Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
File: a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa (raw, json)
Hash identifier: GgLq/OlS+L06zUFAzCrZYyDn4GVQFp3zYBB5xVLrbss=
Subject key identifier: C5:18:A3:E8:45:FF:3B:7C:E9:0A:E9:B5:0E:E0:18:4A:E0:E9:1C:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B2E1129814E5327075F2E3DA942A4D7D4222E3A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:2e:11:29:81:4e:53:27:07:5f:2e:3d:a9:42:a4:d7:d4:22:2e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=4466a7f3bba55f0767d5a469f34d87a990aba02e2c45965320f429cf49a2bd37, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5a:15:d7:c0:5d:9b:f9:c1:e8:7c:fb:61:c2:
ad:cd:e3:cd:aa:b6:d0:28:35:26:08:8e:f4:dd:41:
e4:72:60:43:27:49:76:4f:b0:36:7a:2b:76:1f:3c:
ad:c1:df:f8:b9:8b:88:ee:a5:f5:fe:f3:8b:4e:34:
97:01:31:f4:ed:04:85:75:aa:1f:60:3c:6f:16:c8:
89:82:28:c4:0c:bd:be:83:73:71:3d:58:91:cc:d9:
d6:e9:91:b7:68:84:87:32:12:63:6c:49:aa:83:de:
17:06:47:3b:3c:15:ac:91:03:7d:d8:9a:8c:a6:39:
01:b6:61:5e:d2:6d:fe:7b:f0:98:a4:c2:75:44:09:
d9:88:10:83:1e:11:72:e1:92:b0:49:8f:80:8b:45:
7e:b6:09:8f:f1:ac:95:ba:ea:9d:71:a2:ad:c6:da:
e7:bc:25:95:4b:28:58:77:89:b3:03:3f:98:7b:16:
8c:6e:20:8f:b0:c9:73:e6:71:06:53:6b:2a:f6:b1:
c6:ab:be:32:97:45:be:a7:c3:99:f3:c4:ec:0f:fb:
cf:4a:52:a4:db:6f:62:66:41:a7:a8:c4:fe:c3:ac:
34:6f:df:17:ed:05:75:0e:e6:60:47:e0:81:a5:89:
18:b1:fc:5b:70:5c:cd:ad:b8:4c:1f:6a:20:6c:1d:
7c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:18:A3:E8:45:FF:3B:7C:E9:0A:E9:B5:0E:E0:18:4A:E0:E9:1C:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
15:04:ba:a1:7f:6a:b0:70:01:4c:81:07:3c:a3:fa:78:a0:c7:
9c:96:8f:4a:85:bd:fe:16:2e:41:fe:b3:e7:d4:b2:7d:f5:e0:
0d:4d:48:99:5c:88:12:7c:77:a1:83:c3:b0:ac:31:fb:fd:8e:
cb:30:4d:ca:64:e0:94:a6:99:fc:1f:ad:57:44:84:86:1c:17:
8d:ff:66:30:d9:5a:aa:d4:c3:48:85:59:76:5b:0c:55:37:8a:
dd:8c:b9:f0:6a:f0:64:c9:bd:12:03:4a:e4:68:d2:40:bf:81:
8f:c1:9f:9f:fb:4f:e3:cc:09:6b:66:5c:89:6a:87:3e:fe:05:
93:31:45:12:5e:b8:de:9b:17:29:04:c8:2b:1a:d7:8f:cb:96:
8a:1e:bb:ef:ce:bf:d1:b3:d4:11:0a:6e:bf:76:d4:ad:3e:74:
d9:b3:b1:58:b7:30:67:32:c4:7e:8a:ea:53:51:2f:73:51:0a:
86:ac:ab:22:32:d3:13:d7:1f:5f:19:2d:18:6c:1b:86:8d:a5:
2d:df:9e:cb:68:a7:4e:a0:c5:e6:48:8d:9d:98:9e:4c:31:51:
32:8b:0b:38:87:bc:56:17:62:c0:74:6d:9e:7a:8f:c9:f3:67:
55:a2:97:39:01:28:53:26:cb:53:b2:56:6a:c8:89:43:ff:29:
49:d2:15:62
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGy4RKYFOUycHXy49qUKk19QiLjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0NjZhN2YzYmJhNTVmMDc2N2Q1YTQ2OWYzNGQ4N2E5OTBhYmEwMmUyYzQ1
OTY1MzIwZjQyOWNmNDlhMmJkMzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOtaFdfAXZv5weh8+2HCrc3jzaq20Cg1JgiO9N1B5HJgQydJdk+wNnordh88
rcHf+LmLiO6l9f7zi040lwEx9O0EhXWqH2A8bxbIiYIoxAy9voNzcT1YkczZ1umR
t2iEhzISY2xJqoPeFwZHOzwVrJEDfdiajKY5AbZhXtJt/nvwmKTCdUQJ2YgQgx4R
cuGSsEmPgItFfrYJj/GslbrqnXGircba57wllUsoWHeJswM/mHsWjG4gj7DJc+Zx
BlNrKvaxxqu+MpdFvqfDmfPE7A/7z0pSpNtvYmZBp6jE/sOsNG/fF+0FdQ7mYEfg
gaWJGLH8W3Bcza24TB9qIGwdfCkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTFGKPo
Rf87fOkK6bUO4BhK4OkcCzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJlYzMwZWQtOTc0YS00M2E1LWI0NmUtYzFlMDgyNDNjYmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQAVBLqhf2qwcAFMgQc8o/p4oMeclo9Khb3+Fi5B/rPn
1LJ99eANTUiZXIgSfHehg8OwrDH7/Y7LME3KZOCUppn8H61XRISGHBeN/2Yw2Vqq
1MNIhVl2WwxVN4rdjLnwavBkyb0SA0rkaNJAv4GPwZ+f+0/jzAlrZlyJaoc+/gWT
MUUSXrjemxcpBMgrGtePy5aKHrvvzr/Rs9QRCm6/dtStPnTZs7FYtzBnMsR+iupT
US9zUQqGrKsiMtMT1x9fGS0YbBuGjaUt357LaKdOoMXmSI2dmJ5MMVEyiws4h7xW
F2LAdG2eeo/J82dVopc5AShTJstTslZqyIlD/ylJ0hVi
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org