Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
File: 1d0fc19c-dd37-4056-b427-b389226e4122.roa (raw, json)
Hash identifier: ykkjUlrqi4uHwlXbOsA8d9hVMeycf0qJsSuXa48ZGlA=
Subject key identifier: 23:A7:B4:29:E1:FC:4E:CF:CA:1A:AD:C2:F1:EF:2B:2D:4C:05:C0:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F13599BD49CB1B09FEC65F681D5C3068422D493
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:13:59:9b:d4:9c:b1:b0:9f:ec:65:f6:81:d5:c3:06:84:22:d4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=be21f99dcc5617b24e44d9b9ff3362d984574171ef221e27369dedb0f265a4f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4a:2d:89:06:59:75:b1:b2:e4:b1:b2:8a:aa:
a6:05:82:58:24:fa:67:9f:77:30:b9:b9:eb:bc:f4:
63:c3:b8:ea:45:68:59:72:0b:55:cf:fd:89:f9:83:
df:a7:41:10:e0:8d:5d:18:de:80:a6:20:ef:57:28:
39:75:11:f2:2c:03:2b:f8:32:8a:69:ed:ab:9a:b9:
bd:07:d9:94:6c:48:77:a2:b4:11:63:bf:c0:fe:29:
60:3d:d9:f2:98:89:50:00:2e:98:4d:a0:3b:3a:3e:
c4:78:de:66:3a:85:fc:4c:bd:4a:36:2e:05:69:2c:
8a:3b:c6:8d:9a:44:24:1e:a5:76:1f:34:91:4f:f0:
9f:16:61:bf:1f:ab:59:e6:a7:ab:fc:e5:17:ff:1e:
be:50:76:e3:c4:31:7f:1e:15:10:54:c3:1b:08:3d:
eb:92:12:d3:a2:3f:02:72:e9:66:f1:b9:0c:20:cc:
59:05:2e:35:f3:63:b4:d8:54:25:d4:9f:c0:9a:73:
50:89:15:5c:d8:cb:f2:5a:90:94:60:ce:8c:95:9e:
ea:26:37:16:de:cf:50:9d:23:a1:da:d2:28:f0:ad:
bd:c6:af:58:6f:41:01:51:bf:ab:f4:6e:af:f9:fe:
5a:11:96:51:c1:f0:5c:67:2c:d4:fe:f4:1d:69:f0:
80:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A7:B4:29:E1:FC:4E:CF:CA:1A:AD:C2:F1:EF:2B:2D:4C:05:C0:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
60:48:ad:0a:c5:9c:12:b9:fe:60:00:20:3c:9a:2e:e5:47:93:
75:06:b3:db:c4:d4:df:83:38:09:38:ba:ba:c2:7f:8b:8b:3e:
67:30:c0:cb:41:d1:bc:2c:80:90:3e:05:e3:51:2d:7c:a6:f6:
d7:f4:78:d1:e1:ce:15:8d:4f:39:9e:ac:7f:3f:73:a1:9e:ea:
63:ca:91:5e:af:b5:f3:21:c3:b8:a2:7d:c3:0d:6e:01:46:02:
e5:09:31:0a:5f:59:43:ef:e7:7f:88:e4:61:df:79:1c:99:01:
5e:94:10:01:aa:bb:7c:bc:b0:de:61:bf:b6:ce:5d:95:af:10:
cc:7e:40:91:bd:74:62:81:76:be:fa:56:4e:54:cc:b0:51:0e:
1c:ea:ba:d8:9e:16:f3:7c:5a:c5:4d:c8:e1:46:3b:e5:92:9f:
c4:65:7d:05:45:01:c1:d6:1e:a8:1b:e6:fe:80:d3:2d:bc:d4:
4d:f6:7e:7e:7e:ad:e1:71:b8:d6:e6:0b:69:ce:48:f3:da:10:
80:1d:fe:ec:16:35:b1:f4:3d:11:84:5f:87:97:b3:aa:89:5e:
43:29:51:b8:76:a7:06:f5:08:e8:b3:ad:ad:37:a9:4e:86:71:
6d:60:6a:38:6b:ef:1a:48:1b:79:0f:51:c4:e6:46:4d:ae:f5:
b5:26:99:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTxNZm9ScsbCf7GX2gdXDBoQi1JMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlMjFmOTlkY2M1NjE3YjI0ZTQ0ZDliOWZmMzM2MmQ5ODQ1NzQxNzFlZjIy
MWUyNzM2OWRlZGIwZjI2NWE0ZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlKLYkGWXWxsuSxsoqqpgWCWCT6Z593MLm567z0Y8O46kVoWXILVc/9ifmD
36dBEOCNXRjegKYg71coOXUR8iwDK/gyimntq5q5vQfZlGxId6K0EWO/wP4pYD3Z
8piJUAAumE2gOzo+xHjeZjqF/Ey9SjYuBWksijvGjZpEJB6ldh80kU/wnxZhvx+r
Weanq/zlF/8evlB248Qxfx4VEFTDGwg965IS06I/AnLpZvG5DCDMWQUuNfNjtNhU
JdSfwJpzUIkVXNjL8lqQlGDOjJWe6iY3Ft7PUJ0jodrSKPCtvcavWG9BAVG/q/Ru
r/n+WhGWUcHwXGcs1P70HWnwgNUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjp7Qp
4fxOz8oarcLx7ystTAXAGTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWQwZmMxOWMtZGQzNy00MDU2LWI0MjctYjM4OTIyNmU0MTIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQBgSK0KxZwSuf5gACA8mi7lR5N1BrPbxNTfgzgJOLq6
wn+Liz5nMMDLQdG8LICQPgXjUS18pvbX9HjR4c4VjU85nqx/P3OhnupjypFer7Xz
IcO4on3DDW4BRgLlCTEKX1lD7+d/iORh33kcmQFelBABqrt8vLDeYb+2zl2VrxDM
fkCRvXRigXa++lZOVMywUQ4c6rrYnhbzfFrFTcjhRjvlkp/EZX0FRQHB1h6oG+b+
gNMtvNRN9n5+fq3hcbjW5gtpzkjz2hCAHf7sFjWx9D0RhF+Hl7OqiV5DKVG4dqcG
9Qjos62tN6lOhnFtYGo4a+8aSBt5D1HE5kZNrvW1JpnU
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org