Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: 9pt8W8VB9ZUStm7Esn4yziaJ3dD+GCo92JHgBYms6eE=
Subject key identifier: 97:57:72:EF:86:8D:42:1C:60:55:DF:38:DF:81:ED:EF:25:16:57:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6EB89F1C50FC67538D4557EE5DE4F5F79B35EDCC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:b8:9f:1c:50:fc:67:53:8d:45:57:ee:5d:e4:f5:f7:9b:35:ed:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f47c7c9e355662f1bb181cbf7a634dc4691436296db6ee2193e65d62adf214e6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:89:38:ad:81:d2:65:4c:cc:b7:ea:91:7b:ca:
39:ad:3f:23:b8:3e:b3:97:44:dc:5e:b2:4b:56:24:
94:c7:8e:1f:19:eb:be:93:23:c7:b3:ce:2a:99:92:
d6:b9:39:b9:66:74:75:62:8f:dc:b8:0a:c5:d4:92:
63:e2:08:b2:3c:ef:f1:7f:c8:4a:14:d0:fd:1d:20:
54:50:a9:41:e2:e9:15:ae:ab:f6:ac:6e:a2:92:de:
a2:ad:46:df:2b:45:03:1b:50:5d:ac:84:eb:21:46:
f4:44:48:7c:04:64:ea:9b:53:96:2c:cb:e0:2c:45:
2d:a6:ee:32:dc:f1:c9:b3:ab:32:cc:23:11:b5:9c:
3d:4c:92:d3:4c:7a:40:e8:0f:00:5b:95:08:a4:ca:
dd:7c:58:7e:0c:68:a7:45:52:59:56:5c:39:a4:9f:
da:9f:03:5d:3f:74:b4:b6:ad:c0:be:00:31:e5:11:
f4:3b:6d:c4:18:9c:ca:8d:fb:c3:96:0a:cb:a2:e8:
dc:23:27:26:86:25:99:e7:88:ba:ed:31:a2:34:9f:
40:09:59:d3:21:74:db:42:57:09:a9:ba:27:5a:53:
15:82:78:fb:b6:ac:5c:7d:36:23:a7:61:8f:3c:b2:
18:e6:e1:eb:45:96:2f:4c:39:12:ad:16:82:14:3e:
93:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:57:72:EF:86:8D:42:1C:60:55:DF:38:DF:81:ED:EF:25:16:57:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:c1:95:19:ff:48:18:bd:5d:3e:4b:94:c2:a9:b3:3e:eb:87:
77:89:36:77:f8:d1:64:d8:eb:0d:90:66:82:93:03:eb:ad:64:
26:27:ff:16:83:4b:10:8b:6d:5f:ea:2c:ef:00:49:db:05:ae:
8c:6e:ab:50:56:ae:5b:a2:c7:39:55:b0:be:75:d4:63:12:b0:
a1:b8:7b:19:6e:da:3b:4a:4f:62:28:c9:3d:a3:20:75:07:5b:
b9:c4:8e:2f:a4:ad:70:10:f4:c9:8e:51:c6:88:da:0e:3f:f5:
c7:d1:c0:88:e6:c0:d7:7d:67:56:bd:70:9b:d5:12:ff:df:6a:
72:ef:fc:77:4e:5f:3b:41:21:dd:db:de:97:04:6b:50:a2:2b:
6a:de:c7:fe:59:6e:35:a7:2e:55:21:4d:c8:7b:75:4f:98:01:
a4:86:c4:1c:71:e2:b3:51:46:ee:26:db:1e:c5:cd:1a:e4:8f:
2e:35:ce:cb:64:ad:63:13:bb:b5:20:26:6d:76:2c:3d:3f:3f:
73:8d:23:1c:eb:05:e8:30:f2:bb:12:36:e4:5b:e5:bd:68:49:
d4:20:75:14:de:c2:98:7f:f1:46:f3:db:5d:f4:a7:25:fe:c3:
3a:9b:83:88:d7:61:5e:0d:95:d9:0a:32:41:64:48:6e:36:c0:
7e:7e:50:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbrifHFD8Z1ONRVfuXeT195s17cwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0N2M3YzllMzU1NjYyZjFiYjE4MWNiZjdhNjM0ZGM0NjkxNDM2Mjk2ZGI2
ZWUyMTkzZTY1ZDYyYWRmMjE0ZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWJOK2B0mVMzLfqkXvKOa0/I7g+s5dE3F6yS1YklMeOHxnrvpMjx7POKpmS
1rk5uWZ0dWKP3LgKxdSSY+IIsjzv8X/IShTQ/R0gVFCpQeLpFa6r9qxuopLeoq1G
3ytFAxtQXayE6yFG9ERIfARk6ptTlizL4CxFLabuMtzxybOrMswjEbWcPUyS00x6
QOgPAFuVCKTK3XxYfgxop0VSWVZcOaSf2p8DXT90tLatwL4AMeUR9DttxBicyo37
w5YKy6Lo3CMnJoYlmeeIuu0xojSfQAlZ0yF020JXCam6J1pTFYJ4+7asXH02I6dh
jzyyGObh60WWL0w5Eq0WghQ+k40CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXV3Lv
ho1CHGBV3zjfge3vJRZXRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQDMwZUZ/0gYvV0+S5TCqbM+64d3iTZ3+NFk2OsNkGaC
kwPrrWQmJ/8Wg0sQi21f6izvAEnbBa6MbqtQVq5bosc5VbC+ddRjErChuHsZbto7
Sk9iKMk9oyB1B1u5xI4vpK1wEPTJjlHGiNoOP/XH0cCI5sDXfWdWvXCb1RL/32py
7/x3Tl87QSHd296XBGtQoitq3sf+WW41py5VIU3Ie3VPmAGkhsQcceKzUUbuJtse
xc0a5I8uNc7LZK1jE7u1ICZtdiw9Pz9zjSMc6wXoMPK7EjbkW+W9aEnUIHUU3sKY
f/FG89td9Kcl/sM6m4OI12FeDZXZCjJBZEhuNsB+flBP
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org