Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d31002e8-d1ea-4de1-8eaa-bc6d702b98bd.roa
File: d31002e8-d1ea-4de1-8eaa-bc6d702b98bd.roa (raw, json)
Hash identifier: snrUJoA6VfE/kZkVfRgZ8p4Xfj8yLzXadj6nfKe6LdQ=
Subject key identifier: 84:69:C0:F2:C3:EB:00:FD:4D:77:D3:C8:A7:AA:C1:10:23:EF:D4:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26298BF4FC54728E49E28CACD7398567E85D0A0A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d31002e8-d1ea-4de1-8eaa-bc6d702b98bd.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:29:8b:f4:fc:54:72:8e:49:e2:8c:ac:d7:39:85:67:e8:5d:0a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=87ba575fe57bbe97f9c5019b9911ca5cf4cafcee1a0f7bc139c556cf6e517ade, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b1:70:02:87:ff:7b:17:a1:df:b7:41:c8:37:
bb:bb:37:fe:6a:8f:d8:b4:8a:de:ce:d1:07:03:08:
ee:c2:c7:01:39:6f:dc:3d:eb:69:28:27:2a:e5:b2:
22:83:ba:be:e0:e0:4b:90:77:12:26:e8:99:b5:d1:
72:1f:c9:bb:53:fa:5b:e9:ac:60:73:11:43:89:a6:
a1:a5:0e:a7:37:8a:6c:05:e3:a3:96:9f:f3:32:33:
cb:d4:b3:d7:59:d8:0b:9a:1e:42:d6:05:f3:84:59:
4e:52:fa:fc:f6:dd:00:18:a7:32:e7:2a:19:22:84:
4d:be:c0:e5:47:89:fa:cc:b7:ba:15:64:e3:fc:8a:
60:a8:fc:e7:69:7b:6a:7b:6c:e9:7f:a2:7f:13:06:
f8:bc:d4:68:6e:34:ce:5a:07:6e:c0:8f:57:71:32:
e6:99:12:49:0b:18:1f:9a:60:53:25:f9:55:0e:e1:
34:5e:bb:c7:ab:e6:48:2b:55:5f:6d:1b:17:3b:5b:
5c:00:f6:68:70:b0:96:2b:de:39:c2:4f:52:bf:b1:
2c:d1:a3:94:8b:1d:b1:1e:be:1f:43:f9:5a:a5:67:
4a:cf:52:79:07:89:ac:26:f5:18:36:b7:e2:d7:e9:
fd:32:90:f5:b8:2b:67:c3:13:e0:32:4d:74:13:16:
1f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:69:C0:F2:C3:EB:00:FD:4D:77:D3:C8:A7:AA:C1:10:23:EF:D4:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d31002e8-d1ea-4de1-8eaa-bc6d702b98bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:fc:99:ad:4f:a9:98:26:37:c4:61:61:25:fa:2c:e1:b2:c8:
33:88:28:2a:06:0d:f3:45:e5:89:30:06:b7:4f:81:81:f2:63:
3f:34:26:4a:82:b7:49:8f:7b:75:37:5e:43:1b:c1:f8:d3:58:
b2:15:db:b6:f9:33:9e:cd:33:af:cc:b1:44:63:f4:e3:63:30:
4d:aa:11:8a:a5:c8:f2:f2:e4:56:3b:fa:0f:7c:55:ac:c9:66:
18:db:ed:db:04:4a:21:db:ae:70:62:a3:82:15:97:1b:92:d0:
03:25:18:be:97:46:d3:5c:73:a3:d4:bb:aa:6c:70:cf:6c:2d:
70:20:7c:0f:2a:76:0b:07:b3:fc:e4:60:49:e3:1f:2e:bb:b2:
aa:48:c2:c3:91:d2:a1:46:81:e4:fc:2e:2b:29:e0:72:b4:9f:
a5:6b:28:49:2a:5d:86:d7:a0:ed:df:64:45:18:23:d1:15:12:
07:85:9e:5d:33:32:a5:81:f6:f6:7d:84:7e:c2:09:96:e4:35:
e6:86:d5:6d:cb:26:2e:34:55:16:ea:90:04:7b:94:32:fb:49:
eb:ee:16:1d:42:56:e5:26:22:5f:6d:27:46:72:6a:e8:90:ee:
e3:5b:d2:c0:ca:ad:b3:ba:1d:55:02:49:df:a5:96:07:cb:dd:
ed:05:84:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJimL9PxUco5J4oys1zmFZ+hdCgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3YmE1NzVmZTU3YmJlOTdmOWM1MDE5Yjk5MTFjYTVjZjRjYWZjZWUxYTBm
N2JjMTM5YzU1NmNmNmU1MTdhZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6xcAKH/3sXod+3Qcg3u7s3/mqP2LSK3s7RBwMI7sLHATlv3D3raSgnKuWy
IoO6vuDgS5B3EibombXRch/Ju1P6W+msYHMRQ4mmoaUOpzeKbAXjo5af8zIzy9Sz
11nYC5oeQtYF84RZTlL6/PbdABinMucqGSKETb7A5UeJ+sy3uhVk4/yKYKj852l7
ants6X+ifxMG+LzUaG40zloHbsCPV3Ey5pkSSQsYH5pgUyX5VQ7hNF67x6vmSCtV
X20bFztbXAD2aHCwliveOcJPUr+xLNGjlIsdsR6+H0P5WqVnSs9SeQeJrCb1GDa3
4tfp/TKQ9bgrZ8MT4DJNdBMWHzMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSEacDy
w+sA/U1308inqsEQI+/UwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDMxMDAyZTgtZDFlYS00ZGUxLThlYWEtYmM2ZDcwMmI5OGJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQAA/JmtT6mYJjfEYWEl+izhssgziCgqBg3zReWJMAa3
T4GB8mM/NCZKgrdJj3t1N15DG8H401iyFdu2+TOezTOvzLFEY/TjYzBNqhGKpcjy
8uRWO/oPfFWsyWYY2+3bBEoh265wYqOCFZcbktADJRi+l0bTXHOj1LuqbHDPbC1w
IHwPKnYLB7P85GBJ4x8uu7KqSMLDkdKhRoHk/C4rKeBytJ+layhJKl2G16Dt32RF
GCPRFRIHhZ5dMzKlgfb2fYR+wgmW5DXmhtVtyyYuNFUW6pAEe5Qy+0nr7hYdQlbl
JiJfbSdGcmrokO7jW9LAyq2zuh1VAknfpZYHy93tBYSt
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org