Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/be32e063-2484-4f24-b3d4-21b5c8f55455.roa
File: be32e063-2484-4f24-b3d4-21b5c8f55455.roa (raw, json)
Hash identifier: NzLwgW+dWwtViCkAOiMn03pT+UnkKLV2ol0zWr2r4DE=
Subject key identifier: 06:9A:36:6F:0C:6E:E1:62:73:28:93:D6:C1:93:2D:03:C8:3D:ED:57
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76C749B32C9B278994947FAC4820D1D9C1B82E5E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/be32e063-2484-4f24-b3d4-21b5c8f55455.roa
Signing time: Mon 17 Jun 2024 00:00:00 +0000
ROA not before: Mon 17 Jun 2024 00:00:00 +0000
ROA not after: Mon 22 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 20:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c7:49:b3:2c:9b:27:89:94:94:7f:ac:48:20:d1:d9:c1:b8:2e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:00:00 2024 GMT
Not After : Jul 22 23:59:59 2024 GMT
Subject: serialNumber=0930fb7add86fbd8cf7241fe248c7fd9ca160e4cab13fd35bd691141c1e8a8cf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:13:26:22:68:37:0d:81:2b:1b:e1:d5:1e:0d:
6c:0d:3b:3f:ba:ec:5e:30:63:3c:82:92:66:22:fd:
07:f0:65:38:c3:fe:36:87:cf:d7:3e:65:c0:b1:62:
d1:3b:ff:f6:01:b1:d4:64:ad:1d:27:c0:3d:ef:41:
f3:5e:2a:e6:dc:45:b2:ee:87:95:e1:7f:ba:f0:e1:
09:58:c7:c0:19:b2:4d:1f:68:c1:f0:95:3e:4b:74:
a7:8f:a0:45:f7:11:8c:c4:b6:6c:f9:ac:9f:2b:6b:
c6:19:30:16:85:73:04:ae:be:79:71:74:47:30:c3:
2c:4f:ba:83:8b:f9:c9:e1:32:3d:98:b9:74:2a:b5:
43:f2:68:bb:49:e4:7a:e1:9e:a9:2f:47:53:fd:29:
ee:2d:a0:ba:ef:45:60:b9:a0:91:dc:16:16:90:77:
1a:27:6f:df:0e:9e:61:e4:ec:aa:86:ce:d4:72:d7:
6b:c6:f2:76:93:18:f7:1e:98:34:0d:74:33:ea:a6:
85:54:87:39:13:e8:bf:12:44:ef:4b:00:31:82:f0:
82:08:80:20:59:21:12:fd:1d:04:28:b3:a3:44:4d:
02:1e:7d:a6:ad:51:f9:6f:5b:a3:9e:d0:ce:68:56:
44:09:71:0b:86:cb:fe:84:29:9f:d2:7f:80:0d:c8:
13:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9A:36:6F:0C:6E:E1:62:73:28:93:D6:C1:93:2D:03:C8:3D:ED:57
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/be32e063-2484-4f24-b3d4-21b5c8f55455.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:ee:ef:5c:ae:10:7b:fb:09:b4:3f:47:dd:06:e1:b0:7a:2d:
5f:37:c8:60:c1:27:55:15:ae:7c:3d:ab:f5:56:8b:75:73:79:
4f:a2:42:07:49:67:db:09:0d:d2:a6:45:01:1d:48:7c:09:c3:
ed:84:64:9a:bd:e9:9c:79:68:0f:35:4f:db:7d:03:eb:d7:e2:
38:22:d6:e6:a7:da:71:4b:f9:4f:a3:bc:4b:98:a1:ff:77:43:
93:21:59:4d:ca:79:de:75:00:a2:35:56:be:fe:4a:16:8d:65:
92:46:ee:98:fa:4b:4a:8d:bf:ec:4c:52:e2:24:30:39:77:8f:
47:d3:1a:a6:3c:64:16:41:5f:bc:e2:5f:f3:a7:ae:02:b4:19:
f7:b8:f3:9c:9a:ea:b6:f8:e5:d4:d0:72:f4:4d:82:38:e3:c5:
1f:ee:f9:63:dd:79:f8:dc:4f:ad:4c:6d:c5:9f:ec:7e:fe:71:
a5:04:32:21:fa:26:d6:b4:9a:49:b7:0d:e8:bb:c1:43:4b:0f:
7e:ca:a4:d2:d2:03:9b:7c:f0:7a:e9:4b:80:26:13:44:63:d3:
72:04:32:dc:0f:1b:95:2a:a1:26:89:e2:c1:c1:ae:3b:0f:85:
d6:66:20:31:d3:a3:03:b2:a3:86:71:4c:7d:88:92:ed:a4:eb:
67:56:2c:dc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdsdJsyybJ4mUlH+sSCDR2cG4Ll4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTcwMDAwMDBaFw0yNDA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MzBmYjdhZGQ4NmZiZDhjZjcyNDFmZTI0OGM3ZmQ5Y2ExNjBlNGNhYjEz
ZmQzNWJkNjkxMTQxYzFlOGE4Y2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALITJiJoNw2BKxvh1R4NbA07P7rsXjBjPIKSZiL9B/BlOMP+NofP1z5lwLFi
0Tv/9gGx1GStHSfAPe9B814q5txFsu6HleF/uvDhCVjHwBmyTR9owfCVPkt0p4+g
RfcRjMS2bPmsnytrxhkwFoVzBK6+eXF0RzDDLE+6g4v5yeEyPZi5dCq1Q/Jou0nk
euGeqS9HU/0p7i2guu9FYLmgkdwWFpB3Gidv3w6eYeTsqobO1HLXa8bydpMY9x6Y
NA10M+qmhVSHORPovxJE70sAMYLwggiAIFkhEv0dBCizo0RNAh59pq1R+W9bo57Q
zmhWRAlxC4bL/oQpn9J/gA3IE+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQGmjZv
DG7hYnMok9bBky0DyD3tVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmUzMmUwNjMtMjQ4NC00ZjI0LWIzZDQtMjFiNWM4ZjU1NDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQBw7u9crhB7+wm0P0fdBuGwei1fN8hgwSdVFa58Pav1
Vot1c3lPokIHSWfbCQ3SpkUBHUh8CcPthGSavemceWgPNU/bfQPr1+I4Itbmp9px
S/lPo7xLmKH/d0OTIVlNynnedQCiNVa+/koWjWWSRu6Y+ktKjb/sTFLiJDA5d49H
0xqmPGQWQV+84l/zp64CtBn3uPOcmuq2+OXU0HL0TYI448Uf7vlj3Xn43E+tTG3F
n+x+/nGlBDIh+ibWtJpJtw3ou8FDSw9+yqTS0gObfPB66UuAJhNEY9NyBDLcDxuV
KqEmieLBwa47D4XWZiAx06MDsqOGcUx9iJLtpOtnVizc
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:09:57 2024 by rpki-client on console-ams.rpki-client.org