Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
File: c64c4a95-84a7-4a8b-8228-9d83b2456072.roa (raw, json)
Hash identifier: Mf0arz/X7+MxCpt49WwL5Hur36XwSp0S1HsehrOfS5I=
Subject key identifier: F1:94:C1:AF:6D:D2:B9:67:BF:35:96:F5:43:70:A3:FC:6F:54:5D:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68263EEA71E3B5FB45854EA7C2355F317E9AD146
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:26:3e:ea:71:e3:b5:fb:45:85:4e:a7:c2:35:5f:31:7e:9a:d1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=6f322e74df242e7c33ca07fb77a6fa7d9e3f05a588117c1597ce314f3e8d49c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7d:4b:93:7c:78:ff:9f:77:67:b6:c7:19:ca:
e6:13:80:98:e9:3b:d4:98:8c:f3:bc:93:5c:f5:26:
13:b7:97:2a:6a:60:90:b3:c9:99:7e:5e:a7:47:e8:
46:62:7a:8b:e8:9e:df:5f:e0:15:bc:51:1c:b3:1b:
ae:31:d6:58:b4:a4:b4:b8:46:ad:4b:0a:9a:68:9e:
56:3a:72:31:91:59:5b:20:1b:86:be:c3:85:13:6c:
9e:51:d4:4c:3e:06:6b:00:df:d4:96:53:f5:ae:ee:
d5:25:e7:33:4a:9b:4b:b0:bb:0b:eb:6b:e5:92:90:
f8:f5:73:36:70:5c:6b:56:f1:aa:10:3d:f3:5e:a1:
d9:49:2a:b1:96:fb:cb:7b:8a:f3:d9:1f:e7:d1:2e:
76:54:e0:24:05:a7:82:06:e1:bc:e4:64:89:3c:88:
96:11:81:04:17:74:ec:56:b4:ac:63:e5:35:50:d4:
e6:ec:15:8d:26:d6:4a:fb:14:62:41:03:79:31:a0:
a0:38:36:0d:fc:4e:79:40:0c:3a:30:9c:96:64:47:
53:24:71:45:90:04:6d:ab:64:f3:ac:5e:ab:fd:7d:
58:07:2e:12:9f:03:eb:42:1e:8e:2f:80:fc:f2:47:
bd:11:f0:4a:34:8b:a6:4f:67:3e:55:d2:e9:36:d7:
21:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:94:C1:AF:6D:D2:B9:67:BF:35:96:F5:43:70:A3:FC:6F:54:5D:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
34:03:f3:32:15:d6:b3:0d:9a:08:a9:91:c3:fe:49:4d:cd:b5:
1e:61:10:4a:d5:f3:88:49:ce:f3:da:bd:e1:65:2f:dd:8f:98:
34:c1:6d:6a:0d:e4:e1:ce:59:b2:ee:f5:23:14:a0:b0:32:09:
85:74:95:51:ce:a9:38:a0:72:55:4d:e2:83:63:ec:1d:5a:50:
2c:4a:29:86:89:8e:00:f2:29:86:af:a3:c5:a8:ec:59:b4:9a:
2f:73:4a:ed:16:ca:32:05:c4:6d:db:e6:75:5d:70:a1:e0:a7:
99:ab:53:88:b3:22:0a:22:04:57:9a:b8:f3:62:52:58:e7:e5:
22:45:f2:92:32:2d:49:7b:e2:d6:87:9e:b1:76:51:54:81:df:
8b:36:76:f8:58:48:9a:c3:13:ea:bc:93:e8:40:e1:b9:79:8e:
8e:7d:ae:35:54:3a:14:28:c8:df:b4:27:23:92:be:6b:18:c5:
a9:7c:ae:2c:18:6f:50:6a:65:67:28:94:98:94:a9:7d:cd:37:
4a:bc:6c:65:79:00:69:b6:56:5e:a6:19:4e:6c:27:5d:51:c3:
01:c0:e3:ba:e1:e2:32:6b:5c:fc:0f:34:37:ec:59:a2:9b:99:
ad:6c:f0:de:e2:33:4a:f0:d6:76:4f:e3:db:b3:42:02:13:03:
d3:95:c5:a8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaCY+6nHjtftFhU6nwjVfMX6a0UYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmMzIyZTc0ZGYyNDJlN2MzM2NhMDdmYjc3YTZmYTdkOWUzZjA1YTU4ODEx
N2MxNTk3Y2UzMTRmM2U4ZDQ5YzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx9S5N8eP+fd2e2xxnK5hOAmOk71JiM87yTXPUmE7eXKmpgkLPJmX5ep0fo
RmJ6i+ie31/gFbxRHLMbrjHWWLSktLhGrUsKmmieVjpyMZFZWyAbhr7DhRNsnlHU
TD4GawDf1JZT9a7u1SXnM0qbS7C7C+tr5ZKQ+PVzNnBca1bxqhA9816h2UkqsZb7
y3uK89kf59EudlTgJAWnggbhvORkiTyIlhGBBBd07Fa0rGPlNVDU5uwVjSbWSvsU
YkEDeTGgoDg2DfxOeUAMOjCclmRHUyRxRZAEbatk86xeq/19WAcuEp8D60Ieji+A
/PJHvRHwSjSLpk9nPlXS6TbXIf8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTxlMGv
bdK5Z781lvVDcKP8b1RdMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzY0YzRhOTUtODRhNy00YThiLTgyMjgtOWQ4M2IyNDU2MDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEANAPzMhXWsw2aCKmRw/5JTc21HmEQStXziEnO89q9
4WUv3Y+YNMFtag3k4c5Zsu71IxSgsDIJhXSVUc6pOKByVU3ig2PsHVpQLEophomO
APIphq+jxajsWbSaL3NK7RbKMgXEbdvmdV1woeCnmatTiLMiCiIEV5q482JSWOfl
IkXykjItSXvi1oeesXZRVIHfizZ2+FhImsMT6ryT6EDhuXmOjn2uNVQ6FCjI37Qn
I5K+axjFqXyuLBhvUGplZyiUmJSpfc03SrxsZXkAabZWXqYZTmwnXVHDAcDjuuHi
Mmtc/A80N+xZopuZrWzw3uIzSvDWdk/j27NCAhMD05XFqA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org