Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
File: 018d1278-2c0d-467a-ae97-a69101b9f274.roa (raw, json)
Hash identifier: rtVlm2alQVVwfT8Zebt3kgEkJPZWIx3guW1qcsRuk+A=
Subject key identifier: 80:73:F1:BB:A0:5B:38:A5:42:C1:5B:85:CA:AB:25:9A:F5:BF:04:B8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E267826690253A79EB1FCFA15E313DA0EBC0167
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:26:78:26:69:02:53:a7:9e:b1:fc:fa:15:e3:13:da:0e:bc:01:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=8d528556271b1e16c8a35db6f293f3d409f39b0434d82927cab569290214def2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9e:aa:51:02:dd:d1:81:33:ed:7c:8c:d6:3e:
6e:a7:87:b8:63:30:30:a7:b6:3b:4e:3b:50:c4:e4:
39:e1:14:68:6d:49:e3:6e:4e:87:d3:28:73:84:43:
51:85:6e:17:75:38:de:2a:14:59:4a:2f:a4:3c:f9:
5f:a1:3a:94:61:91:65:3d:aa:04:28:c2:f1:83:88:
c2:29:39:a6:ef:43:fb:b0:0b:46:4d:23:89:5c:23:
c2:d6:87:ce:3e:d0:f6:15:c2:53:9a:96:71:ce:3f:
e0:6c:3e:79:4e:64:49:ce:62:b6:fe:20:fb:19:2d:
bb:6d:09:23:2f:f8:b4:1a:db:35:e7:5b:2c:d8:48:
25:3d:b8:35:cd:b1:f8:79:61:8b:a8:99:b5:56:c4:
e4:d2:b4:b6:c7:79:2b:d4:ba:b2:c8:7b:00:7b:68:
e4:1e:4b:72:86:23:44:69:90:ed:60:b9:ba:dc:51:
3f:04:db:fa:44:7c:1d:44:9b:aa:94:da:02:99:2f:
93:bc:09:f3:6f:58:55:80:76:58:c5:c0:8e:48:2a:
24:8f:7e:cf:0b:08:32:ee:10:78:f9:6d:ff:99:72:
e2:2e:f3:99:99:b9:71:12:47:6e:f0:0f:a4:09:8a:
95:80:c1:c8:b1:3a:b5:02:e4:66:9a:3a:27:ba:ab:
46:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:73:F1:BB:A0:5B:38:A5:42:C1:5B:85:CA:AB:25:9A:F5:BF:04:B8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:e0:c8:14:4c:ce:4f:82:c5:6f:8b:68:fa:56:e8:d1:c3:f2:
0e:88:b0:63:47:44:75:2c:f9:cb:0f:16:aa:e9:34:73:8b:fc:
70:db:b7:8c:63:bb:9e:61:11:fa:d7:0b:39:33:c0:99:bc:49:
df:c9:56:44:e9:63:5f:77:95:ab:e5:54:28:9f:3c:f4:73:de:
ef:e7:d0:df:55:44:c4:0e:b8:6a:c5:31:7b:23:0c:ad:22:0e:
d2:66:f7:6d:42:d7:91:05:01:e9:42:16:bd:55:db:42:4d:19:
8b:60:d6:d9:80:03:19:2d:bf:40:06:dc:5c:6c:80:a6:b7:41:
b0:48:9d:68:9b:53:6b:b5:b0:36:45:08:ed:de:ac:1a:a4:2f:
c3:e0:a5:13:e7:02:9f:6e:b7:fc:62:ee:6e:41:33:c2:15:cf:
6e:5c:ad:f3:4b:7b:df:ae:39:f7:de:58:41:ab:1d:97:a1:55:
49:bc:76:e5:26:31:2c:da:c5:d4:b5:94:d4:eb:a6:b1:9e:7b:
74:a5:96:a5:e0:71:e0:17:1f:1b:0a:33:a3:41:80:41:ee:61:
70:97:3a:6a:03:c2:76:b6:bd:b9:78:00:27:b1:a2:97:5d:1a:
5e:40:7c:29:f8:fe:89:c9:9a:95:32:ee:c5:b6:8c:3b:08:5d:
24:d8:1b:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbiZ4JmkCU6eesfz6FeMT2g68AWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkNTI4NTU2MjcxYjFlMTZjOGEzNWRiNmYyOTNmM2Q0MDlmMzliMDQzNGQ4
MjkyN2NhYjU2OTI5MDIxNGRlZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+eqlEC3dGBM+18jNY+bqeHuGMwMKe2O047UMTkOeEUaG1J425Oh9Moc4RD
UYVuF3U43ioUWUovpDz5X6E6lGGRZT2qBCjC8YOIwik5pu9D+7ALRk0jiVwjwtaH
zj7Q9hXCU5qWcc4/4Gw+eU5kSc5itv4g+xktu20JIy/4tBrbNedbLNhIJT24Nc2x
+Hlhi6iZtVbE5NK0tsd5K9S6ssh7AHto5B5LcoYjRGmQ7WC5utxRPwTb+kR8HUSb
qpTaApkvk7wJ829YVYB2WMXAjkgqJI9+zwsIMu4QePlt/5ly4i7zmZm5cRJHbvAP
pAmKlYDByLE6tQLkZpo6J7qrRicCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSAc/G7
oFs4pULBW4XKqyWa9b8EuDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDE4ZDEyNzgtMmMwZC00NjdhLWFlOTctYTY5MTAxYjlmMjc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCK4MgUTM5PgsVvi2j6VujRw/IOiLBjR0R1LPnLDxaq
6TRzi/xw27eMY7ueYRH61ws5M8CZvEnfyVZE6WNfd5Wr5VQonzz0c97v59DfVUTE
DrhqxTF7IwytIg7SZvdtQteRBQHpQha9VdtCTRmLYNbZgAMZLb9ABtxcbICmt0Gw
SJ1om1NrtbA2RQjt3qwapC/D4KUT5wKfbrf8Yu5uQTPCFc9uXK3zS3vfrjn33lhB
qx2XoVVJvHblJjEs2sXUtZTU66axnnt0pZal4HHgFx8bCjOjQYBB7mFwlzpqA8J2
tr25eAAnsaKXXRpeQHwp+P6JyZqVMu7Ftow7CF0k2Bt6
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:30 2024 by rpki-client on console-fra.rpki-client.org