Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: lZVe9JfsP21LIvu9iqOhjE2g0TZ5SuRiwzUSB2ULUCw=
Subject key identifier: F0:85:24:FF:57:F3:2C:5E:F3:39:31:EC:35:95:6B:23:36:70:6B:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59AFB9273FBF47BA0EE26854020BD5EB25761E37
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:af:b9:27:3f:bf:47:ba:0e:e2:68:54:02:0b:d5:eb:25:76:1e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=e45b4e0b3a632e677181788a5a1bafee22ea009496a3a8830ddb3e22a1959aa9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d0:90:c4:b3:90:13:bc:64:e7:48:ff:e6:3c:
47:68:e1:e5:26:22:94:da:fc:ad:27:1a:af:39:7a:
41:6c:08:e6:6b:0b:ec:6f:d2:82:79:cb:db:23:8d:
1a:e8:dd:91:b9:95:22:52:16:97:e5:0b:78:5c:c4:
95:67:86:ad:c8:5e:f2:42:a0:7e:e5:1f:b5:81:4d:
46:18:3f:f7:27:7e:58:c0:ae:2f:27:e9:ab:f2:f6:
b4:cf:5c:c7:19:e8:9d:63:e9:e9:4e:1b:ed:5a:0c:
24:f1:3f:8f:6b:2d:8c:ce:bd:45:83:6c:e0:9a:00:
01:47:66:fc:a4:91:c0:3e:60:e4:6c:92:4f:aa:8e:
40:9d:fc:56:18:42:ee:26:98:df:2c:b2:50:80:c9:
f1:64:af:6e:d9:5d:c8:43:14:60:e1:79:ba:89:b1:
de:41:fe:3e:92:53:90:b2:da:a6:d8:f6:a2:21:af:
5b:2a:9f:6b:45:99:03:eb:3a:d8:4b:71:74:f5:0c:
35:65:4e:92:48:db:d3:73:db:3f:de:cc:78:3b:e7:
f4:8c:c4:53:63:d6:2d:ad:a1:1d:c8:62:7e:c2:d7:
3d:99:9e:ed:3e:c2:ac:ee:ab:f8:50:8f:52:70:a6:
40:a2:37:2b:55:ac:f4:ed:e6:ba:62:cd:c9:26:14:
37:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:85:24:FF:57:F3:2C:5E:F3:39:31:EC:35:95:6B:23:36:70:6B:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:8f:50:86:a9:34:7b:b6:fb:63:90:19:66:3e:76:e9:08:1d:
f5:c8:a8:85:02:60:47:aa:a6:a2:6d:21:a5:be:a9:1e:d1:f0:
73:d6:d6:b6:25:55:93:7a:2c:18:31:32:4b:fd:8c:d4:9a:16:
3e:b6:59:d5:6f:06:86:08:37:6f:d0:c4:cb:9e:e1:e5:f0:63:
a9:2c:66:d6:0b:e7:be:8b:79:ef:6f:3c:7e:d0:75:5b:bf:71:
44:1e:a5:8d:ed:11:cf:e2:af:ba:c9:e2:f1:6f:45:cf:fe:f2:
d4:1b:f4:df:1b:43:cd:d9:8f:8b:02:15:0c:bd:3d:09:11:cf:
aa:7e:d3:db:59:74:70:14:40:a8:b4:c2:0a:6f:34:bf:d6:c0:
0b:29:4d:87:33:b4:a9:b9:6f:e5:23:b5:35:1e:83:b8:eb:7f:
c6:b5:53:94:39:ab:a6:a5:f3:98:38:28:fd:56:3e:92:6c:e8:
14:33:77:f6:9d:21:ef:e7:e3:e6:24:ee:5d:f8:45:42:3b:3d:
e8:87:d0:06:80:f6:a0:09:8b:66:7c:b1:29:15:d2:fd:20:41:
a2:d9:31:8d:e3:29:dc:54:80:97:fd:7e:5c:b2:38:57:ba:78:
4a:64:45:60:c1:fd:14:04:0c:be:a6:5f:5f:40:2e:c6:44:e7:
26:9f:7c:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWa+5Jz+/R7oO4mhUAgvV6yV2HjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NWI0ZTBiM2E2MzJlNjc3MTgxNzg4YTVhMWJhZmVlMjJlYTAwOTQ5NmEz
YTg4MzBkZGIzZTIyYTE5NTlhYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTQkMSzkBO8ZOdI/+Y8R2jh5SYilNr8rScarzl6QWwI5msL7G/SgnnL2yON
GujdkbmVIlIWl+ULeFzElWeGrche8kKgfuUftYFNRhg/9yd+WMCuLyfpq/L2tM9c
xxnonWPp6U4b7VoMJPE/j2stjM69RYNs4JoAAUdm/KSRwD5g5GyST6qOQJ38VhhC
7iaY3yyyUIDJ8WSvbtldyEMUYOF5uomx3kH+PpJTkLLaptj2oiGvWyqfa0WZA+s6
2EtxdPUMNWVOkkjb03PbP97MeDvn9IzEU2PWLa2hHchifsLXPZme7T7CrO6r+FCP
UnCmQKI3K1Ws9O3mumLNySYUN4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwhST/
V/MsXvM5Mew1lWsjNnBrtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQC0j1CGqTR7tvtjkBlmPnbpCB31yKiFAmBHqqaibSGl
vqke0fBz1ta2JVWTeiwYMTJL/YzUmhY+tlnVbwaGCDdv0MTLnuHl8GOpLGbWC+e+
i3nvbzx+0HVbv3FEHqWN7RHP4q+6yeLxb0XP/vLUG/TfG0PN2Y+LAhUMvT0JEc+q
ftPbWXRwFECotMIKbzS/1sALKU2HM7SpuW/lI7U1HoO463/GtVOUOaumpfOYOCj9
Vj6SbOgUM3f2nSHv5+PmJO5d+EVCOz3oh9AGgPagCYtmfLEpFdL9IEGi2TGN4ync
VICX/X5csjhXunhKZEVgwf0UBAy+pl9fQC7GROcmn3z2
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org