Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
File: c63a942e-d503-44eb-93c8-2fd6f249002f.roa (raw, json)
Hash identifier: LYEGlTemzp8iswysWIo8OqajtVbmfDmUwmzWo79BZS8=
Subject key identifier: 39:61:1D:12:27:A6:FF:99:69:5B:0A:B8:48:23:ED:FE:45:B5:67:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B103FAB4B349F2E7D2779BC34ED10CA86A632B5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:10:3f:ab:4b:34:9f:2e:7d:27:79:bc:34:ed:10:ca:86:a6:32:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=b592b56001c9f9178b8f1dfbe961ade1304fe58c30b44e49d6a47eedc6a53d02, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0a:f5:66:f5:eb:d3:41:e1:02:72:cc:a5:e4:
2e:9d:cc:ed:41:7d:94:78:88:7b:69:e1:20:55:77:
06:89:7b:b7:09:5a:4d:a0:30:b0:be:86:3f:76:e1:
3f:ce:5f:34:a7:5d:ea:ad:ff:c6:22:07:9b:52:21:
41:8f:55:4f:dc:f0:6f:38:09:20:6d:04:f7:d3:23:
03:2c:0b:70:62:11:f0:80:99:2b:46:ce:be:57:73:
21:44:d5:7e:d6:88:81:7d:bc:06:a5:0c:46:a1:b6:
52:05:ad:18:b2:58:01:9e:38:3a:30:af:95:36:6f:
87:58:a4:b2:a7:90:13:56:85:9e:e0:03:01:2c:51:
ee:ed:20:1b:56:c4:a8:60:77:df:2b:e9:21:84:7d:
6c:9a:24:c8:72:2f:f4:d1:0e:05:3c:9f:4f:4d:2a:
b1:95:0f:8f:a5:7c:b6:48:7a:e6:1c:20:08:b8:3d:
04:fd:fe:03:ff:b0:7c:d8:83:47:46:d5:62:21:2c:
f5:2f:23:1d:cc:0a:1f:c1:16:e1:0d:2e:36:61:a1:
4d:b1:a7:80:b4:58:b9:1e:64:04:aa:f9:12:59:e4:
77:8e:ac:12:cf:97:f1:8b:3f:a6:ad:b1:0e:4a:41:
f1:ff:38:8e:99:a9:ae:50:7f:32:c6:e0:52:ec:0e:
b1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:61:1D:12:27:A6:FF:99:69:5B:0A:B8:48:23:ED:FE:45:B5:67:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c63a942e-d503-44eb-93c8-2fd6f249002f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cc:10:c3:0f:e0:5b:81:67:37:6b:a2:fe:50:aa:45:fa:72:7e:
89:00:d0:a4:e6:11:8a:18:3e:ad:f1:40:a9:6a:61:81:50:0a:
9e:72:c8:9c:f1:f1:e0:d1:c4:6f:0c:1d:ae:5f:8d:4a:0a:52:
29:5e:82:21:c7:46:2d:a3:56:d4:1b:81:ff:4c:6a:49:97:d5:
f9:9b:a9:2c:d1:8b:07:c9:4f:8b:3b:48:e8:d8:18:6f:8e:85:
3b:54:57:0f:b6:bd:ae:30:e1:2d:6b:c0:dd:26:04:68:b5:2d:
91:1a:9f:b3:f8:65:8c:c9:6a:34:2f:77:24:4d:5c:47:b3:12:
91:70:76:5d:42:eb:73:c2:be:18:2b:fd:4d:a3:d2:20:e2:0e:
e7:e4:81:9f:f3:08:04:3b:13:a2:1a:7c:24:8e:d0:e9:94:f2:
14:3f:72:ed:93:48:a4:29:02:d5:e4:b6:57:df:c2:d1:62:ac:
ce:cd:90:a9:70:59:55:bc:87:10:f4:3d:21:8d:68:3b:85:75:
c1:1e:02:8f:a0:04:c4:e1:24:dc:0d:9f:30:8c:90:76:20:65:
1d:59:9f:91:5a:cd:8a:8d:32:1f:79:49:46:51:a1:35:50:77:
fb:f0:c3:cc:df:ea:97:1b:da:17:4f:18:c9:5c:03:6b:99:68:
cd:6f:e7:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGxA/q0s0ny59J3m8NO0QyoamMrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1OTJiNTYwMDFjOWY5MTc4YjhmMWRmYmU5NjFhZGUxMzA0ZmU1OGMzMGI0
NGU0OWQ2YTQ3ZWVkYzZhNTNkMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoK9Wb169NB4QJyzKXkLp3M7UF9lHiIe2nhIFV3Bol7twlaTaAwsL6GP3bh
P85fNKdd6q3/xiIHm1IhQY9VT9zwbzgJIG0E99MjAywLcGIR8ICZK0bOvldzIUTV
ftaIgX28BqUMRqG2UgWtGLJYAZ44OjCvlTZvh1iksqeQE1aFnuADASxR7u0gG1bE
qGB33yvpIYR9bJokyHIv9NEOBTyfT00qsZUPj6V8tkh65hwgCLg9BP3+A/+wfNiD
R0bVYiEs9S8jHcwKH8EW4Q0uNmGhTbGngLRYuR5kBKr5Elnkd46sEs+X8Ys/pq2x
DkpB8f84jpmprlB/MsbgUuwOsXMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5YR0S
J6b/mWlbCrhII+3+RbVn8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzYzYTk0MmUtZDUwMy00NGViLTkzYzgtMmZkNmYyNDkwMDJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQDMEMMP4FuBZzdrov5QqkX6cn6JANCk5hGKGD6t8UCp
amGBUAqecsic8fHg0cRvDB2uX41KClIpXoIhx0Yto1bUG4H/TGpJl9X5m6ks0YsH
yU+LO0jo2BhvjoU7VFcPtr2uMOEta8DdJgRotS2RGp+z+GWMyWo0L3ckTVxHsxKR
cHZdQutzwr4YK/1No9Ig4g7n5IGf8wgEOxOiGnwkjtDplPIUP3Ltk0ikKQLV5LZX
38LRYqzOzZCpcFlVvIcQ9D0hjWg7hXXBHgKPoATE4STcDZ8wjJB2IGUdWZ+RWs2K
jTIfeUlGUaE1UHf78MPM3+qXG9oXTxjJXANrmWjNb+c7
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org