Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
File: 5e32ec83-e02b-4454-b463-f3fd39e9df64.roa (raw, json)
Hash identifier: i5EmUjisXfDu6b8ydHAu7bJNdH2hBXLY3WIgPGXJ9sE=
Subject key identifier: B8:F7:BF:93:87:6F:97:0A:9B:58:7B:26:E4:65:CA:26:47:2F:C5:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12B0BF672702FF219B22EAEE0151E91D79896B13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:b0:bf:67:27:02:ff:21:9b:22:ea:ee:01:51:e9:1d:79:89:6b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=efae52424da67fdbcdbc37ff83d8cc49f05d1356a67c97305075c9fdbc70cdf3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:04:4d:0e:42:c3:2d:56:2c:fa:ee:16:f0:df:
85:9c:4b:15:ba:13:cc:bb:c8:f1:c8:24:04:19:24:
95:44:18:dd:32:14:aa:1b:e1:6a:06:d3:d8:7e:cd:
88:b5:c5:db:c0:2b:0d:e0:fe:d9:d9:c8:53:d4:81:
d8:7e:ad:c5:2c:cc:c7:8a:b0:af:33:f9:1b:f2:18:
5e:b0:ec:ad:13:67:fb:16:58:81:07:8f:e1:2b:2a:
74:49:77:0f:0d:b5:6a:45:cc:4e:db:82:08:84:76:
a9:89:75:fc:b4:aa:8e:3d:7b:b4:c5:70:c1:7f:45:
98:35:44:58:31:ff:33:81:70:db:fa:eb:ca:62:ac:
2b:28:5d:bb:3f:eb:c1:f1:ab:c4:16:f7:91:b5:94:
c2:ee:18:a2:42:57:94:8d:80:c8:e2:8c:85:0b:25:
6a:4a:08:ff:26:ab:6a:f0:d1:3e:e0:ba:5a:60:53:
d3:30:19:53:ae:e2:9d:c7:1b:ae:eb:c0:fe:1e:e2:
5e:4c:0c:37:ea:ff:66:67:6b:40:9f:12:ca:c6:02:
45:e1:43:16:c8:18:ca:6f:13:c2:1b:be:36:85:0e:
36:50:4c:1c:be:d7:81:23:60:5f:48:23:5f:61:ff:
2f:4c:b3:b4:40:de:2f:63:0f:60:52:a9:40:b6:69:
02:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F7:BF:93:87:6F:97:0A:9B:58:7B:26:E4:65:CA:26:47:2F:C5:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
78:93:7d:5e:95:8a:08:01:db:cb:34:4f:7c:9c:44:4f:39:ee:
4b:4a:24:26:cb:6e:09:44:bf:f8:f2:84:3e:a6:b2:e9:35:8b:
22:fa:b3:04:74:40:a6:ca:93:e8:3a:bd:19:ea:1e:04:b5:3d:
05:b7:4b:f1:26:56:f1:e5:f5:0e:03:a9:6c:eb:44:b3:f1:36:
ea:b8:ab:2d:18:ef:54:ca:ef:73:2f:2a:cb:dc:5c:aa:1a:8f:
cf:8c:7b:56:13:2e:5e:b7:e7:37:34:45:1d:73:e8:31:2a:81:
1f:18:2d:ae:d4:a7:d1:b0:44:8d:6e:9b:5c:44:0a:7e:62:2f:
bd:1c:f7:3d:a6:38:3c:25:54:8b:c2:db:91:8b:63:b3:8d:a5:
5b:fc:8d:b5:e3:b7:88:5c:73:00:38:dc:07:65:1b:43:34:07:
22:48:8e:cc:6b:d0:11:ef:4f:25:11:4b:0b:33:c8:14:73:44:
a3:04:24:82:e4:4b:fd:ff:20:8f:6d:4b:ad:a0:dc:78:28:eb:
80:cb:fd:96:2c:36:b5:3d:e2:dd:fb:ba:30:49:4c:5f:31:ff:
f0:7b:64:37:a7:66:fa:12:9b:c2:8e:56:3e:1c:a8:04:c1:4d:
58:94:32:e8:ac:17:9a:85:46:0c:00:ac:88:3e:c2:23:52:ca:
74:f5:11:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUErC/ZycC/yGbIuruAVHpHXmJaxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmYWU1MjQyNGRhNjdmZGJjZGJjMzdmZjgzZDhjYzQ5ZjA1ZDEzNTZhNjdj
OTczMDUwNzVjOWZkYmM3MGNkZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsETQ5Cwy1WLPruFvDfhZxLFboTzLvI8cgkBBkklUQY3TIUqhvhagbT2H7N
iLXF28ArDeD+2dnIU9SB2H6txSzMx4qwrzP5G/IYXrDsrRNn+xZYgQeP4SsqdEl3
Dw21akXMTtuCCIR2qYl1/LSqjj17tMVwwX9FmDVEWDH/M4Fw2/rrymKsKyhduz/r
wfGrxBb3kbWUwu4YokJXlI2AyOKMhQslakoI/yaravDRPuC6WmBT0zAZU67inccb
ruvA/h7iXkwMN+r/ZmdrQJ8SysYCReFDFsgYym8Twhu+NoUONlBMHL7XgSNgX0gj
X2H/L0yztEDeL2MPYFKpQLZpAhMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS497+T
h2+XCptYeybkZcomRy/FoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWUzMmVjODMtZTAyYi00NDU0LWI0NjMtZjNmZDM5ZTlkZjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQB4k31elYoIAdvLNE98nERPOe5LSiQmy24JRL/48oQ+
prLpNYsi+rMEdECmypPoOr0Z6h4EtT0Ft0vxJlbx5fUOA6ls60Sz8TbquKstGO9U
yu9zLyrL3FyqGo/PjHtWEy5et+c3NEUdc+gxKoEfGC2u1KfRsESNbptcRAp+Yi+9
HPc9pjg8JVSLwtuRi2OzjaVb/I2147eIXHMAONwHZRtDNAciSI7Ma9AR708lEUsL
M8gUc0SjBCSC5Ev9/yCPbUutoNx4KOuAy/2WLDa1PeLd+7owSUxfMf/we2Q3p2b6
EpvCjlY+HKgEwU1YlDLorBeahUYMAKyIPsIjUsp09RGD
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org