Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
File: 132c7518-dddd-4506-8c53-640411d8120f.roa (raw, json)
Hash identifier: P3MTQLcU25AzyIjAAS2nfULZ82AJauaDSxKzrSReyhc=
Subject key identifier: 10:6C:5B:EB:E8:ED:28:7B:93:87:D7:FE:6F:52:E7:2F:98:43:9D:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 309B05111587BB1392E9C32CA5F7E3682486F776
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:9b:05:11:15:87:bb:13:92:e9:c3:2c:a5:f7:e3:68:24:86:f7:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3531c9169811286b776ed76ed0de83b6db30d1bbe1ccd8dce058f1c0105bf767, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9e:e0:c7:ab:21:37:e6:86:88:b2:15:b8:d4:
dc:dc:21:c3:fd:7f:82:25:fc:ff:c9:64:ae:ad:7a:
86:f1:f6:d1:43:64:28:19:52:27:62:98:2e:d8:bf:
bf:fe:29:a3:42:de:32:ee:29:c9:e0:b6:8b:23:3f:
88:4e:32:40:f0:b1:47:ba:d5:62:87:d4:97:73:e4:
df:d9:b2:c5:af:17:a4:77:12:ee:10:9c:0e:73:8d:
76:56:54:81:cc:d4:39:f4:5c:b6:91:0f:ae:35:ac:
8e:e5:f6:4e:8a:49:7d:56:fa:f2:e7:59:6a:60:0e:
47:ed:05:a5:d8:8f:48:86:ad:09:22:84:e4:3f:c0:
8c:6e:da:c5:11:35:b7:92:9e:e7:c1:4f:96:af:f8:
d8:61:fd:3e:20:23:96:79:d1:a9:09:70:34:6c:6e:
cd:38:30:cb:99:dd:31:96:22:57:3b:ec:88:e5:11:
50:2b:dc:47:f9:58:7b:a7:66:12:4e:0e:3e:27:79:
09:7b:dc:fd:99:1b:f2:cd:90:2d:b8:bb:f0:78:85:
35:68:b6:56:ba:8d:c2:2b:93:9a:5e:f0:df:07:de:
2f:71:51:bf:8e:92:e5:23:9b:02:3b:9f:74:75:6d:
d8:e6:0d:d5:a2:2a:b5:35:96:f9:69:36:59:a0:60:
e9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:6C:5B:EB:E8:ED:28:7B:93:87:D7:FE:6F:52:E7:2F:98:43:9D:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7a:c7:ac:41:1c:75:9a:d6:ce:b5:6a:7b:3f:25:5b:f1:84:de:
2c:cc:74:74:1e:95:9c:7b:50:eb:bd:07:ff:12:9c:b3:a5:5d:
f0:95:90:78:11:98:86:04:b4:30:ea:b1:93:b5:2b:74:c4:4b:
72:32:8d:39:ea:83:c5:7a:a2:79:71:b5:27:8c:5f:2e:d1:8d:
f2:db:02:bf:85:31:72:cb:60:c4:12:4f:72:e7:94:37:a7:a4:
15:7e:10:c2:dc:b4:cd:d1:5f:09:fa:25:99:d7:ef:4c:fb:10:
be:33:a3:6d:70:48:39:c9:7c:18:5c:36:ac:06:30:b0:c0:0f:
77:04:22:5a:eb:90:67:b7:c2:18:82:e2:de:f3:65:a2:33:95:
6f:88:19:9a:a7:f6:19:c1:4e:d4:10:26:fe:d7:d6:8d:03:6a:
8c:b9:19:59:17:19:d4:7a:8c:4e:60:66:49:ea:e4:8e:f8:8a:
ad:99:37:ba:99:53:18:d5:17:f3:67:6a:8e:98:16:94:b4:65:
e1:81:75:cc:b7:19:e2:0f:e4:2d:6d:a6:56:a4:7c:50:b8:85:
45:8b:c5:1c:13:5b:d5:51:77:2d:5a:71:b2:cc:5c:8d:8e:a9:
14:79:0d:2e:07:0a:29:f2:4e:07:72:3a:a9:81:75:66:d4:9b:
61:fe:a4:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMJsFERWHuxOS6cMspffjaCSG93YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1MzFjOTE2OTgxMTI4NmI3NzZlZDc2ZWQwZGU4M2I2ZGIzMGQxYmJlMWNj
ZDhkY2UwNThmMWMwMTA1YmY3NjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6e4MerITfmhoiyFbjU3Nwhw/1/giX8/8lkrq16hvH20UNkKBlSJ2KYLti/
v/4po0LeMu4pyeC2iyM/iE4yQPCxR7rVYofUl3Pk39myxa8XpHcS7hCcDnONdlZU
gczUOfRctpEPrjWsjuX2TopJfVb68udZamAOR+0FpdiPSIatCSKE5D/AjG7axRE1
t5Ke58FPlq/42GH9PiAjlnnRqQlwNGxuzTgwy5ndMZYiVzvsiOURUCvcR/lYe6dm
Ek4OPid5CXvc/Zkb8s2QLbi78HiFNWi2VrqNwiuTml7w3wfeL3FRv46S5SObAjuf
dHVt2OYN1aIqtTWW+Wk2WaBg6ecCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQbFvr
6O0oe5OH1/5vUucvmEOdfzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTMyYzc1MTgtZGRkZC00NTA2LThjNTMtNjQwNDExZDgxMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQB6x6xBHHWa1s61ans/JVvxhN4szHR0HpWce1DrvQf/
EpyzpV3wlZB4EZiGBLQw6rGTtSt0xEtyMo056oPFeqJ5cbUnjF8u0Y3y2wK/hTFy
y2DEEk9y55Q3p6QVfhDC3LTN0V8J+iWZ1+9M+xC+M6NtcEg5yXwYXDasBjCwwA93
BCJa65Bnt8IYguLe82WiM5VviBmap/YZwU7UECb+19aNA2qMuRlZFxnUeoxOYGZJ
6uSO+IqtmTe6mVMY1RfzZ2qOmBaUtGXhgXXMtxniD+QtbaZWpHxQuIVFi8UcE1vV
UXctWnGyzFyNjqkUeQ0uBwop8k4HcjqpgXVm1Jth/qQw
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org