Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa
File: ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa (raw, json)
Hash identifier: 84nWq53e5R+zaCrM17KmFgdK4L8ximFceOEkng2BcKk=
Subject key identifier: 43:BE:ED:D7:B3:3A:6C:7F:EB:47:19:0E:A8:AA:E0:43:82:B7:68:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 643F4529DA4A4F71925C73B606B74666A7D5D367
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:3f:45:29:da:4a:4f:71:92:5c:73:b6:06:b7:46:66:a7:d5:d3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=0a11f82b8e90c19a7bac1cd7cb7f14f011d5f6137a5da4d4bba8fe4433f9a4a8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:15:eb:d1:05:72:e2:df:9f:80:75:cd:90:45:
b2:76:0f:50:34:f4:66:59:96:7b:55:c6:c4:2d:c6:
b2:73:10:a0:de:a3:c8:e3:6a:64:66:f6:32:10:09:
70:a0:01:6c:1f:36:56:ea:1e:44:1d:8f:b7:70:0a:
41:d3:c2:ec:8d:47:4c:a0:ca:66:8e:a7:8b:d0:bf:
95:0f:d6:32:93:a1:3c:bb:68:38:17:86:38:c4:1b:
90:75:93:70:23:90:70:83:9e:52:3c:3a:25:a8:d3:
2d:3d:e2:35:15:cb:56:12:46:41:68:a3:94:d6:66:
2a:6e:f1:a0:93:94:f7:bc:11:96:c8:8b:13:03:61:
a2:64:a1:5e:fc:49:8a:df:d1:75:6c:20:b3:7b:6e:
1e:64:27:54:7f:07:34:52:1c:bb:5b:06:d5:d0:0b:
78:c6:47:d4:a6:4c:04:2d:08:43:ad:1b:7c:b4:1d:
a2:15:e4:83:79:12:c2:2f:db:4c:de:28:59:eb:98:
84:3b:77:e8:e1:e5:32:67:4c:2e:c4:61:b6:e5:3f:
8c:c6:0f:3f:9a:00:40:ff:ce:90:93:c8:df:b8:8b:
8f:11:99:f8:08:11:3a:2e:40:83:d8:a3:14:0d:92:
5c:71:8b:34:7b:44:d8:d1:33:60:66:bd:75:55:83:
d0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BE:ED:D7:B3:3A:6C:7F:EB:47:19:0E:A8:AA:E0:43:82:B7:68:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
52:3a:b4:4d:2d:7a:ea:31:50:da:a0:2f:58:cd:27:a3:9e:52:
ef:a4:8c:79:c7:45:fe:74:4f:bf:91:9d:9d:66:38:4c:6a:dd:
20:cc:bc:71:d3:0f:62:a8:a5:14:7b:6e:e4:7a:3d:ce:44:96:
ca:78:20:e8:3b:f0:e1:eb:7d:33:6c:dc:4b:36:ef:00:ab:96:
18:4a:a9:44:01:00:33:c6:45:c9:66:24:91:63:3b:19:96:b4:
1f:cc:94:75:87:4d:99:c8:fe:a9:04:10:38:3d:ac:87:4b:9a:
90:71:56:1d:1c:62:1f:51:fe:b8:84:7a:cd:e2:c0:16:c3:a4:
50:81:f6:0a:33:46:44:cf:11:99:69:7a:fe:ae:fe:01:86:72:
83:0e:e9:46:7e:b2:2e:68:79:0d:1d:08:42:f2:13:c9:0a:27:
1b:01:85:1b:0d:b6:a0:56:78:68:98:92:38:94:e0:2f:8a:73:
20:a2:0b:cd:de:1a:7a:26:d5:86:31:32:9c:82:66:a1:dc:cd:
64:df:90:3f:3d:ce:45:2b:77:4d:a0:4d:13:2e:05:8a:c1:8c:
f0:f7:1d:43:2f:47:ce:72:ed:aa:22:c8:ef:2e:69:3f:8f:09:
db:48:94:48:48:e6:76:a5:92:16:30:aa:74:8a:b4:08:a4:6b:
9d:ee:ab:f0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZD9FKdpKT3GSXHO2BrdGZqfV02cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhMTFmODJiOGU5MGMxOWE3YmFjMWNkN2NiN2YxNGYwMTFkNWY2MTM3YTVk
YTRkNGJiYThmZTQ0MzNmOWE0YTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEV69EFcuLfn4B1zZBFsnYPUDT0ZlmWe1XGxC3GsnMQoN6jyONqZGb2MhAJ
cKABbB82VuoeRB2Pt3AKQdPC7I1HTKDKZo6ni9C/lQ/WMpOhPLtoOBeGOMQbkHWT
cCOQcIOeUjw6JajTLT3iNRXLVhJGQWijlNZmKm7xoJOU97wRlsiLEwNhomShXvxJ
it/RdWwgs3tuHmQnVH8HNFIcu1sG1dALeMZH1KZMBC0IQ60bfLQdohXkg3kSwi/b
TN4oWeuYhDt36OHlMmdMLsRhtuU/jMYPP5oAQP/OkJPI37iLjxGZ+AgROi5Ag9ij
FA2SXHGLNHtE2NEzYGa9dVWD0KECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRDvu3X
szpsf+tHGQ6oquBDgrdoSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2EwZjc1Y2EtZTk2Ni00ZTlkLTk5YWUtYjc4NTM1YWNmYWY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQBSOrRNLXrqMVDaoC9YzSejnlLvpIx5x0X+dE+/kZ2d
ZjhMat0gzLxx0w9iqKUUe27kej3ORJbKeCDoO/Dh630zbNxLNu8Aq5YYSqlEAQAz
xkXJZiSRYzsZlrQfzJR1h02ZyP6pBBA4PayHS5qQcVYdHGIfUf64hHrN4sAWw6RQ
gfYKM0ZEzxGZaXr+rv4BhnKDDulGfrIuaHkNHQhC8hPJCicbAYUbDbagVnhomJI4
lOAvinMgogvN3hp6JtWGMTKcgmah3M1k35A/Pc5FK3dNoE0TLgWKwYzw9x1DL0fO
cu2qIsjvLmk/jwnbSJRISOZ2pZIWMKp0irQIpGud7qvw
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org