Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
File: f71d7429-ef0b-424d-9e36-741d62d1968a.roa (raw, json)
Hash identifier: LyhvdWeAQRejXOhLn8eVcP4qFzniE19/QBbjxUyazsI=
Subject key identifier: E9:A7:82:D2:F2:1B:86:0D:80:42:8A:4E:BF:DA:04:FA:72:F1:16:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 797952226AAB55CF1A1E6D664CB9729171E1A00A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:79:52:22:6a:ab:55:cf:1a:1e:6d:66:4c:b9:72:91:71:e1:a0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=0d52962f0aacb84c6e7e99cecb147c2c8f4a03532ad43fec3efaf89a69547199, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f8:dc:0c:ee:27:7b:84:52:ec:28:d2:da:72:
39:ba:e9:f9:b6:b5:c8:9d:ab:29:89:fe:1a:4a:25:
d2:5c:f0:1c:b6:aa:b4:2b:74:88:54:89:9f:40:c7:
b5:9e:26:8b:8c:e5:09:e1:d1:5a:d2:95:5e:59:a9:
bf:b1:55:8c:0e:a5:3d:c1:85:34:2a:89:2d:f7:1c:
d5:ef:8a:35:91:83:d6:cf:01:6d:11:89:ca:e0:52:
ee:9f:c1:1d:e4:93:31:90:a5:95:56:66:cc:ce:7a:
bf:35:0d:90:83:83:34:33:e7:93:10:1d:13:e7:a1:
54:53:25:12:9b:4d:05:b3:f5:6c:1e:62:dc:e1:99:
dc:bb:75:d8:de:3c:ee:65:37:70:23:bd:92:77:d4:
d2:23:82:1d:90:81:c4:8f:fe:b6:c4:5b:d9:10:e9:
be:bc:38:35:3c:be:27:7b:bf:69:95:1d:db:ca:29:
d1:d3:29:2c:9c:6f:4a:9b:25:27:55:54:f3:ff:ac:
12:3f:5e:57:25:3b:d5:1e:96:9b:ea:aa:30:7c:f9:
29:47:c1:7f:d2:52:25:56:f8:45:b1:2c:12:a3:79:
0e:a4:ec:cf:76:98:9a:e7:2f:8e:4e:5d:56:9b:27:
31:b0:5c:9e:a9:60:fd:32:e7:67:18:6d:4f:6d:fb:
de:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A7:82:D2:F2:1B:86:0D:80:42:8A:4E:BF:DA:04:FA:72:F1:16:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a4:cf:d3:93:d4:44:87:7f:59:6d:41:1b:9e:05:de:20:15:2b:
0c:c4:a2:bf:84:82:4f:68:f3:7d:00:04:66:99:9d:6e:e9:07:
8e:ab:11:0c:9b:f7:cf:ae:36:16:77:00:9a:dc:01:17:65:26:
3e:fd:2a:be:42:a1:ae:c6:75:6a:22:3b:80:f6:c0:7c:9b:4d:
1b:18:09:5a:4e:c3:68:c8:47:b2:b8:1b:f8:e7:ac:41:34:f1:
b8:4a:a7:9e:f0:01:7b:e8:4d:1d:95:bd:f3:76:68:bd:fd:d6:
7a:e0:f7:73:98:3c:4a:27:52:d6:26:44:f0:fb:c0:64:8e:91:
d4:2a:b5:c0:ff:56:98:eb:93:dc:c1:9c:37:3a:c2:a1:60:52:
f6:f8:0f:c3:71:69:27:00:fe:1d:44:ff:d7:4d:a2:85:48:f5:
ab:3a:78:d3:66:63:01:96:b8:f8:7a:92:d6:a9:85:6d:29:81:
7a:64:f4:0f:d7:fd:e8:3c:eb:c7:11:8a:2c:37:37:60:d8:5c:
5f:7d:6d:4e:7c:ef:3b:49:6f:8b:19:57:4e:07:69:a7:5c:f3:
f1:39:a2:ac:b7:a6:55:af:19:ee:07:b2:5a:41:50:45:4e:81:
d1:2c:cc:8b:2e:04:f6:e4:c4:bc:a4:55:8a:5a:07:cb:5a:35:
4d:92:4d:39
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeXlSImqrVc8aHm1mTLlykXHhoAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkNTI5NjJmMGFhY2I4NGM2ZTdlOTljZWNiMTQ3YzJjOGY0YTAzNTMyYWQ0
M2ZlYzNlZmFmODlhNjk1NDcxOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANb43AzuJ3uEUuwo0tpyObrp+ba1yJ2rKYn+Gkol0lzwHLaqtCt0iFSJn0DH
tZ4mi4zlCeHRWtKVXlmpv7FVjA6lPcGFNCqJLfcc1e+KNZGD1s8BbRGJyuBS7p/B
HeSTMZCllVZmzM56vzUNkIODNDPnkxAdE+ehVFMlEptNBbP1bB5i3OGZ3Lt12N48
7mU3cCO9knfU0iOCHZCBxI/+tsRb2RDpvrw4NTy+J3u/aZUd28op0dMpLJxvSpsl
J1VU8/+sEj9eVyU71R6Wm+qqMHz5KUfBf9JSJVb4RbEsEqN5DqTsz3aYmucvjk5d
VpsnMbBcnqlg/TLnZxhtT2373oECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTpp4LS
8huGDYBCik6/2gT6cvEWqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjcxZDc0MjktZWYwYi00MjRkLTllMzYtNzQxZDYyZDE5NjhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCkz9OT1ESHf1ltQRueBd4gFSsMxKK/hIJPaPN9AARm
mZ1u6QeOqxEMm/fPrjYWdwCa3AEXZSY+/Sq+QqGuxnVqIjuA9sB8m00bGAlaTsNo
yEeyuBv456xBNPG4Sqee8AF76E0dlb3zdmi9/dZ64PdzmDxKJ1LWJkTw+8BkjpHU
KrXA/1aY65PcwZw3OsKhYFL2+A/DcWknAP4dRP/XTaKFSPWrOnjTZmMBlrj4epLW
qYVtKYF6ZPQP1/3oPOvHEYosNzdg2FxffW1OfO87SW+LGVdOB2mnXPPxOaKst6ZV
rxnuB7JaQVBFToHRLMyLLgT25MS8pFWKWgfLWjVNkk05
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org