Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
File: 49e55691-07d2-4a06-87d9-31acb51cef86.roa (raw, json)
Hash identifier: eiKCB4Ab46P1gyW4rpNKP6IOlRTCCCUB6CF1aAcr65s=
Subject key identifier: 05:91:7A:7A:11:5D:5F:E9:EE:FC:76:55:7E:6D:F2:D6:EC:DF:AE:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 747CE456B62C9FC9D0DCCAE1F7394414100EBAC7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:7c:e4:56:b6:2c:9f:c9:d0:dc:ca:e1:f7:39:44:14:10:0e:ba:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=30f7ff61ec05241fbbcc54c15850ad7f958cc3c5d11c4b56789f561d8f10d15c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:4b:81:ef:ba:df:e1:16:4d:37:29:de:35:
72:7a:5b:4d:fc:0e:29:b6:17:d8:10:08:7a:02:44:
9d:12:46:67:d9:9c:26:c3:69:0c:69:c7:d1:65:e7:
34:8e:45:dc:37:fa:5b:3e:d6:2f:5f:9a:3b:e5:9d:
12:15:18:ed:5b:10:d2:04:87:98:0a:37:6a:b7:5b:
36:57:32:af:bd:90:18:57:76:9b:04:a0:78:eb:d7:
08:92:82:d9:01:3d:93:07:e6:78:7b:26:eb:b1:4c:
04:51:e3:12:76:88:b6:81:9d:a2:45:e9:0b:b9:e6:
bb:60:25:ca:18:ad:a6:45:ce:e8:fa:2b:b6:ee:5b:
ea:c5:ea:9c:48:47:9e:1c:4b:3e:a5:0f:99:68:13:
54:46:9f:cd:58:38:1f:e0:83:fc:22:ae:c2:25:ea:
58:18:b8:39:b6:36:f7:62:e6:28:a6:d1:4e:e7:1f:
9c:24:b3:e2:4b:82:75:ea:de:62:00:8e:1c:cf:da:
51:a0:f7:07:95:ba:75:0e:2b:92:ff:6f:8f:12:56:
9f:73:8d:0b:5c:71:ef:de:7e:7d:1a:fe:d8:66:07:
9f:11:5b:bf:6e:1a:19:3a:4f:f9:87:f9:a9:ee:01:
97:ea:f5:fb:d4:26:10:6a:a4:c6:41:e4:c4:7f:e8:
32:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:91:7A:7A:11:5D:5F:E9:EE:FC:76:55:7E:6D:F2:D6:EC:DF:AE:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49e55691-07d2-4a06-87d9-31acb51cef86.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3b:18:0c:94:64:ea:5c:40:fa:ec:6e:e8:0b:71:42:fc:35:b1:
b9:b4:f9:d7:00:35:58:f9:ea:dd:81:57:49:64:83:05:ce:28:
5e:c4:ca:2a:ea:72:71:22:3e:7f:86:77:2f:2f:59:0c:e4:b7:
79:15:14:f6:06:f1:60:60:ec:82:9a:54:3d:c5:fa:dd:70:6b:
7e:28:71:2f:37:bd:55:a0:87:ff:2d:e7:55:7d:40:fc:dd:d9:
e3:cf:15:c4:93:fb:6b:e5:72:66:1f:6e:ad:4b:06:4a:b5:70:
74:68:70:7b:45:af:d6:a9:3d:27:d0:f8:c6:0e:f6:09:4c:fa:
24:5b:04:1b:c3:fe:52:65:d8:b9:df:1e:4e:64:cf:00:03:5b:
60:cd:20:b8:d8:38:c7:d7:ea:9f:91:15:8f:3e:ea:67:1f:6b:
48:11:e8:65:76:c0:1f:d8:22:e6:24:ac:40:c9:ab:db:1e:b6:
ce:22:c4:cf:04:41:0d:e1:91:aa:f0:8e:84:78:8d:53:c8:24:
56:84:21:30:af:97:9a:de:f7:d5:47:9d:75:6b:b4:01:2d:4c:
f8:85:45:f5:38:75:af:d7:52:f9:a3:64:2c:98:1e:d2:40:9e:
ed:cf:07:f0:35:cc:0f:12:df:a0:da:66:ec:bf:d0:8d:0d:ac:
27:79:19:aa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdHzkVrYsn8nQ3Mrh9zlEFBAOuscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZjdmZjYxZWMwNTI0MWZiYmNjNTRjMTU4NTBhZDdmOTU4Y2MzYzVkMTFj
NGI1Njc4OWY1NjFkOGYxMGQxNWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoIS4Hvut/hFk03Kd41cnpbTfwOKbYX2BAIegJEnRJGZ9mcJsNpDGnH0WXn
NI5F3Df6Wz7WL1+aO+WdEhUY7VsQ0gSHmAo3ardbNlcyr72QGFd2mwSgeOvXCJKC
2QE9kwfmeHsm67FMBFHjEnaItoGdokXpC7nmu2AlyhitpkXO6Portu5b6sXqnEhH
nhxLPqUPmWgTVEafzVg4H+CD/CKuwiXqWBi4ObY292LmKKbRTucfnCSz4kuCdere
YgCOHM/aUaD3B5W6dQ4rkv9vjxJWn3ONC1xx795+fRr+2GYHnxFbv24aGTpP+Yf5
qe4Bl+r1+9QmEGqkxkHkxH/oMrcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFkXp6
EV1f6e78dlV+bfLW7N+uCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDllNTU2OTEtMDdkMi00YTA2LTg3ZDktMzFhY2I1MWNlZjg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQA7GAyUZOpcQPrsbugLcUL8NbG5tPnXADVY+erdgVdJ
ZIMFzihexMoq6nJxIj5/hncvL1kM5Ld5FRT2BvFgYOyCmlQ9xfrdcGt+KHEvN71V
oIf/LedVfUD83dnjzxXEk/tr5XJmH26tSwZKtXB0aHB7Ra/WqT0n0PjGDvYJTPok
WwQbw/5SZdi53x5OZM8AA1tgzSC42DjH1+qfkRWPPupnH2tIEehldsAf2CLmJKxA
yavbHrbOIsTPBEEN4ZGq8I6EeI1TyCRWhCEwr5ea3vfVR511a7QBLUz4hUX1OHWv
11L5o2QsmB7SQJ7tzwfwNcwPEt+g2mbsv9CNDawneRmq
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:30 2024 by rpki-client on console-fra.rpki-client.org