Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9a80014-1059-43a6-8d7d-1ed06f9d7a3e.roa
File: e9a80014-1059-43a6-8d7d-1ed06f9d7a3e.roa (raw, json)
Hash identifier: 1cOMSi+OVwYdgWB6NIIi/a613e5dewZau6ExKpJ04xg=
Subject key identifier: 11:11:6D:46:2A:A8:2B:F6:A4:C6:8E:5A:EA:91:75:96:7C:47:90:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77ABFED307225617159E943E8E59C0190B19227B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9a80014-1059-43a6-8d7d-1ed06f9d7a3e.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:ab:fe:d3:07:22:56:17:15:9e:94:3e:8e:59:c0:19:0b:19:22:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=45667b1ceab905d0f2150cf29eda6d5c3990d539eacdcf6a860fb27c8f2f3753, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:ff:bb:d0:e3:1f:90:7c:e2:c2:d2:ee:b3:
70:d9:13:83:7b:95:4f:cd:9c:dc:89:ac:fe:e1:f9:
19:bc:d8:2d:94:87:56:5a:93:b0:b3:88:33:19:18:
15:a0:f5:a1:26:e7:5e:eb:49:72:8d:66:c4:75:22:
4f:66:c7:eb:08:91:cc:96:81:01:f3:ad:7e:c1:3c:
91:e7:19:4a:ce:4e:1f:d0:ee:e5:2b:f8:96:49:c7:
e3:23:fc:0a:28:a8:28:78:fa:34:f1:6c:ee:c1:78:
af:fd:56:a0:06:7a:e9:0e:05:83:55:64:ae:c7:25:
59:22:84:de:23:81:40:b4:eb:87:39:74:ae:e2:e5:
d2:5e:6f:4a:c5:fa:98:a2:68:21:aa:fa:14:a5:aa:
26:e3:7c:83:b6:b5:28:fb:3d:b6:af:01:cc:3c:f9:
01:6f:8a:97:02:7c:a9:07:f1:9f:12:b6:d4:fb:5c:
71:87:dd:fc:a6:a7:6e:54:20:36:4f:f3:1e:aa:02:
74:59:cf:5c:94:ad:6d:73:aa:02:42:1b:06:ae:b0:
9b:45:cf:a2:1e:be:8a:26:a6:85:b0:aa:f3:65:dd:
c6:46:d3:f8:91:48:25:7b:78:30:5a:81:4f:f5:d6:
5b:cc:b0:2c:a2:41:09:f0:96:52:3a:22:28:9f:af:
b2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:11:6D:46:2A:A8:2B:F6:A4:C6:8E:5A:EA:91:75:96:7C:47:90:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9a80014-1059-43a6-8d7d-1ed06f9d7a3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:72:1b:c2:ce:a0:fa:22:76:fd:22:95:47:b5:0c:22:9f:52:
8b:bf:03:d0:ea:6d:b6:94:89:56:e9:87:d5:46:2a:c1:a6:10:
e3:61:04:d9:88:c9:c0:c2:5c:50:48:ef:7c:f2:05:96:db:63:
a6:32:57:b5:01:51:75:dd:5a:37:bb:87:fc:79:38:c6:fd:16:
d3:a1:95:ad:1c:a8:4c:69:e7:24:f7:f9:bd:9c:6b:b9:29:38:
37:5c:f9:8c:60:ba:fc:04:ac:21:f3:0a:2b:5f:c3:ed:6d:a7:
d4:cb:81:5b:60:f9:54:14:31:88:74:b8:2b:b3:fb:4d:60:33:
3b:c2:94:bc:f3:46:d7:08:76:bb:79:74:56:44:38:da:c1:fa:
59:f1:7a:7b:7c:80:f0:73:25:e6:2e:12:3e:c9:e8:30:52:60:
b4:44:05:b3:d9:63:48:12:d2:d8:ba:71:7c:eb:74:e2:15:d6:
02:52:15:db:1b:87:ff:78:49:6a:69:dd:b6:50:a3:17:a7:a9:
5f:af:28:79:c6:85:62:b4:b2:19:56:f6:11:3c:da:dc:94:45:
38:90:fe:bb:6d:f9:f4:29:4f:3c:68:e8:12:16:e4:1b:55:37:
8e:13:0a:37:7e:7d:49:57:f4:a4:67:13:42:30:3a:b5:b7:7f:
63:e6:43:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd6v+0wciVhcVnpQ+jlnAGQsZInswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1NjY3YjFjZWFiOTA1ZDBmMjE1MGNmMjllZGE2ZDVjMzk5MGQ1MzllYWNk
Y2Y2YTg2MGZiMjdjOGYyZjM3NTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXx/7vQ4x+QfOLC0u6zcNkTg3uVT82c3Ims/uH5GbzYLZSHVlqTsLOIMxkY
FaD1oSbnXutJco1mxHUiT2bH6wiRzJaBAfOtfsE8kecZSs5OH9Du5Sv4lknH4yP8
CiioKHj6NPFs7sF4r/1WoAZ66Q4Fg1VkrsclWSKE3iOBQLTrhzl0ruLl0l5vSsX6
mKJoIar6FKWqJuN8g7a1KPs9tq8BzDz5AW+KlwJ8qQfxnxK21PtccYfd/KanblQg
Nk/zHqoCdFnPXJStbXOqAkIbBq6wm0XPoh6+iiamhbCq82XdxkbT+JFIJXt4MFqB
T/XWW8ywLKJBCfCWUjoiKJ+vsoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQREW1G
Kqgr9qTGjlrqkXWWfEeQTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTlhODAwMTQtMTA1OS00M2E2LThkN2QtMWVkMDZmOWQ3YTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQBGchvCzqD6Inb9IpVHtQwin1KLvwPQ6m22lIlW6YfV
RirBphDjYQTZiMnAwlxQSO988gWW22OmMle1AVF13Vo3u4f8eTjG/RbToZWtHKhM
aeck9/m9nGu5KTg3XPmMYLr8BKwh8worX8PtbafUy4FbYPlUFDGIdLgrs/tNYDM7
wpS880bXCHa7eXRWRDjawfpZ8Xp7fIDwcyXmLhI+yegwUmC0RAWz2WNIEtLYunF8
63TiFdYCUhXbG4f/eElqad22UKMXp6lfryh5xoVitLIZVvYRPNrclEU4kP67bfn0
KU88aOgSFuQbVTeOEwo3fn1JV/SkZxNCMDq1t39j5kNA
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org