Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa
File: 0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa (raw, json)
Hash identifier: UVQ/Qqz6txKjZNJbzWv1eZGx4C/tU506EUDcVODt5+8=
Subject key identifier: 9D:9C:4D:ED:65:E9:80:95:12:8D:BD:14:97:05:96:54:F4:25:3E:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D0C4246E95185790DFD1E48E99B2DC162827EF1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:0c:42:46:e9:51:85:79:0d:fd:1e:48:e9:9b:2d:c1:62:82:7e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=6a5218e53490f6433d79e1eb8cdc6bc7fb31f45e516bfeb20e1ab982a77efb96, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:11:f5:41:2a:25:91:50:ec:37:fb:21:8c:7e:
6d:02:5e:ab:e1:a3:56:10:60:58:08:0d:ee:e8:31:
32:45:c9:c3:85:99:8a:17:f0:2b:16:6e:36:46:f3:
f8:4c:65:ac:da:b8:b4:4e:94:23:f9:d0:f0:37:f6:
ea:93:d5:e4:5c:af:f4:8a:14:37:68:b4:64:74:1e:
48:0b:34:00:ba:15:c6:2b:b5:37:6d:44:20:93:b2:
d8:dd:59:89:92:d8:c8:be:56:17:24:b2:09:b5:50:
5e:4d:66:8c:16:86:76:59:1f:fb:9e:4d:76:b1:39:
fc:3b:a8:be:1f:66:c8:7a:ec:81:2f:0e:1f:97:c5:
1b:08:98:45:b2:0c:ea:f3:ce:9b:f4:45:4d:50:fb:
33:b0:8e:d4:7f:be:0b:cc:97:55:5b:60:ff:f0:c3:
1f:71:68:3c:0f:d5:28:03:3c:25:30:7e:ad:d1:ed:
04:b6:fc:42:26:ee:ff:07:7c:99:4c:5a:66:a5:0a:
0e:63:36:0f:d0:f7:e1:d6:a3:cf:fc:cb:90:e1:f2:
5d:a3:f5:73:62:fa:2f:22:84:56:5f:47:73:7d:21:
7f:ac:31:25:04:f7:50:1d:76:6a:06:fb:3d:92:b4:
88:ae:af:03:4c:10:1d:e0:9b:60:71:fe:d8:35:a4:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9C:4D:ED:65:E9:80:95:12:8D:BD:14:97:05:96:54:F4:25:3E:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0f6bc0d2-8628-4ccd-a0d9-39bab00ce826.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
89:06:42:53:00:f5:8a:d1:57:4c:d6:7e:17:2f:77:1c:22:0d:
f1:b7:87:7c:cc:15:06:f8:c8:af:dd:49:a2:2d:9d:8e:57:48:
d8:c4:8a:ab:4d:1e:26:b3:b9:b2:d9:13:9a:f4:3f:6e:af:a5:
1b:00:30:b9:53:de:ea:f6:33:08:48:d3:28:8b:77:41:c5:19:
2f:a2:c3:37:27:ed:2d:4d:d1:b0:7a:4a:d3:1e:38:df:7d:6e:
86:71:b8:21:6c:f6:37:e0:10:44:61:c1:09:2e:56:9c:a1:7b:
4e:da:4d:c5:be:81:f4:ca:8f:37:fa:9e:00:75:ec:58:5e:49:
03:86:c1:67:03:f9:d5:0a:d9:c4:72:3e:c8:15:fa:c7:a8:00:
b4:ec:2e:8b:b3:68:d7:32:44:04:d3:40:91:ed:f6:d1:fc:f4:
9c:d9:79:f4:ca:20:ed:a5:db:de:01:66:7b:13:aa:08:3b:df:
b2:d0:81:a7:42:27:8e:94:49:f7:f8:bf:01:91:4a:49:88:f8:
e6:b1:16:87:fc:93:2a:a7:27:79:35:48:0f:19:c8:3e:39:86:
7c:c3:5f:8f:a6:61:6f:ad:3b:0a:3e:00:f6:6f:e3:b8:2d:e6:
ed:ff:14:77:f6:32:6a:78:a4:8d:bb:17:46:97:b2:9a:0b:39:
2d:c6:e4:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXQxCRulRhXkN/R5I6ZstwWKCfvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhNTIxOGU1MzQ5MGY2NDMzZDc5ZTFlYjhjZGM2YmM3ZmIzMWY0NWU1MTZi
ZmViMjBlMWFiOTgyYTc3ZWZiOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8R9UEqJZFQ7Df7IYx+bQJeq+GjVhBgWAgN7ugxMkXJw4WZihfwKxZuNkbz
+ExlrNq4tE6UI/nQ8Df26pPV5Fyv9IoUN2i0ZHQeSAs0ALoVxiu1N21EIJOy2N1Z
iZLYyL5WFySyCbVQXk1mjBaGdlkf+55NdrE5/Duovh9myHrsgS8OH5fFGwiYRbIM
6vPOm/RFTVD7M7CO1H++C8yXVVtg//DDH3FoPA/VKAM8JTB+rdHtBLb8Qibu/wd8
mUxaZqUKDmM2D9D34dajz/zLkOHyXaP1c2L6LyKEVl9Hc30hf6wxJQT3UB12agb7
PZK0iK6vA0wQHeCbYHH+2DWkXb8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSdnE3t
ZemAlRKNvRSXBZZU9CU+LDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGY2YmMwZDItODYyOC00Y2NkLWEwZDktMzliYWIwMGNlODI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQCJBkJTAPWK0VdM1n4XL3ccIg3xt4d8zBUG+Miv3Umi
LZ2OV0jYxIqrTR4ms7my2ROa9D9ur6UbADC5U97q9jMISNMoi3dBxRkvosM3J+0t
TdGwekrTHjjffW6GcbghbPY34BBEYcEJLlacoXtO2k3FvoH0yo83+p4AdexYXkkD
hsFnA/nVCtnEcj7IFfrHqAC07C6Ls2jXMkQE00CR7fbR/PSc2Xn0yiDtpdveAWZ7
E6oIO9+y0IGnQieOlEn3+L8BkUpJiPjmsRaH/JMqpyd5NUgPGcg+OYZ8w1+PpmFv
rTsKPgD2b+O4Lebt/xR39jJqeKSNuxdGl7KaCzktxuRa
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org