Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa
File: a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa (raw, json)
Hash identifier: vW1G4KtGxFPN1FIailzTKM547FDufUk39gpUA3U4YoM=
Subject key identifier: 11:8C:B0:7D:1E:3B:97:D8:F4:D1:59:53:58:0B:BE:6E:F1:21:7F:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 629B6F7B4574605DCBA8EB8A424CD72076F05CDE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.16.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:9b:6f:7b:45:74:60:5d:cb:a8:eb:8a:42:4c:d7:20:76:f0:5c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=a8ed95e16736c3c28e44ee3931e78f3726d953642ea06610e962e98ff346ed5f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:14:af:ad:14:76:7f:68:1b:45:da:fa:ea:59:
93:be:71:a2:38:c3:29:42:64:62:b3:4f:f6:1e:4e:
76:67:4b:05:1d:ab:40:bb:b9:e8:86:b9:c6:16:dd:
51:b7:2a:f2:e7:b6:19:6b:b2:83:65:c6:c5:d1:f0:
e4:f6:5e:fa:af:70:d0:5f:6d:42:67:9f:2c:c3:aa:
c3:1e:b7:9e:a9:a4:b1:30:a8:f0:89:9c:40:9f:97:
56:d1:f4:1b:0b:25:10:a2:e1:d8:ae:f0:5f:cb:60:
bc:26:58:8c:04:47:5a:15:07:17:4f:88:e1:01:f0:
3f:8a:3c:31:0f:4c:07:a0:0f:34:b8:11:08:2a:9f:
d0:a0:f5:80:81:98:4f:51:15:f7:ef:db:b1:03:ec:
39:eb:31:55:6e:d7:fb:59:44:b4:dd:23:aa:96:f0:
2c:99:9a:23:fc:ab:57:6a:f6:97:de:52:3c:0d:01:
87:c2:a5:54:5f:b6:21:7c:8b:28:f7:29:d9:0f:90:
38:f0:90:61:17:95:f5:27:37:cf:dd:17:e5:a9:10:
39:95:01:5e:88:31:aa:97:7f:1f:b6:40:68:a8:e3:
77:4f:19:c2:ae:c1:dd:fd:fb:40:0c:51:b7:cd:09:
b3:b2:21:ba:57:45:e3:93:82:73:72:8e:9c:d3:75:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:8C:B0:7D:1E:3B:97:D8:F4:D1:59:53:58:0B:BE:6E:F1:21:7F:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c0:af:40:88:71:06:f1:db:c1:45:da:fc:a3:66:5d:cd:3b:2c:
72:a3:50:11:04:55:36:2a:21:c2:c7:8c:23:dd:31:a1:d9:8a:
32:d8:fb:0b:49:de:63:1e:78:72:1e:40:35:d7:03:3f:fe:de:
71:c2:9e:00:e3:6f:5d:4b:d3:39:e2:6f:94:db:b7:46:6b:a1:
1d:ee:8c:fc:27:b6:4a:32:d8:a7:ca:63:a6:79:ac:2a:0e:10:
30:b7:2c:4d:50:8f:22:c5:cb:3f:36:e8:0b:a8:9f:52:d8:ba:
6a:8c:d7:f3:85:7e:bd:c6:ed:c8:d7:21:82:28:09:e5:c0:aa:
b4:45:70:b3:ae:e7:2f:ae:7a:8d:39:7d:7d:83:aa:9e:a8:20:
43:a6:22:cb:53:35:f8:73:ec:18:0d:ed:d9:5c:5e:6c:09:01:
7d:ab:af:d7:d3:17:63:58:3e:d8:54:71:43:a9:32:35:cb:1d:
e3:9c:c1:19:fb:34:60:09:d2:69:72:b7:cd:e7:dd:e7:e6:02:
69:f4:79:46:20:37:71:3b:6a:a9:e3:55:71:42:da:73:07:c9:
43:12:ec:8a:fa:e0:09:c1:e1:42:08:a6:5b:e7:77:79:39:cd:
b6:f0:03:84:57:d5:4c:a4:4a:56:6e:b6:1e:5c:f7:71:14:0b:
56:99:c2:41
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYptve0V0YF3LqOuKQkzXIHbwXN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZWQ5NWUxNjczNmMzYzI4ZTQ0ZWUzOTMxZTc4ZjM3MjZkOTUzNjQyZWEw
NjYxMGU5NjJlOThmZjM0NmVkNWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOcUr60Udn9oG0Xa+upZk75xojjDKUJkYrNP9h5OdmdLBR2rQLu56Ia5xhbd
Ubcq8ue2GWuyg2XGxdHw5PZe+q9w0F9tQmefLMOqwx63nqmksTCo8ImcQJ+XVtH0
GwslEKLh2K7wX8tgvCZYjARHWhUHF0+I4QHwP4o8MQ9MB6APNLgRCCqf0KD1gIGY
T1EV9+/bsQPsOesxVW7X+1lEtN0jqpbwLJmaI/yrV2r2l95SPA0Bh8KlVF+2IXyL
KPcp2Q+QOPCQYReV9Sc3z90X5akQOZUBXogxqpd/H7ZAaKjjd08Zwq7B3f37QAxR
t80Js7IhuldF45OCc3KOnNN15/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQRjLB9
HjuX2PTRWVNYC75u8SF/ejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTNkNWEyZjktNjM2ZC00N2Y3LWFkZjktMDRiZmZjZmEwNzk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQDAr0CIcQbx28FF2vyjZl3NOyxyo1ARBFU2KiHCx4wj
3TGh2Yoy2PsLSd5jHnhyHkA11wM//t5xwp4A429dS9M54m+U27dGa6Ed7oz8J7ZK
MtinymOmeawqDhAwtyxNUI8ixcs/NugLqJ9S2LpqjNfzhX69xu3I1yGCKAnlwKq0
RXCzrucvrnqNOX19g6qeqCBDpiLLUzX4c+wYDe3ZXF5sCQF9q6/X0xdjWD7YVHFD
qTI1yx3jnMEZ+zRgCdJpcrfN593n5gJp9HlGIDdxO2qp41VxQtpzB8lDEuyK+uAJ
weFCCKZb53d5Oc228AOEV9VMpEpWbrYeXPdxFAtWmcJB
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org