Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
File: 1988904e-7fdf-4bdf-b594-825eb95caf68.roa (raw, json)
Hash identifier: Fj8p6lVeyiVKseB/m7BEUjsSFiwN0x/XNFp0BcmoY/0=
Subject key identifier: 3C:5F:DC:24:0B:9A:43:59:92:86:58:73:50:9A:95:DC:55:3C:18:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E4502FA8432D525836A2C089E90F2817EE9E7F2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:45:02:fa:84:32:d5:25:83:6a:2c:08:9e:90:f2:81:7e:e9:e7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=360f72b3f78d4e8137f409397dbf78fe67032b5c774dcb735b9977c439b482d7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e6:30:44:37:0f:66:91:30:1e:49:33:ed:0a:
76:ae:69:5a:7c:c1:cf:b2:07:f8:e3:f6:6b:7e:de:
f9:b3:3f:06:f2:0e:0c:cb:d5:4a:eb:26:e8:4d:7d:
1e:fc:39:bf:a8:59:18:81:4f:14:c1:ae:50:95:75:
43:41:84:21:77:29:34:43:16:f8:78:c0:60:bc:86:
3c:6f:65:c6:67:5c:ba:b0:ca:aa:39:e3:7b:d2:10:
09:ce:8d:12:9b:dc:e3:f1:e6:1a:83:d0:dd:1f:94:
d5:3e:44:e4:57:d7:fe:4c:9b:a6:b2:01:00:d5:2c:
61:68:1a:3b:f0:6c:5e:5a:ba:27:21:f5:3e:2b:12:
0d:b4:21:18:57:c9:72:31:33:cb:ef:a7:33:ff:f5:
30:57:ba:27:2d:4b:91:c5:78:b9:c7:eb:5a:ec:32:
c1:c1:12:f3:fb:ac:2d:0d:0c:93:f1:e1:b3:c4:1b:
54:9f:3e:54:33:c1:c2:29:49:b9:31:e5:ba:ce:03:
2e:f2:f8:c5:3c:de:04:96:14:8b:b5:eb:3a:34:99:
39:cf:d5:74:d3:8e:53:56:db:76:6a:87:0c:43:60:
42:10:f5:b3:82:c7:30:25:57:92:be:a2:43:26:2c:
88:37:ee:9a:3f:ac:a0:bc:3c:87:5c:ae:a2:94:db:
4b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:5F:DC:24:0B:9A:43:59:92:86:58:73:50:9A:95:DC:55:3C:18:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
39:82:db:9a:dc:9e:c6:6a:2e:3e:09:62:4d:17:43:c7:fb:c1:
ac:db:7a:4a:95:37:f4:e4:3c:8a:ba:8d:d4:23:a6:01:96:1b:
4c:28:8c:88:3c:a5:28:45:25:45:f0:85:ed:39:8f:01:43:ad:
de:d3:e0:4f:f6:ca:fa:0d:ed:e0:d3:8d:95:c8:b3:c9:0a:92:
2f:d2:16:77:bc:0f:56:49:0e:b4:9b:b5:bc:6a:c7:c5:1f:a3:
25:8e:df:09:51:7a:b7:b1:aa:dd:94:09:83:30:f5:40:9c:da:
58:30:76:40:69:1b:28:1b:6f:56:d5:9f:6d:a1:58:5b:be:6c:
01:90:67:0c:11:8a:34:00:d3:36:df:de:6b:fa:6f:5f:e8:02:
0b:8a:92:0c:7e:f2:ba:b9:6b:49:f9:73:50:f9:cb:38:dd:5c:
8f:d9:e4:bc:7a:8c:5a:e8:ae:c9:34:0c:a4:44:84:ac:af:1b:
ea:a4:73:21:7b:2d:c1:eb:70:c8:c3:62:05:97:17:46:fa:e9:
c5:42:00:1d:25:63:a3:c7:27:cc:4d:d9:b8:9d:f2:64:26:46:
87:bd:80:38:ef:4b:f2:2a:f2:a1:cc:87:48:16:78:b3:e2:71:
60:c5:a6:92:3e:b1:fa:7e:18:16:63:80:ec:2b:4b:6e:a2:a7:
55:80:4a:10
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPkUC+oQy1SWDaiwInpDygX7p5/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2MGY3MmIzZjc4ZDRlODEzN2Y0MDkzOTdkYmY3OGZlNjcwMzJiNWM3NzRk
Y2I3MzViOTk3N2M0MzliNDgyZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTmMEQ3D2aRMB5JM+0Kdq5pWnzBz7IH+OP2a37e+bM/BvIODMvVSusm6E19
Hvw5v6hZGIFPFMGuUJV1Q0GEIXcpNEMW+HjAYLyGPG9lxmdcurDKqjnje9IQCc6N
Epvc4/HmGoPQ3R+U1T5E5FfX/kybprIBANUsYWgaO/BsXlq6JyH1PisSDbQhGFfJ
cjEzy++nM//1MFe6Jy1LkcV4ucfrWuwywcES8/usLQ0Mk/Hhs8QbVJ8+VDPBwilJ
uTHlus4DLvL4xTzeBJYUi7XrOjSZOc/VdNOOU1bbdmqHDENgQhD1s4LHMCVXkr6i
QyYsiDfumj+soLw8h1yuopTbSykCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ8X9wk
C5pDWZKGWHNQmpXcVTwY8DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTk4ODkwNGUtN2ZkZi00YmRmLWI1OTQtODI1ZWI5NWNhZjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQA5gtua3J7Gai4+CWJNF0PH+8Gs23pKlTf05DyKuo3U
I6YBlhtMKIyIPKUoRSVF8IXtOY8BQ63e0+BP9sr6De3g042VyLPJCpIv0hZ3vA9W
SQ60m7W8asfFH6Mljt8JUXq3sardlAmDMPVAnNpYMHZAaRsoG29W1Z9toVhbvmwB
kGcMEYo0ANM2395r+m9f6AILipIMfvK6uWtJ+XNQ+cs43VyP2eS8eoxa6K7JNAyk
RISsrxvqpHMhey3B63DIw2IFlxdG+unFQgAdJWOjxyfMTdm4nfJkJkaHvYA470vy
KvKhzIdIFniz4nFgxaaSPrH6fhgWY4DsK0tuoqdVgEoQ
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org