Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa
File: 4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa (raw, json)
Hash identifier: fLvADyPYpyweFrMoMtshJ0djm7/KdcwWFpdB5jjulCA=
Subject key identifier: 36:6D:8B:FF:07:35:58:DE:18:57:9C:A4:1A:EF:30:25:6C:E4:4A:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07698F6D0C98EF43A777C2263196926AEBDCE1CB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:69:8f:6d:0c:98:ef:43:a7:77:c2:26:31:96:92:6a:eb:dc:e1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=cdcfc8d9fabd8e0265262c6d8f06f22d51761ad8adf7beecaa892e02880d37dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:88:16:ca:0f:24:12:ca:28:19:63:17:7f:
f8:58:fc:69:ce:f1:96:d6:35:ce:ed:67:ab:1d:66:
b4:20:2b:3b:2d:86:13:22:7f:c4:64:b0:f0:4c:2c:
6d:73:a8:5f:11:9b:17:23:a3:38:12:e0:c5:dd:84:
a4:a7:e6:fa:54:bc:96:fb:2a:97:d9:78:e9:33:1f:
a9:6f:d0:7a:ac:c8:95:49:c6:73:ac:5e:9b:76:19:
2b:a1:17:79:90:c3:33:7f:e9:f4:7a:7a:bf:eb:f1:
47:eb:95:85:98:bf:ad:31:62:de:ab:52:67:fe:0a:
cd:b8:a3:8d:ed:b2:05:d5:eb:02:dd:8f:26:92:2f:
c1:e5:df:a4:c0:81:29:ae:4c:14:16:18:71:f7:44:
5d:00:fc:75:8f:65:1b:21:8d:a5:63:79:ed:7f:46:
15:10:ce:54:9b:ac:3d:99:3f:14:92:0c:ca:06:c7:
f9:ce:ef:cd:e0:58:0d:09:ce:79:f3:2f:d3:1a:77:
d4:49:04:b9:84:46:19:b3:8c:a1:1d:fc:f2:3e:ba:
35:cc:d9:62:8b:d4:14:f8:d7:93:b3:47:a1:84:bf:
6d:13:f3:8c:0a:4b:ed:5b:bf:7d:fc:ae:ea:2e:33:
5b:cc:64:15:d9:b8:87:33:51:ec:15:4a:82:2e:8b:
dc:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6D:8B:FF:07:35:58:DE:18:57:9C:A4:1A:EF:30:25:6C:E4:4A:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4aa77dd3-124e-4b95-8bd3-8fd6e186613e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:be:6c:e4:d7:6e:4a:37:99:78:0b:5e:3c:4d:41:4d:16:f6:
a2:fb:52:8a:52:72:b6:35:04:b1:f0:89:36:6f:1d:a1:c0:a6:
44:17:8b:6c:60:7e:fb:2d:86:2c:b1:a8:9d:c8:a1:8e:6c:cb:
8c:41:a8:a4:87:73:cd:9c:dc:30:70:8e:f3:e0:36:ca:9b:24:
02:8f:16:ee:86:de:ef:22:80:94:77:7a:b7:69:9a:db:21:ed:
3e:24:5f:24:14:5d:26:fa:a1:4c:b2:e2:6e:10:52:00:4a:f1:
f6:de:36:e4:2e:53:9d:1f:3e:82:21:c0:d1:20:10:d7:08:9e:
c7:50:37:2e:cb:c6:ea:2a:b3:05:b4:bd:6a:e1:18:d1:fa:d7:
5d:9d:ae:35:5a:b9:46:1e:cf:ac:39:b9:3b:54:b4:90:07:6e:
c7:28:2a:3d:79:b3:56:3a:e3:0f:7d:5f:99:15:6e:9f:2e:59:
4b:ba:d0:5b:6e:db:69:d0:7c:6f:86:9f:38:8f:96:08:a9:05:
4f:20:a2:14:f5:7b:15:75:bc:c2:d0:9a:5d:af:ac:ca:ef:87:
00:ee:02:a6:68:dd:af:46:cf:72:b5:15:c5:76:74:0d:b4:28:
7d:04:51:ac:d3:32:49:36:ee:64:ed:7d:a6:76:4f:74:39:46:
ab:82:8d:24
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB2mPbQyY70Ond8ImMZaSauvc4cswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkY2ZjOGQ5ZmFiZDhlMDI2NTI2MmM2ZDhmMDZmMjJkNTE3NjFhZDhhZGY3
YmVlY2FhODkyZTAyODgwZDM3ZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlqiBbKDyQSyigZYxd/+Fj8ac7xltY1zu1nqx1mtCArOy2GEyJ/xGSw8Ews
bXOoXxGbFyOjOBLgxd2EpKfm+lS8lvsql9l46TMfqW/QeqzIlUnGc6xem3YZK6EX
eZDDM3/p9Hp6v+vxR+uVhZi/rTFi3qtSZ/4Kzbijje2yBdXrAt2PJpIvweXfpMCB
Ka5MFBYYcfdEXQD8dY9lGyGNpWN57X9GFRDOVJusPZk/FJIMygbH+c7vzeBYDQnO
efMv0xp31EkEuYRGGbOMoR388j66NczZYovUFPjXk7NHoYS/bRPzjApL7Vu/ffyu
6i4zW8xkFdm4hzNR7BVKgi6L3M8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2bYv/
BzVY3hhXnKQa7zAlbORKtzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGFhNzdkZDMtMTI0ZS00Yjk1LThiZDMtOGZkNmUxODY2MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCPvmzk125KN5l4C148TUFNFvai+1KKUnK2NQSx8Ik2
bx2hwKZEF4tsYH77LYYssaidyKGObMuMQaikh3PNnNwwcI7z4DbKmyQCjxbuht7v
IoCUd3q3aZrbIe0+JF8kFF0m+qFMsuJuEFIASvH23jbkLlOdHz6CIcDRIBDXCJ7H
UDcuy8bqKrMFtL1q4RjR+tddna41WrlGHs+sObk7VLSQB27HKCo9ebNWOuMPfV+Z
FW6fLllLutBbbttp0Hxvhp84j5YIqQVPIKIU9XsVdbzC0Jpdr6zK74cA7gKmaN2v
Rs9ytRXFdnQNtCh9BFGs0zJJNu5k7X2mdk90OUargo0k
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:25 2024 by rpki-client on console-fra.rpki-client.org