Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
File: 20422b97-bbd3-43a5-bd9e-56380296a638.roa (raw, json)
Hash identifier: VTHQmWhIDMxZ2HfkZBL3FqneBhD7BbIYq95tY5Si/iE=
Subject key identifier: F2:AC:15:E3:EF:A5:1C:BC:9C:C1:A3:0D:50:3F:3D:AF:10:07:04:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C51F3A4131669773E370E9FED30E638CBF8F3D5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:51:f3:a4:13:16:69:77:3e:37:0e:9f:ed:30:e6:38:cb:f8:f3:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=aad487fab3b682483d1ea7054e432369d22269c07d79e3944e947b52653a0a74, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:81:69:6c:af:dd:12:bb:50:60:a1:17:79:cb:
30:68:d8:28:d3:11:fd:96:e2:a0:51:68:ca:8a:d6:
c8:46:41:d6:3e:6c:8d:49:cf:4b:0c:6b:32:57:b6:
56:fa:50:af:09:34:2b:fa:e0:c8:4d:fa:a1:af:e7:
9b:78:c9:23:a2:b5:ea:a0:af:77:ef:8b:b4:74:2e:
4d:b5:04:e8:b1:3f:fb:61:43:5e:d9:cc:a4:d7:3f:
e4:9a:30:7a:37:ce:db:6e:bb:cd:24:8e:91:5b:1c:
58:87:78:10:5a:0d:bf:6a:e3:c3:94:43:f4:e4:3e:
71:2c:fa:90:fa:73:9e:01:25:3a:ff:78:8f:6b:fc:
c9:6d:8d:92:e7:c3:95:5e:7f:dc:5d:e2:96:31:b4:
b3:9c:4f:af:6b:c8:69:26:df:f3:27:3c:0d:20:9c:
fc:82:40:99:06:54:52:39:4e:ab:37:d2:30:ae:b5:
f3:70:ba:b4:b6:5d:8e:e9:93:ae:12:10:3e:fa:c3:
37:10:7d:2f:7b:1d:f6:1c:01:c9:52:6b:59:a1:a4:
55:32:00:ee:c8:c4:31:39:43:bd:f4:ea:e7:89:85:
dd:24:72:ac:87:7f:09:2f:65:47:5e:18:6d:58:44:
e0:46:e9:cb:f7:82:7c:d3:70:10:c9:99:7a:3a:5b:
c7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AC:15:E3:EF:A5:1C:BC:9C:C1:A3:0D:50:3F:3D:AF:10:07:04:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20422b97-bbd3-43a5-bd9e-56380296a638.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a1:80:65:ef:d6:a6:0e:6d:d4:c1:a8:8e:4c:6c:28:ce:df:a2:
a0:84:91:4f:ab:03:5b:49:69:ba:16:34:af:40:d9:4b:7f:92:
c3:bf:2d:c6:b2:e3:0e:6e:6a:2a:87:bf:2b:1b:ae:b3:48:df:
77:75:7e:77:ca:e5:26:ec:d0:a1:21:67:f5:da:4b:10:4f:ec:
b3:6f:91:96:a8:fb:16:ae:bc:d9:f5:60:00:89:2a:a2:a3:d6:
d6:1a:34:e9:5d:0c:a9:70:dc:0c:72:ef:52:33:2a:d6:7c:26:
f4:d7:05:59:94:bc:e0:50:1a:db:b4:72:d0:27:1c:42:62:ba:
a1:3b:d6:09:75:a9:dc:8b:56:37:46:d6:fa:24:b9:66:6b:09:
97:3e:b9:cf:24:68:4f:0a:e0:7b:5e:39:eb:e2:73:0f:d5:e1:
ba:62:c8:13:df:1a:9b:46:2e:65:ed:1a:a6:86:2f:5a:91:6c:
64:8e:06:99:01:1e:47:f9:cf:9a:af:03:e7:95:3e:f1:cd:17:
5f:fd:fa:90:f6:04:df:dc:c2:60:93:65:8e:73:55:8e:7e:81:
7f:fb:24:be:1c:10:2a:a8:1f:1b:1e:86:41:36:04:b9:3b:cf:
5a:c5:57:ec:41:4b:50:aa:5e:4a:a9:42:1d:4e:34:3f:0b:73:
2c:cb:4e:72
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDFHzpBMWaXc+Nw6f7TDmOMv489UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhZDQ4N2ZhYjNiNjgyNDgzZDFlYTcwNTRlNDMyMzY5ZDIyMjY5YzA3ZDc5
ZTM5NDRlOTQ3YjUyNjUzYTBhNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmBaWyv3RK7UGChF3nLMGjYKNMR/ZbioFFoyorWyEZB1j5sjUnPSwxrMle2
VvpQrwk0K/rgyE36oa/nm3jJI6K16qCvd++LtHQuTbUE6LE/+2FDXtnMpNc/5Jow
ejfO2267zSSOkVscWId4EFoNv2rjw5RD9OQ+cSz6kPpzngElOv94j2v8yW2NkufD
lV5/3F3iljG0s5xPr2vIaSbf8yc8DSCc/IJAmQZUUjlOqzfSMK6183C6tLZdjumT
rhIQPvrDNxB9L3sd9hwByVJrWaGkVTIA7sjEMTlDvfTq54mF3SRyrId/CS9lR14Y
bVhE4Ebpy/eCfNNwEMmZejpbx3cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTyrBXj
76UcvJzBow1QPz2vEAcEhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA0MjJiOTctYmJkMy00M2E1LWJkOWUtNTYzODAyOTZhNjM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQChgGXv1qYObdTBqI5MbCjO36KghJFPqwNbSWm6FjSv
QNlLf5LDvy3GsuMObmoqh78rG66zSN93dX53yuUm7NChIWf12ksQT+yzb5GWqPsW
rrzZ9WAAiSqio9bWGjTpXQypcNwMcu9SMyrWfCb01wVZlLzgUBrbtHLQJxxCYrqh
O9YJdanci1Y3Rtb6JLlmawmXPrnPJGhPCuB7Xjnr4nMP1eG6YsgT3xqbRi5l7Rqm
hi9akWxkjgaZAR5H+c+arwPnlT7xzRdf/fqQ9gTf3MJgk2WOc1WOfoF/+yS+HBAq
qB8bHoZBNgS5O89axVfsQUtQql5KqUIdTjQ/C3Msy05y
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:30 2024 by rpki-client on console-fra.rpki-client.org