Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
File: 4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa (raw, json)
Hash identifier: gS1n1p3frG3QAfEX+LTbh1wWn1whyQUWYegSWRTMYxw=
Subject key identifier: 17:8B:E6:89:8F:08:09:6A:59:BD:42:DE:54:96:B2:80:24:1E:07:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4109B9193F4A86096FA4705C5CBEBA860BCE8FCA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
Signing time: Mon 08 Apr 2024 00:00:00 +0000
ROA not before: Mon 08 Apr 2024 00:00:00 +0000
ROA not after: Mon 13 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:09:b9:19:3f:4a:86:09:6f:a4:70:5c:5c:be:ba:86:0b:ce:8f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 8 00:00:00 2024 GMT
Not After : May 13 23:59:59 2024 GMT
Subject: serialNumber=ad1d52aa93298f7b0b788c25184ba67d0d98ab438d044c677b3457e6c82fd9a3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fd:56:05:09:87:c3:c5:12:85:1e:4f:68:dc:
3f:23:e2:cc:29:84:1c:77:5f:93:45:33:1f:01:ca:
0e:0b:ef:c5:de:f3:78:89:f4:91:87:5a:6e:56:3c:
8c:75:c4:14:9c:ca:b6:c5:de:b9:12:6f:1e:54:51:
05:c5:27:e2:63:0c:1b:eb:f9:7d:d2:1a:8e:a1:2e:
65:32:8f:bb:c9:fe:52:6f:d8:55:e9:8b:c4:28:3a:
a2:fe:c0:51:02:b1:59:b0:05:7e:21:b3:cf:98:c8:
08:ed:4f:86:89:43:33:8c:0e:94:cd:3e:6b:e1:52:
fa:10:fe:a7:b2:66:8a:77:f2:76:66:c7:59:e0:f3:
9c:d3:31:83:ae:8e:9c:6e:27:75:9d:67:3d:8e:ee:
27:ca:81:c0:49:87:29:64:e6:2b:9f:12:11:e4:15:
3a:f4:77:b5:04:05:8f:ba:91:7f:8a:c3:44:ec:33:
df:69:41:ca:90:f4:b7:9c:ac:f5:80:04:5a:5c:ea:
34:c6:c2:c1:45:6e:b0:81:bd:c6:e4:99:db:b3:68:
a5:11:cf:20:4f:66:17:b9:fa:f8:29:ad:6f:fd:77:
d7:90:19:0f:26:47:14:75:2d:ea:ad:1a:bf:35:3e:
70:64:e1:1a:e3:3d:d9:49:50:fd:cd:2c:da:5b:b7:
8b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8B:E6:89:8F:08:09:6A:59:BD:42:DE:54:96:B2:80:24:1E:07:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4b2b90db-b1ce-4ba9-a8bb-174923f556ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:e3:08:d6:ea:41:5a:6a:d9:bd:2c:ba:22:18:6b:ab:42:dc:
d9:99:2c:32:39:1c:db:8e:6a:a2:d4:46:5d:bb:c9:c6:59:08:
da:a1:de:10:15:4d:1b:2f:32:64:ad:94:cd:63:f6:8e:24:0b:
57:a4:8c:7f:2d:55:c2:3d:6c:7c:35:1f:0c:1b:ad:1a:87:73:
3a:77:79:2b:85:57:0b:31:6c:91:30:d4:32:cc:08:5c:7f:24:
06:bf:85:cf:c9:d7:ae:b9:83:99:01:6b:49:8c:d4:c4:b2:e3:
f6:45:39:81:88:ec:e0:4c:7b:ca:03:c2:55:e0:e7:d2:7f:6d:
9e:65:48:24:9f:7e:e7:21:71:39:f1:5e:8f:d9:d5:3f:05:91:
80:23:ad:ff:38:92:8b:90:b5:f4:c8:b4:40:98:be:a9:f8:cd:
63:c0:0e:c4:39:96:36:e7:c4:a7:f7:34:77:a0:df:e2:b4:af:
f6:bf:48:36:3b:cc:fd:78:26:8e:d5:b7:1f:c4:77:32:6a:24:
57:bc:5d:a4:11:f9:25:11:06:4a:34:1c:02:74:5d:28:60:df:
e0:e2:cb:4e:48:0f:c5:88:f7:10:25:b3:6c:ef:67:d5:af:65:
14:4c:a6:3d:6a:0c:90:71:bc:a9:13:c6:98:a6:e2:aa:7d:11:
5c:b3:c6:bc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQQm5GT9KhglvpHBcXL66hgvOj8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDgwMDAwMDBaFw0yNDA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkMWQ1MmFhOTMyOThmN2IwYjc4OGMyNTE4NGJhNjdkMGQ5OGFiNDM4ZDA0
NGM2NzdiMzQ1N2U2YzgyZmQ5YTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJP9VgUJh8PFEoUeT2jcPyPizCmEHHdfk0UzHwHKDgvvxd7zeIn0kYdablY8
jHXEFJzKtsXeuRJvHlRRBcUn4mMMG+v5fdIajqEuZTKPu8n+Um/YVemLxCg6ov7A
UQKxWbAFfiGzz5jICO1PholDM4wOlM0+a+FS+hD+p7JminfydmbHWeDznNMxg66O
nG4ndZ1nPY7uJ8qBwEmHKWTmK58SEeQVOvR3tQQFj7qRf4rDROwz32lBypD0t5ys
9YAEWlzqNMbCwUVusIG9xuSZ27NopRHPIE9mF7n6+Cmtb/1315AZDyZHFHUt6q0a
vzU+cGThGuM92UlQ/c0s2lu3i5kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXi+aJ
jwgJalm9Qt5UlrKAJB4HfzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGIyYjkwZGItYjFjZS00YmE5LWE4YmItMTc0OTIzZjU1NmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBc4wjW6kFaatm9LLoiGGurQtzZmSwyORzbjmqi1EZd
u8nGWQjaod4QFU0bLzJkrZTNY/aOJAtXpIx/LVXCPWx8NR8MG60ah3M6d3krhVcL
MWyRMNQyzAhcfyQGv4XPydeuuYOZAWtJjNTEsuP2RTmBiOzgTHvKA8JV4OfSf22e
ZUgkn37nIXE58V6P2dU/BZGAI63/OJKLkLX0yLRAmL6p+M1jwA7EOZY258Sn9zR3
oN/itK/2v0g2O8z9eCaO1bcfxHcyaiRXvF2kEfklEQZKNBwCdF0oYN/g4stOSA/F
iPcQJbNs72fVr2UUTKY9agyQcbypE8aYpuKqfRFcs8a8
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:02:49 2024 by rpki-client on console-fra.rpki-client.org