Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: +inBt31qjAS2zIhHcYhcFD3qjay4LJZOWAwGVtjH3Mc=
Subject key identifier: 7E:79:EC:66:73:83:3C:93:BC:AC:83:4A:46:52:4E:21:DA:F3:93:31
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5011A80E3018CDD289E26995806C8319407F933B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:11:a8:0e:30:18:cd:d2:89:e2:69:95:80:6c:83:19:40:7f:93:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=93e03fe46105fcdc0b2134f2b3cd4b3010b6cb4b71003e20b7f7aa29563539cd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bc:55:5e:a8:17:3e:ef:e2:aa:0e:03:03:e4:
12:79:f8:03:62:de:36:06:c3:d6:63:42:80:07:4c:
be:95:68:24:b0:d8:a7:e8:9c:e7:7f:21:a2:b7:b1:
fb:09:be:a3:07:0f:f9:a6:6c:8b:d5:92:a3:70:35:
0a:46:2f:a8:49:43:83:59:e3:bd:d6:df:6c:af:51:
27:f5:25:da:4c:5d:91:3f:b2:91:99:83:5a:c5:f2:
bd:d1:0a:53:36:2e:d4:7f:22:69:96:dd:0f:08:4a:
d4:f2:2d:2a:97:51:4d:97:3f:b2:61:0b:7f:cf:2f:
f3:d3:d4:ef:34:03:4d:75:96:ca:2e:ba:16:75:28:
6e:1e:c4:d3:1c:f7:d1:b6:f3:79:72:5a:bd:48:7c:
be:21:cb:16:c9:47:e0:a6:29:6c:8c:47:84:19:62:
c4:f4:25:4e:7b:de:4a:2b:3a:58:89:d8:c9:05:40:
b8:9c:34:3e:0a:38:6b:c2:59:37:eb:ad:ef:b7:f6:
f3:71:81:90:4c:70:35:98:fd:68:2b:08:a4:97:d9:
0a:c8:11:e8:b6:b7:1c:4b:a5:c1:2f:8f:14:66:f6:
88:f9:6b:5a:2d:2e:b6:f7:8d:11:23:a9:19:d7:b4:
7e:e6:2b:ae:82:62:e7:ec:fe:de:8b:01:46:6a:c8:
0f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:79:EC:66:73:83:3C:93:BC:AC:83:4A:46:52:4E:21:DA:F3:93:31
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
47:f6:89:0a:43:3a:db:15:f3:8e:79:fc:57:9c:26:31:bd:1f:
bd:64:e7:4a:83:3f:39:33:87:fb:3a:f3:2c:2d:ce:a8:af:b1:
23:33:f2:b3:fb:96:21:10:f2:48:db:86:22:fd:c5:d9:31:7d:
14:6d:9f:f8:f2:a3:06:f4:c5:63:49:36:8e:34:21:8b:ae:3a:
a7:58:56:4f:36:74:69:95:0b:18:83:7d:51:1d:22:90:25:87:
19:05:a3:94:66:02:0d:57:5c:9c:cc:fd:a4:32:0e:5d:71:74:
07:78:d2:2f:ed:a5:c2:d0:f2:43:a9:da:c3:a5:87:4d:01:ad:
22:0a:ba:43:2d:38:52:38:31:44:ac:5c:9a:bf:34:b9:10:24:
ac:91:2a:1f:9f:1e:b7:1c:df:d9:5f:54:32:0d:f4:80:59:96:
76:76:c4:f4:c9:17:a3:06:14:05:ba:42:b6:3c:68:c3:77:67:
86:5e:22:1c:dc:bc:fc:f2:90:b8:68:65:2d:b8:be:7a:16:51:
1a:ca:18:78:f4:d8:00:78:cb:e4:52:74:d0:eb:a6:eb:06:c8:
6b:75:25:43:f6:79:cd:f0:56:88:0f:9d:65:86:52:52:1b:d9:
7a:e7:82:37:fd:10:01:73:07:dc:fb:be:55:1c:4b:0d:4f:f8:
db:ad:a0:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUBGoDjAYzdKJ4mmVgGyDGUB/kzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzZTAzZmU0NjEwNWZjZGMwYjIxMzRmMmIzY2Q0YjMwMTBiNmNiNGI3MTAw
M2UyMGI3ZjdhYTI5NTYzNTM5Y2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALq8VV6oFz7v4qoOAwPkEnn4A2LeNgbD1mNCgAdMvpVoJLDYp+ic538horex
+wm+owcP+aZsi9WSo3A1CkYvqElDg1njvdbfbK9RJ/Ul2kxdkT+ykZmDWsXyvdEK
UzYu1H8iaZbdDwhK1PItKpdRTZc/smELf88v89PU7zQDTXWWyi66FnUobh7E0xz3
0bbzeXJavUh8viHLFslH4KYpbIxHhBlixPQlTnveSis6WInYyQVAuJw0Pgo4a8JZ
N+ut77f283GBkExwNZj9aCsIpJfZCsgR6La3HEulwS+PFGb2iPlrWi0utveNESOp
Gde0fuYrroJi5+z+3osBRmrID8sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR+eexm
c4M8k7ysg0pGUk4h2vOTMTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQBH9okKQzrbFfOOefxXnCYxvR+9ZOdKgz85M4f7OvMs
Lc6or7EjM/Kz+5YhEPJI24Yi/cXZMX0UbZ/48qMG9MVjSTaONCGLrjqnWFZPNnRp
lQsYg31RHSKQJYcZBaOUZgINV1yczP2kMg5dcXQHeNIv7aXC0PJDqdrDpYdNAa0i
CrpDLThSODFErFyavzS5ECSskSofnx63HN/ZX1QyDfSAWZZ2dsT0yRejBhQFukK2
PGjDd2eGXiIc3Lz88pC4aGUtuL56FlEayhh49NgAeMvkUnTQ66brBshrdSVD9nnN
8FaID51lhlJSG9l654I3/RABcwfc+75VHEsNT/jbraAL
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org