Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: LbM1pcmYB8L5oQY46lBcsRUL3WKBBQsmGRWisDUHt/A=
Subject key identifier: 9C:E6:BA:FC:3C:92:16:22:F7:11:F7:23:F9:B8:03:BE:F0:1E:30:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54CC0B9EA29F773D269A0C1C3F46C03EF707ECE7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:cc:0b:9e:a2:9f:77:3d:26:9a:0c:1c:3f:46:c0:3e:f7:07:ec:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=152c98f4db00cffb3bc781b3bc1bf0b3118e7920fcf4017ae8de60bef1ae3dbb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dd:fb:61:36:c0:2a:8b:e1:2c:79:28:15:03:
8e:33:ed:93:f0:66:a4:53:2b:35:58:50:bd:21:e5:
0c:4b:04:1d:ae:7e:a2:e7:37:46:d0:cc:87:61:e6:
1b:d0:7f:74:79:fc:3c:13:20:92:b4:4a:90:86:c0:
4c:0d:c0:c3:ee:48:a0:1c:41:be:52:fe:61:da:f9:
64:7f:60:2b:a3:db:fb:6f:16:1f:9a:a9:60:c0:71:
7e:8b:ca:11:50:b1:8a:69:da:35:9c:2a:84:73:c5:
98:4f:8d:a2:36:6f:db:39:56:92:b3:1e:91:9c:26:
8b:a8:11:c5:66:14:f7:a9:7e:ce:60:ca:46:15:27:
9b:e7:f4:90:e5:4b:59:67:57:d1:cc:84:b5:4a:92:
ae:67:2d:e8:1a:f0:32:6d:eb:07:a7:1a:ae:b9:87:
22:91:0a:3d:a4:02:6d:3d:6e:bd:cd:0c:1e:15:78:
87:6f:27:cb:c7:6f:cd:4b:dd:30:ad:66:ac:d4:91:
d9:56:22:08:b9:80:32:32:1c:b6:d8:86:4b:d8:7b:
d0:49:ce:d0:cd:c2:95:4a:f6:15:29:e2:14:68:e2:
04:58:cc:d6:49:fb:e1:8c:b5:b3:8f:90:b3:83:30:
49:a7:a1:88:76:3c:77:95:06:20:b9:2c:32:36:d3:
9d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E6:BA:FC:3C:92:16:22:F7:11:F7:23:F9:B8:03:BE:F0:1E:30:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:3b:1d:48:a5:6e:7d:b4:8a:91:af:8d:75:ee:c0:9e:13:ca:
92:f5:a5:a2:08:6f:3b:0a:a8:b5:91:57:d0:a5:91:1e:4b:10:
1d:6a:16:c1:1b:f2:7a:e1:a4:c3:94:c9:7f:be:12:cb:8d:d6:
d5:d0:31:ae:22:c1:5a:2e:b1:67:66:25:0b:25:dc:e2:e3:46:
2b:da:c6:41:81:5a:a2:ea:7a:02:79:4c:e9:e3:a9:e5:4d:63:
9e:82:ba:08:16:bb:72:af:6d:ad:30:22:4a:5f:79:cb:b9:19:
10:1d:ba:86:ac:7d:33:94:ae:28:a1:1c:60:0c:45:1a:cb:7c:
f5:2a:92:c4:27:c2:f6:80:72:fe:ef:8b:9f:e8:eb:81:5c:5f:
90:6d:d5:1e:a0:d5:f7:d6:4d:99:6a:ec:34:cc:e1:2a:45:6f:
ff:43:ca:5c:e9:da:a1:83:6c:2f:0c:21:8b:01:6c:1e:ea:78:
cf:01:08:09:1a:35:89:9d:a4:17:9d:06:4f:96:b9:e5:ce:2a:
b8:99:65:4a:97:2a:db:7c:5d:15:58:89:93:ca:29:f5:6b:4d:
fc:5f:dc:04:30:fa:65:ae:6b:fa:12:fc:4f:80:7f:6b:f2:af:
c8:55:91:60:47:e3:e8:c8:2c:b7:d5:56:e8:1c:91:79:61:c1:
8e:34:e6:80
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVMwLnqKfdz0mmgwcP0bAPvcH7OcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MmM5OGY0ZGIwMGNmZmIzYmM3ODFiM2JjMWJmMGIzMTE4ZTc5MjBmY2Y0
MDE3YWU4ZGU2MGJlZjFhZTNkYmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTd+2E2wCqL4Sx5KBUDjjPtk/BmpFMrNVhQvSHlDEsEHa5+ouc3RtDMh2Hm
G9B/dHn8PBMgkrRKkIbATA3Aw+5IoBxBvlL+Ydr5ZH9gK6Pb+28WH5qpYMBxfovK
EVCximnaNZwqhHPFmE+NojZv2zlWkrMekZwmi6gRxWYU96l+zmDKRhUnm+f0kOVL
WWdX0cyEtUqSrmct6BrwMm3rB6carrmHIpEKPaQCbT1uvc0MHhV4h28ny8dvzUvd
MK1mrNSR2VYiCLmAMjIcttiGS9h70EnO0M3ClUr2FSniFGjiBFjM1kn74Yy1s4+Q
s4MwSaehiHY8d5UGILksMjbTnS0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSc5rr8
PJIWIvcR9yP5uAO+8B4wCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQAzOx1IpW59tIqRr4117sCeE8qS9aWiCG87Cqi1kVfQ
pZEeSxAdahbBG/J64aTDlMl/vhLLjdbV0DGuIsFaLrFnZiULJdzi40Yr2sZBgVqi
6noCeUzp46nlTWOegroIFrtyr22tMCJKX3nLuRkQHbqGrH0zlK4ooRxgDEUay3z1
KpLEJ8L2gHL+74uf6OuBXF+QbdUeoNX31k2Zauw0zOEqRW//Q8pc6dqhg2wvDCGL
AWwe6njPAQgJGjWJnaQXnQZPlrnlziq4mWVKlyrbfF0VWImTyin1a038X9wEMPpl
rmv6EvxPgH9r8q/IVZFgR+PoyCy31VboHJF5YcGONOaA
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org