Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
File: f67407cf-5834-4984-bfd7-dae383ea166b.roa (raw, json)
Hash identifier: l0Ojja+brG/W3ItVueL1vfag6DsfKfe1fAcgyHLMb38=
Subject key identifier: A0:C5:70:2D:DD:17:28:15:B7:7F:EF:EA:34:BB:63:EC:0C:0F:92:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AFB8E2D060042B41E71AB59A5A598D712F19751
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:fb:8e:2d:06:00:42:b4:1e:71:ab:59:a5:a5:98:d7:12:f1:97:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=3d0b1d64f4212466e0ce6c9fb887895d3760edeb620b208bdfc4177297a5709f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:44:c1:92:af:7a:d8:bb:99:72:fe:6c:d3:5a:
f9:e8:1e:ef:7e:91:a2:e6:75:f1:d7:f8:9f:2b:13:
b6:b9:cf:6b:06:3f:20:a6:6c:80:f7:78:67:85:bc:
3e:f7:b2:9b:bf:40:5b:ce:3f:9b:a1:71:e6:fd:67:
11:eb:3c:fb:4b:99:e9:f0:e1:56:e6:27:5c:fd:14:
d6:cc:75:af:a3:af:32:20:33:31:df:23:54:c3:df:
00:70:11:e5:45:1b:c0:cd:b0:69:7d:26:a2:19:25:
35:d5:62:20:97:61:db:d1:86:22:e2:b0:88:9e:9a:
73:c1:c5:86:93:01:9a:33:7e:f4:c1:ea:5e:43:4d:
ef:20:16:cc:17:ee:fc:ed:6c:46:fb:77:d1:e2:15:
81:01:ea:bb:22:31:bd:f6:0f:37:8b:1e:da:95:94:
d4:de:b5:58:af:a1:76:a4:3b:03:9f:94:0a:92:d2:
81:25:4c:5a:c3:7f:dd:3b:88:f7:17:cb:df:28:68:
03:af:b8:db:fd:5f:19:85:ae:54:d7:4d:ab:bb:ae:
84:f5:16:13:ab:25:51:45:3d:05:8d:17:26:5c:75:
b2:c6:79:67:c2:e9:f4:a6:7a:d4:b9:61:ec:f5:68:
2d:1a:60:02:91:52:e5:6e:9d:db:bc:40:48:84:31:
b8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C5:70:2D:DD:17:28:15:B7:7F:EF:EA:34:BB:63:EC:0C:0F:92:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:d1:4b:14:24:16:40:b5:40:6c:ac:02:9c:d4:f7:c0:1f:01:
b1:aa:1a:f2:64:a5:20:8a:d2:ff:58:d9:9e:bb:2c:cb:41:4a:
c0:09:3b:8b:a9:b4:88:ff:a0:f1:20:14:23:70:bf:64:f1:c5:
6c:c9:b2:7a:dd:dd:22:c0:d5:ec:9c:6e:4e:37:49:f3:e8:c0:
d6:24:05:ae:78:3a:79:ef:c2:c3:0b:01:63:a2:4b:71:8f:56:
45:5a:7b:7b:90:de:c2:fe:fc:62:6b:2c:40:fb:39:c6:ae:dd:
36:de:ce:fb:8a:52:5c:de:b7:a2:15:c0:ce:b5:de:f0:29:3c:
56:dc:a3:8c:0b:83:eb:66:d2:85:56:d1:cb:22:2a:16:7f:53:
9e:0c:9b:51:82:11:db:69:fd:19:21:f9:bb:ca:6f:a1:e4:14:
83:0a:02:7f:27:56:1f:2e:2c:5a:3c:eb:d8:ee:00:7a:20:ba:
46:ab:a1:68:b0:e9:43:2d:fa:70:75:7f:e3:5f:ab:fe:d9:69:
01:13:20:cd:c6:7d:13:c0:6f:35:8b:01:2b:da:d4:fc:25:98:
7e:31:2d:2d:01:50:4c:21:1d:43:2b:18:b7:b0:7f:69:e9:a5:
79:d2:eb:60:71:41:b3:96:d1:db:c7:45:21:ef:94:cf:0c:de:
b5:51:0d:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOvuOLQYAQrQecatZpaWY1xLxl1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMGIxZDY0ZjQyMTI0NjZlMGNlNmM5ZmI4ODc4OTVkMzc2MGVkZWI2MjBi
MjA4YmRmYzQxNzcyOTdhNTcwOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPdEwZKveti7mXL+bNNa+ege736RouZ18df4nysTtrnPawY/IKZsgPd4Z4W8
Pveym79AW84/m6Fx5v1nEes8+0uZ6fDhVuYnXP0U1sx1r6OvMiAzMd8jVMPfAHAR
5UUbwM2waX0mohklNdViIJdh29GGIuKwiJ6ac8HFhpMBmjN+9MHqXkNN7yAWzBfu
/O1sRvt30eIVgQHquyIxvfYPN4se2pWU1N61WK+hdqQ7A5+UCpLSgSVMWsN/3TuI
9xfL3yhoA6+42/1fGYWuVNdNq7uuhPUWE6slUUU9BY0XJlx1ssZ5Z8Lp9KZ61Llh
7PVoLRpgApFS5W6d27xASIQxuC0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSgxXAt
3RcoFbd/7+o0u2PsDA+SRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjY3NDA3Y2YtNTgzNC00OTg0LWJmZDctZGFlMzgzZWExNjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBK0UsUJBZAtUBsrAKc1PfAHwGxqhryZKUgitL/WNme
uyzLQUrACTuLqbSI/6DxIBQjcL9k8cVsybJ63d0iwNXsnG5ON0nz6MDWJAWueDp5
78LDCwFjoktxj1ZFWnt7kN7C/vxiayxA+znGrt023s77ilJc3reiFcDOtd7wKTxW
3KOMC4PrZtKFVtHLIioWf1OeDJtRghHbaf0ZIfm7ym+h5BSDCgJ/J1YfLixaPOvY
7gB6ILpGq6FosOlDLfpwdX/jX6v+2WkBEyDNxn0TwG81iwEr2tT8JZh+MS0tAVBM
IR1DKxi3sH9p6aV50utgcUGzltHbx0Uh75TPDN61UQ2a
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org