Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
File: 19ed8e91-54d7-4564-8b59-b6260df59d4d.roa (raw, json)
Hash identifier: kGYZ69se4X5wg4Fd+zekv6uSTwqsGeiCuVahgx/LWO4=
Subject key identifier: 78:C8:9B:7D:08:6E:71:26:CF:D8:7A:DF:E9:6C:3D:1A:91:BD:54:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1BBFC3C4E230AC5E5080F8CBCDAA05B2A64002C4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:bf:c3:c4:e2:30:ac:5e:50:80:f8:cb:cd:aa:05:b2:a6:40:02:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=23e7b75bae742dc65b829d235116c01dcfde98474aabf8273003ef47f8118b5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0a:c9:99:a3:e9:50:cc:92:d7:ae:e2:70:e9:
cd:1f:59:79:8e:1c:35:68:5b:8c:b3:5f:5e:1f:f0:
e2:b2:ce:f1:cb:a6:f0:66:fb:8b:a1:a6:94:a3:b2:
29:97:1d:12:50:c2:9a:3a:68:36:88:26:d0:56:7f:
ff:e6:bb:f8:3c:ed:d6:3f:89:a1:cc:1a:d8:9f:ac:
e1:86:63:91:ab:78:a2:e5:1d:ff:e4:01:d8:a4:e3:
15:15:79:bd:c4:c5:ce:8e:ef:9d:b7:4b:8e:21:12:
94:21:ce:51:12:a1:ad:d6:c4:db:35:70:d7:08:7a:
39:f9:08:b5:61:81:73:67:b6:5e:bb:2a:bc:9c:2e:
9d:51:e7:4f:03:62:d1:2e:de:b3:dd:91:ca:d5:78:
01:c8:3a:b8:34:ca:69:ed:62:51:ff:d4:47:28:86:
6f:41:32:fb:d3:ed:fb:8f:56:5a:8b:3a:06:2f:5d:
dc:d9:06:53:51:78:2e:5f:8a:65:66:82:19:75:68:
ca:76:62:08:1b:72:8d:fb:3c:f7:cb:22:d6:e2:23:
1b:dd:2b:19:6c:21:90:eb:8d:27:15:9e:b8:cf:93:
f9:47:5f:d9:ce:e4:bb:ec:3e:89:bc:8a:59:ab:15:
09:7e:a0:dd:98:2d:a6:04:fd:3f:64:c6:6f:e2:98:
ff:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C8:9B:7D:08:6E:71:26:CF:D8:7A:DF:E9:6C:3D:1A:91:BD:54:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
25:43:ad:f6:2d:c4:3c:14:cf:17:03:f8:54:1f:f5:19:f5:9a:
59:56:ac:09:9c:fa:46:eb:f7:ae:87:94:a9:7c:f3:97:21:a8:
79:f4:28:e0:fb:80:d6:09:00:83:0a:60:12:87:c1:f6:c9:07:
db:7b:1b:e3:67:a5:4d:d9:3b:65:04:15:f9:38:72:1d:b9:53:
44:b7:46:ae:63:c1:ad:34:29:0b:52:1c:7f:b8:c8:48:f5:7d:
cf:7f:fb:dd:06:05:bd:fa:09:53:2b:0f:c2:59:9b:0c:3a:a0:
80:a9:8d:de:54:95:40:46:ab:92:23:1e:80:9a:cb:d9:93:ed:
32:6b:53:cf:1d:c1:fe:c9:6a:ef:c2:20:3f:18:f4:ed:03:24:
eb:24:85:68:7a:48:a3:6c:10:1e:38:f2:39:82:87:87:28:b5:
60:d1:6c:55:75:21:1f:6c:5c:65:c7:68:3b:c3:6c:77:d2:9b:
b7:d0:91:01:d2:67:51:f5:64:d9:df:10:1a:b2:32:e2:92:03:
ef:d3:17:25:07:cb:89:ff:7a:c1:f4:b6:7c:f2:72:65:c5:3f:
5c:a7:88:35:a8:45:cd:5d:fe:fc:34:c9:e0:42:d5:77:08:9e:
dc:c9:70:0d:01:75:31:16:9b:18:74:cb:36:46:2c:7f:5f:b2:
c0:48:d3:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG7/DxOIwrF5QgPjLzaoFsqZAAsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzZTdiNzViYWU3NDJkYzY1YjgyOWQyMzUxMTZjMDFkY2ZkZTk4NDc0YWFi
ZjgyNzMwMDNlZjQ3ZjgxMThiNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMKyZmj6VDMkteu4nDpzR9ZeY4cNWhbjLNfXh/w4rLO8cum8Gb7i6GmlKOy
KZcdElDCmjpoNogm0FZ//+a7+Dzt1j+Jocwa2J+s4YZjkat4ouUd/+QB2KTjFRV5
vcTFzo7vnbdLjiESlCHOURKhrdbE2zVw1wh6OfkItWGBc2e2XrsqvJwunVHnTwNi
0S7es92RytV4Acg6uDTKae1iUf/URyiGb0Ey+9Pt+49WWos6Bi9d3NkGU1F4Ll+K
ZWaCGXVoynZiCBtyjfs898si1uIjG90rGWwhkOuNJxWeuM+T+Udf2c7ku+w+ibyK
WasVCX6g3ZgtpgT9P2TGb+KY/8UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4yJt9
CG5xJs/Yet/pbD0akb1UhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTllZDhlOTEtNTRkNy00NTY0LThiNTktYjYyNjBkZjU5ZDRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQAlQ632LcQ8FM8XA/hUH/UZ9ZpZVqwJnPpG6/euh5Sp
fPOXIah59Cjg+4DWCQCDCmASh8H2yQfbexvjZ6VN2TtlBBX5OHIduVNEt0auY8Gt
NCkLUhx/uMhI9X3Pf/vdBgW9+glTKw/CWZsMOqCAqY3eVJVARquSIx6AmsvZk+0y
a1PPHcH+yWrvwiA/GPTtAyTrJIVoekijbBAeOPI5goeHKLVg0WxVdSEfbFxlx2g7
w2x30pu30JEB0mdR9WTZ3xAasjLikgPv0xclB8uJ/3rB9LZ88nJlxT9cp4g1qEXN
Xf78NMngQtV3CJ7cyXANAXUxFpsYdMs2Rix/X7LASNMH
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:25 2024 by rpki-client on console-fra.rpki-client.org