Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
File: a461a201-5dfd-4f29-b790-759ae6e51a1f.roa (raw, json)
Hash identifier: wDuDuqGWpDVGXm+igJb+Kz/dOCbY9wYK4oq9GkicBVY=
Subject key identifier: 4E:87:20:D7:7A:94:D1:7A:D2:06:E9:75:79:11:44:0F:23:63:F6:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7160858136C1FCD51F09A038C4C0E485766AD56D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
Signing time: Mon 03 Jun 2024 00:00:00 +0000
ROA not before: Mon 03 Jun 2024 00:00:00 +0000
ROA not after: Mon 08 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:60:85:81:36:c1:fc:d5:1f:09:a0:38:c4:c0:e4:85:76:6a:d5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 3 00:00:00 2024 GMT
Not After : Jul 8 23:59:59 2024 GMT
Subject: serialNumber=03f18c22c460743a88e4c34aed8a48c052cc9877af64d105e2fb2ef84e58d457, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:72:d8:2a:39:d6:53:03:b2:2a:31:54:9c:
54:1b:85:a5:94:6b:cf:e3:ff:81:ee:fd:1d:a1:47:
cf:65:9c:69:d1:45:f2:8d:60:25:b5:c3:6e:24:a1:
38:28:29:47:fb:20:cd:a9:33:57:02:69:33:80:36:
2e:3a:c0:32:b3:fe:ff:d0:89:01:48:4b:ec:ac:f0:
2c:d7:c2:94:63:43:75:62:06:8a:f6:82:25:83:3e:
8e:f5:43:db:fa:08:d9:02:22:1a:97:ca:a3:66:c7:
25:31:d1:c9:16:c8:07:4e:4c:84:97:3c:3d:f2:c4:
de:52:9c:08:88:45:67:c2:84:dd:45:97:5f:78:b0:
ae:12:5c:07:dd:b0:c1:e7:98:a7:85:e3:b1:53:80:
3f:08:a8:76:d1:bd:d6:51:25:72:9b:71:11:5f:22:
f9:86:cf:07:3c:cf:6e:30:2f:d2:8f:3d:dd:3d:9c:
d0:e3:cc:cf:98:0e:90:96:f2:e0:48:3d:d2:30:da:
62:aa:25:21:ff:7d:b9:f3:a0:05:a7:84:33:23:55:
72:56:e3:a7:56:16:03:12:7c:2b:14:f8:fc:b8:3c:
21:a6:22:7f:6d:31:00:e0:51:66:a7:b4:b4:cf:b0:
d1:98:64:df:ea:cb:5e:28:8c:4a:9b:ae:e2:62:5e:
b0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:87:20:D7:7A:94:D1:7A:D2:06:E9:75:79:11:44:0F:23:63:F6:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
17:72:d1:31:9a:2d:ab:17:cb:3e:3c:a6:1c:aa:16:cb:4d:c3:
03:02:6d:dc:0e:af:a8:68:ec:b7:be:11:1c:08:11:59:5e:3a:
fe:c7:9e:d6:a4:13:dc:76:30:a8:e5:d9:5f:0d:51:c0:75:7e:
62:99:1a:5d:3b:d4:d1:68:4d:1d:5e:24:d5:23:22:40:00:ec:
62:ef:62:4c:ab:7e:65:3a:b1:9b:d1:c6:d5:b4:12:0d:6f:07:
da:f3:68:39:36:74:90:e1:71:55:7f:af:03:5f:d6:85:24:29:
f2:c5:69:27:fc:dc:7a:51:87:21:9f:19:a2:de:59:53:1e:73:
63:0d:49:8f:0b:68:8e:a9:b4:60:43:16:b4:f4:d2:b0:87:95:
5b:c8:14:dd:a4:35:53:66:1f:bd:2d:fb:30:64:1f:2d:fe:cd:
aa:b3:45:81:fa:58:8c:10:18:2e:6b:f8:1f:77:3e:96:54:c5:
25:38:f7:44:40:f5:67:da:03:72:e0:e5:a5:04:67:76:2e:fb:
a7:46:49:16:58:c7:64:97:55:fb:ea:5c:c4:3e:e0:62:ff:65:
35:e6:af:b5:ed:30:26:96:73:f5:09:65:99:d2:b3:06:e7:7b:
b0:cf:52:db:29:df:4d:3f:55:f0:ef:e8:20:ae:f5:3e:be:0d:
f1:8c:e9:ff
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcWCFgTbB/NUfCaA4xMDkhXZq1W0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MDMwMDAwMDBaFw0yNDA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzZjE4YzIyYzQ2MDc0M2E4OGU0YzM0YWVkOGE0OGMwNTJjYzk4NzdhZjY0
ZDEwNWUyZmIyZWY4NGU1OGQ0NTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKT8ctgqOdZTA7IqMVScVBuFpZRrz+P/ge79HaFHz2WcadFF8o1gJbXDbiSh
OCgpR/sgzakzVwJpM4A2LjrAMrP+/9CJAUhL7KzwLNfClGNDdWIGivaCJYM+jvVD
2/oI2QIiGpfKo2bHJTHRyRbIB05MhJc8PfLE3lKcCIhFZ8KE3UWXX3iwrhJcB92w
weeYp4XjsVOAPwiodtG91lElcptxEV8i+YbPBzzPbjAv0o893T2c0OPMz5gOkJby
4Eg90jDaYqolIf99ufOgBaeEMyNVclbjp1YWAxJ8KxT4/Lg8IaYif20xAOBRZqe0
tM+w0Zhk3+rLXiiMSpuu4mJesA8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROhyDX
epTRetIG6XV5EUQPI2P24DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTQ2MWEyMDEtNWRmZC00ZjI5LWI3OTAtNzU5YWU2ZTUxYTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEAF3LRMZotqxfLPjymHKoWy03DAwJt3A6vqGjst74R
HAgRWV46/see1qQT3HYwqOXZXw1RwHV+YpkaXTvU0WhNHV4k1SMiQADsYu9iTKt+
ZTqxm9HG1bQSDW8H2vNoOTZ0kOFxVX+vA1/WhSQp8sVpJ/zcelGHIZ8Zot5ZUx5z
Yw1Jjwtojqm0YEMWtPTSsIeVW8gU3aQ1U2YfvS37MGQfLf7NqrNFgfpYjBAYLmv4
H3c+llTFJTj3RED1Z9oDcuDlpQRndi77p0ZJFljHZJdV++pcxD7gYv9lNeavte0w
JpZz9QllmdKzBud7sM9S2ynfTT9V8O/oIK71Pr4N8Yzp/w==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org