLJX9ueMRKoi6XhjvFVbq
IRmiebNp2u1P6td3Ba53ckux3DoToYYKCCUfeXdyeYAwwmBlWu9KwiXtElA4YwVe
4urQEW96QXUsooHXOOIglzBXp/onEtzYHqgVlW4uwu6nxrbsFtkRUQ6nnnBd6Brz
fNTTX3uhXqcZDkkFRwdTlX+k+LsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS1WQLS
8B0Bz2w95VUX8TL2/F4YJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWZkZWQyMzEtNzE2Yi00ZmRjLWE4MDAtZmQxZTMzMmNiNDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEAApgu4+FD+CVezLVmD57baTfD0VLHtCRAMMgs1bPy
xfx6r8pUwLW5UfmtEvzOfCCXxyHcIrPKud6oYhAQ5xwh7H3Oe3mXZSJs/uNAVAhS
X71H1ZqTHJkLZYI9STe+jw0LD/6sEqqipo5nsK6w969QoW3vnLAUssHTcD22qWWV
yx0n5/Df5eHqaW6YjKXm0ZfTOM3Li3DtoLPf3XonGVzDFDDsnJvjNrtDUWS6pZBO
zDLX8Kg3gmSYp3Tj3+GJs/K8k/NnmeJrpumO0sfS9MKKldYGVQqkj7HeBnOkMcju
5UpeSSmKDbC85ICcDd6Gy9yJRFvdnd9QoJasIj+0w4uXSQ==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org