Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: i8Az8Yak/fIFB68YGw9EQ2H9/n51uI3toguydIHWuQc=
Subject key identifier: 67:B0:3B:62:4F:32:5E:B3:80:1D:DC:D2:50:2A:C1:CA:03:57:B5:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 655EC0840C5D9351E90487AF0E8AF12F64E9DB84
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:5e:c0:84:0c:5d:93:51:e9:04:87:af:0e:8a:f1:2f:64:e9:db:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=ebce09113b381d5b1ecd47d9cec5b5735506117dd9d05310632b50f776df0842, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:aa:d1:60:16:62:43:dd:a7:8f:4c:7f:61:ad:
bd:bd:a3:94:dd:12:ac:20:3c:7a:db:f1:ff:d3:7e:
b1:2b:28:76:d4:4f:69:5b:2d:18:c9:5b:77:df:d6:
c1:59:fe:8c:ff:07:98:86:f9:94:29:e2:9e:34:4b:
cd:00:cf:19:7c:ed:4f:fe:5b:cc:10:f5:76:8b:5b:
67:2a:44:00:d3:c2:96:8d:af:35:87:55:d4:5c:61:
2d:f7:62:42:dc:a5:c0:c7:3c:8f:2a:a6:b5:8c:52:
3d:79:4b:48:6b:d5:4b:e3:bd:77:2a:d9:88:9c:1f:
72:c9:40:5e:01:49:ce:7f:84:0c:14:93:c3:c1:24:
48:02:ef:92:9b:7a:20:60:69:d1:ef:ee:82:66:36:
58:9f:63:f9:92:48:08:6d:23:d1:e5:84:bb:7f:42:
6e:a9:26:24:d8:32:7b:0f:df:b1:19:5a:8e:5d:f8:
c3:6c:4d:43:28:8c:6f:3a:99:1d:d2:31:04:e7:96:
99:57:43:f3:e8:1c:01:3b:85:82:da:f5:f2:8e:4f:
42:d8:18:2d:35:20:ed:20:88:88:f9:25:2e:2c:21:
e0:5a:66:d7:a7:e3:8a:ea:99:77:ef:a5:0f:68:8f:
18:66:06:10:35:98:b8:0c:4a:4c:04:02:e1:21:b8:
cb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B0:3B:62:4F:32:5E:B3:80:1D:DC:D2:50:2A:C1:CA:03:57:B5:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
25:b9:d8:5c:a1:f5:82:52:97:b2:b5:7d:7d:11:c0:44:5b:6a:
b6:62:cd:0b:8d:26:c3:68:67:a1:83:12:c4:19:e7:59:f9:a7:
ac:bb:45:64:2a:48:8a:13:0c:d2:35:fb:7d:4f:c0:ba:2f:56:
70:4e:ba:72:6b:9d:2e:7f:1c:8e:7b:f5:5a:fe:2d:ac:2a:87:
03:4b:2d:3b:f8:18:5f:a5:14:4a:44:cd:02:dd:83:02:48:c0:
21:e7:f8:87:6a:0f:07:55:48:a9:4a:46:a8:7b:73:b9:5c:b4:
5d:15:3a:12:c0:37:50:29:ec:33:24:5b:5e:b9:56:83:a2:62:
c9:a1:72:f1:52:29:5a:31:82:16:b5:da:68:cd:d4:92:2a:c2:
21:b1:86:16:9a:bf:4d:82:6e:89:b9:53:24:82:de:df:2e:85:
d0:bd:a0:67:c0:58:9d:67:f6:70:2b:6b:07:2b:4c:6c:b6:32:
44:1b:25:7f:a1:39:21:31:0b:4a:dd:5a:ff:52:bb:1a:73:0d:
d8:ae:0c:fd:d4:6c:72:ff:75:b6:23:b2:a0:4b:da:2f:66:90:
52:a1:b5:20:ae:37:aa:a0:fa:b0:2e:6c:2d:e2:55:2b:2a:24:
59:19:03:55:01:b7:ca:7b:6a:51:a7:99:d4:5d:86:d2:3e:1d:
4a:b8:64:51
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZV7AhAxdk1HpBIevDorxL2Tp24QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViY2UwOTExM2IzODFkNWIxZWNkNDdkOWNlYzViNTczNTUwNjExN2RkOWQw
NTMxMDYzMmI1MGY3NzZkZjA4NDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuq0WAWYkPdp49Mf2Gtvb2jlN0SrCA8etvx/9N+sSsodtRPaVstGMlbd9/W
wVn+jP8HmIb5lCninjRLzQDPGXztT/5bzBD1dotbZypEANPClo2vNYdV1FxhLfdi
QtylwMc8jyqmtYxSPXlLSGvVS+O9dyrZiJwfcslAXgFJzn+EDBSTw8EkSALvkpt6
IGBp0e/ugmY2WJ9j+ZJICG0j0eWEu39CbqkmJNgyew/fsRlajl34w2xNQyiMbzqZ
HdIxBOeWmVdD8+gcATuFgtr18o5PQtgYLTUg7SCIiPklLiwh4Fpm16fjiuqZd++l
D2iPGGYGEDWYuAxKTAQC4SG4yyECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRnsDti
TzJes4Ad3NJQKsHKA1e1eDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAJbnYXKH1glKXsrV9fRHARFtqtmLNC40mw2hnoYMS
xBnnWfmnrLtFZCpIihMM0jX7fU/Aui9WcE66cmudLn8cjnv1Wv4trCqHA0stO/gY
X6UUSkTNAt2DAkjAIef4h2oPB1VIqUpGqHtzuVy0XRU6EsA3UCnsMyRbXrlWg6Ji
yaFy8VIpWjGCFrXaaM3UkirCIbGGFpq/TYJuiblTJILe3y6F0L2gZ8BYnWf2cCtr
BytMbLYyRBslf6E5ITELSt1a/1K7GnMN2K4M/dRscv91tiOyoEvaL2aQUqG1IK43
qqD6sC5sLeJVKyokWRkDVQG3yntqUaeZ1F2G0j4dSrhkUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org