Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
File: 64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa (raw, json)
Hash identifier: vwLFd1a75LwuaL+k60sLdgkgMpNapaVZZGltKgSSNzg=
Subject key identifier: 98:EA:39:78:E0:F6:47:59:5B:38:59:6F:30:21:61:B1:9E:81:D9:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7AD2A5015D1EC9525653F50D9BFAE8C9422EA0A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:d2:a5:01:5d:1e:c9:52:56:53:f5:0d:9b:fa:e8:c9:42:2e:a0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=fb14bdc0357ca747bdfe98433d600eb19f9e35b1f361c32fbdb3059838f39188, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7f:0e:e3:4b:cc:fa:53:47:8d:d6:24:b6:ec:
44:a6:8f:95:9e:aa:59:2e:a1:03:a3:bf:5d:42:9c:
2e:eb:42:e7:bb:0b:70:8d:0a:14:bb:67:90:77:d8:
17:54:89:3e:8e:00:19:5e:02:f3:18:1a:54:fb:8d:
e3:b8:44:84:e4:80:03:7f:92:09:7a:d2:0c:21:db:
fd:d9:2b:f5:ad:0e:8c:cf:fc:a0:dc:da:ec:cf:86:
2f:b3:55:dc:25:75:d5:6e:a2:33:ca:c7:d2:bd:2e:
df:c5:c3:0d:37:73:4e:78:47:12:21:b6:f4:7e:1e:
4a:2b:13:5c:c6:49:76:ad:8b:68:0f:19:42:c4:49:
ee:fa:42:bf:43:f9:cb:82:a1:eb:4a:96:7a:e6:01:
6a:10:40:bd:d2:4e:23:36:f6:09:c5:47:59:1d:d6:
e7:ea:54:df:6d:21:08:43:c5:67:37:a9:f5:56:ed:
59:e9:eb:bd:13:5a:30:fe:da:c6:1f:44:47:8c:0e:
78:89:11:ea:33:17:88:47:19:a6:45:1a:c1:35:20:
56:d4:1c:e4:fe:dc:1f:8c:31:bc:76:96:dd:2e:1a:
bf:49:9a:75:36:2e:af:b6:de:e2:8a:80:68:5b:e9:
85:2f:e8:56:60:f0:40:f7:c8:c3:fb:1a:21:44:a7:
2f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EA:39:78:E0:F6:47:59:5B:38:59:6F:30:21:61:B1:9E:81:D9:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/64347f36-e1a1-4726-8ba2-f1a09daab7d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9f:8d:77:7f:44:94:5d:7d:98:d8:f4:c0:1c:af:e7:31:55:76:
8c:30:4c:8a:6f:5d:6d:87:f6:48:71:42:d9:d6:1e:5d:60:dc:
4f:3c:16:98:f3:e9:53:2c:96:30:47:a2:8a:84:fb:e0:43:e5:
5b:cb:34:0c:a3:5b:56:0c:e3:8a:12:06:52:67:6b:0d:01:07:
58:c4:41:9c:08:d5:ed:08:c3:c8:78:b0:20:29:30:2a:61:04:
79:84:4a:c5:6b:17:b8:8c:d9:37:ea:97:1a:21:d2:78:fb:be:
b9:f4:48:97:9e:57:e5:9e:30:04:44:ea:2e:4a:f5:e3:76:0e:
aa:2b:86:08:1d:16:7f:24:5b:c0:89:a1:ca:d9:b3:6c:4b:6f:
7c:b8:a5:4f:8b:de:28:06:09:68:b6:84:e9:98:db:e4:63:1b:
74:3a:f8:ac:eb:80:e4:b5:a9:ea:af:14:36:f6:2d:0b:f6:c0:
27:ed:ad:eb:c2:94:99:b8:9f:8b:1a:72:15:0c:34:22:1f:f4:
70:8a:a5:5c:76:d1:0f:af:e4:45:95:7f:9d:b4:07:8a:7d:b4:
2d:81:7b:0e:c4:db:26:95:46:ad:8b:2b:77:38:2c:dd:3f:e6:
03:0f:fb:36:29:21:06:4e:9b:8d:2d:a5:04:5e:c1:50:71:56:
36:e2:0d:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUetKlAV0eyVJWU/UNm/royUIuoKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiMTRiZGMwMzU3Y2E3NDdiZGZlOTg0MzNkNjAwZWIxOWY5ZTM1YjFmMzYx
YzMyZmJkYjMwNTk4MzhmMzkxODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZ/DuNLzPpTR43WJLbsRKaPlZ6qWS6hA6O/XUKcLutC57sLcI0KFLtnkHfY
F1SJPo4AGV4C8xgaVPuN47hEhOSAA3+SCXrSDCHb/dkr9a0OjM/8oNza7M+GL7NV
3CV11W6iM8rH0r0u38XDDTdzTnhHEiG29H4eSisTXMZJdq2LaA8ZQsRJ7vpCv0P5
y4Kh60qWeuYBahBAvdJOIzb2CcVHWR3W5+pU320hCEPFZzep9VbtWenrvRNaMP7a
xh9ER4wOeIkR6jMXiEcZpkUawTUgVtQc5P7cH4wxvHaW3S4av0madTYur7be4oqA
aFvphS/oVmDwQPfIw/saIUSnL2sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSY6jl4
4PZHWVs4WW8wIWGxnoHZgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjQzNDdmMzYtZTFhMS00NzI2LThiYTItZjFhMDlkYWFiN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCfjXd/RJRdfZjY9MAcr+cxVXaMMEyKb11th/ZIcULZ
1h5dYNxPPBaY8+lTLJYwR6KKhPvgQ+VbyzQMo1tWDOOKEgZSZ2sNAQdYxEGcCNXt
CMPIeLAgKTAqYQR5hErFaxe4jNk36pcaIdJ4+7659EiXnlflnjAEROouSvXjdg6q
K4YIHRZ/JFvAiaHK2bNsS298uKVPi94oBglotoTpmNvkYxt0Ovis64DktanqrxQ2
9i0L9sAn7a3rwpSZuJ+LGnIVDDQiH/RwiqVcdtEPr+RFlX+dtAeKfbQtgXsOxNsm
lUatiyt3OCzdP+YDD/s2KSEGTpuNLaUEXsFQcVY24g1r
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org