Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17350a8e-5c2b-4c64-be1a-19d7141edd53.roa
File: 17350a8e-5c2b-4c64-be1a-19d7141edd53.roa (raw, json)
Hash identifier: YesI3ZcG7I+l3jzhkfRc6g/X6ggLIwgJJnLs9xgfxQs=
Subject key identifier: B7:B5:B5:E5:AF:18:31:9C:04:21:14:FC:60:CC:22:FC:1E:5F:25:00
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54047DB80BA4A7CC1E373DFC82B2DCA9C9F14030
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17350a8e-5c2b-4c64-be1a-19d7141edd53.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:04:7d:b8:0b:a4:a7:cc:1e:37:3d:fc:82:b2:dc:a9:c9:f1:40:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=4b65174f5a563df022d73d59f1c50e3ccde2ed0adb7d519f26c93c71b5c197f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f3:82:26:77:89:ce:d1:72:7e:af:cb:52:44:
17:e5:05:0f:26:47:4b:62:ec:6c:50:92:d0:6a:2b:
d2:21:e4:df:b6:44:e8:63:f6:fa:8e:11:1b:80:19:
e8:d5:7c:9a:04:75:44:2d:37:04:1b:71:8e:61:f4:
ed:77:04:02:53:a8:47:31:8d:b0:cd:dc:70:25:e6:
bd:1a:90:7b:ba:de:6b:27:02:95:25:74:39:53:33:
b5:fc:20:69:f4:56:67:56:98:89:88:5b:ee:7c:0f:
f5:51:37:62:b4:23:ae:aa:b5:60:85:45:2f:7e:b2:
e3:71:0a:60:64:53:6e:66:3f:6e:14:3b:d8:61:bd:
86:b3:72:6a:8a:6a:c1:7d:85:02:50:a0:4f:59:94:
e2:32:c2:1b:43:21:da:cf:0e:5e:d6:6a:6a:50:42:
d1:50:f9:de:08:3a:9f:c6:c1:77:09:55:49:a4:3e:
4d:c7:c6:d1:12:92:f1:89:58:97:88:5c:2a:ad:1c:
d9:4b:40:65:d8:33:7f:f2:f1:92:90:5c:b6:c5:09:
f8:19:2c:2d:74:2c:f9:68:c7:3f:0f:5a:0b:98:aa:
c2:27:54:63:56:87:4a:c2:40:73:86:2e:1b:18:a9:
a6:eb:cc:aa:5f:ba:1c:60:ba:da:9b:2c:4e:57:65:
a3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B5:B5:E5:AF:18:31:9C:04:21:14:FC:60:CC:22:FC:1E:5F:25:00
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17350a8e-5c2b-4c64-be1a-19d7141edd53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:33:c8:62:63:68:0e:02:80:0a:1c:1a:2e:28:7a:ba:dc:40:
a4:87:f0:09:43:16:0b:49:7d:06:77:c1:8c:ee:26:0f:06:97:
31:b1:91:79:1b:1f:88:99:a2:6f:40:ab:4d:58:41:2f:6b:1d:
9c:6e:6f:bd:32:9f:6c:22:62:63:ab:a1:2b:73:e2:a3:64:84:
cf:b5:1e:98:f1:c7:19:c7:80:9b:41:bb:dd:e3:5d:a9:a5:6a:
19:d7:d7:e4:43:65:b3:87:20:eb:2b:02:6e:83:63:ca:93:44:
24:a1:b6:21:8a:d3:9b:78:87:d7:e6:58:80:ef:e1:e1:53:49:
36:ba:b9:79:94:d0:17:32:46:5a:12:cc:f7:ea:5c:86:c4:42:
05:76:01:e8:79:08:41:bd:f1:0e:cf:b5:a2:72:cc:fb:01:22:
72:95:bb:de:0b:d3:9b:ab:a4:a2:41:78:28:8f:a8:49:5c:59:
0f:64:06:1c:6f:e2:e3:65:a9:49:02:1b:19:9d:55:fa:58:b5:
33:7d:d9:41:c2:15:13:fc:16:92:51:26:d2:e6:59:89:e2:ed:
e6:16:9f:d3:92:d2:76:f7:86:6a:1c:0b:88:4b:f1:e2:b5:77:
ff:2d:df:20:de:13:77:15:db:02:e4:41:d9:5e:a7:cb:53:ba:
25:b7:d8:1b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVAR9uAukp8weNz38grLcqcnxQDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNjUxNzRmNWE1NjNkZjAyMmQ3M2Q1OWYxYzUwZTNjY2RlMmVkMGFkYjdk
NTE5ZjI2YzkzYzcxYjVjMTk3ZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPzgiZ3ic7Rcn6vy1JEF+UFDyZHS2LsbFCS0Gor0iHk37ZE6GP2+o4RG4AZ
6NV8mgR1RC03BBtxjmH07XcEAlOoRzGNsM3ccCXmvRqQe7reaycClSV0OVMztfwg
afRWZ1aYiYhb7nwP9VE3YrQjrqq1YIVFL36y43EKYGRTbmY/bhQ72GG9hrNyaopq
wX2FAlCgT1mU4jLCG0Mh2s8OXtZqalBC0VD53gg6n8bBdwlVSaQ+TcfG0RKS8YlY
l4hcKq0c2UtAZdgzf/LxkpBctsUJ+BksLXQs+WjHPw9aC5iqwidUY1aHSsJAc4Yu
GxippuvMql+6HGC62pssTldlozMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3tbXl
rxgxnAQhFPxgzCL8Hl8lADAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTczNTBhOGUtNWMyYi00YzY0LWJlMWEtMTlkNzE0MWVkZDUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQCsM8hiY2gOAoAKHBouKHq63ECkh/AJQxYLSX0Gd8GM
7iYPBpcxsZF5Gx+ImaJvQKtNWEEvax2cbm+9Mp9sImJjq6Erc+KjZITPtR6Y8ccZ
x4CbQbvd412ppWoZ19fkQ2WzhyDrKwJug2PKk0QkobYhitObeIfX5liA7+HhU0k2
url5lNAXMkZaEsz36lyGxEIFdgHoeQhBvfEOz7Wicsz7ASJylbveC9Obq6SiQXgo
j6hJXFkPZAYcb+LjZalJAhsZnVX6WLUzfdlBwhUT/BaSUSbS5lmJ4u3mFp/TktJ2
94ZqHAuIS/HitXf/Ld8g3hN3FdsC5EHZXqfLU7olt9gb
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:40:26 2024 by rpki-client on console-ams.rpki-client.org