Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
File: 673e8a42-e7d4-46a9-8302-c771426cd407.roa (raw, json)
Hash identifier: U/DwoJ8ENWcgGllY6ei+A4oJVEFe5HpLnRgliUEFHQE=
Subject key identifier: 7F:F6:6B:A8:30:0E:70:0B:6C:5D:03:DD:F4:69:A2:12:E2:41:16:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43B945EC7A18D29C50C824F161F623A384EDA819
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:b9:45:ec:7a:18:d2:9c:50:c8:24:f1:61:f6:23:a3:84:ed:a8:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=578e54e8ea263c21bb25047c1ca771005f175ce35c59ab461560cb3789674d5c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:37:84:67:87:dd:f4:38:d8:7b:9c:39:4c:
40:fa:3b:b0:e8:90:65:14:a2:f5:d8:84:da:34:8a:
ed:52:7b:4c:a6:65:34:48:8e:7f:e8:35:78:18:e6:
1f:bc:0c:02:ae:83:c9:20:0e:1f:21:c4:e4:fc:0e:
1d:2b:ec:90:af:b1:d9:06:6c:a0:b5:d1:71:c6:d1:
08:a4:03:23:31:52:b4:80:79:94:73:c1:f8:f5:70:
7e:31:4f:c4:8c:d8:17:b2:6c:64:54:66:67:ba:8d:
3b:17:7b:dd:42:ac:fc:58:18:15:93:63:60:55:01:
0b:c4:eb:b7:a0:f8:64:83:29:49:de:eb:63:1e:b1:
e3:58:71:a3:63:f2:3b:aa:e7:33:5e:74:13:8f:2c:
0c:81:e6:80:37:d3:7f:ed:72:00:da:bc:a6:46:74:
b1:41:e9:58:56:55:dc:10:20:36:bb:8b:0e:2a:69:
a7:fd:c6:83:1e:03:99:5e:ba:c1:5a:1d:35:1b:c8:
09:b5:6c:50:be:a4:64:41:cd:9e:10:b4:53:84:b6:
6b:a5:b2:11:03:05:ef:8b:c0:1e:64:2f:ea:2e:a7:
0c:96:3f:83:0c:1e:2d:e1:77:a8:72:d5:9a:1a:7e:
44:c4:af:60:39:72:2f:ab:6b:7e:f9:7f:57:7a:72:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F6:6B:A8:30:0E:70:0B:6C:5D:03:DD:F4:69:A2:12:E2:41:16:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:4d:68:c5:2e:90:5c:bc:6f:b8:12:26:04:a1:8f:53:db:83:
65:40:b0:15:ed:b1:dd:69:b9:5b:b4:67:0f:73:24:17:28:13:
10:d1:3b:b8:a9:52:b7:45:9d:bb:58:05:8e:ae:01:f6:f5:69:
1c:f6:71:2c:7e:dd:8e:38:f0:42:54:83:5b:a7:49:66:2a:8e:
f9:be:43:11:9c:b4:1c:51:b8:1c:3c:a9:d2:43:ee:10:78:32:
b6:d0:6e:71:d5:f6:a7:ce:f7:d7:f1:37:d5:86:24:ac:2b:e9:
7d:51:06:99:08:19:c4:ef:8d:18:95:82:13:c2:0d:22:d4:19:
56:c4:0c:99:83:ea:25:de:ef:25:14:70:d2:9c:4b:54:33:dd:
63:6d:88:c7:33:da:f1:5b:f1:63:43:6d:5d:1a:75:41:da:9a:
a2:ee:05:63:05:16:13:5e:57:4b:de:8e:98:07:a2:df:d7:9a:
ca:24:f0:7f:33:30:cb:be:2a:15:d0:0a:11:bd:1b:b5:ec:22:
89:70:01:6a:a4:d7:1d:29:70:1d:3d:3d:2b:2b:6b:cb:b1:9e:
97:6c:6f:c9:08:35:8f:d2:3a:f1:82:6c:56:b3:96:02:2b:4a:
ed:14:03:52:e8:8b:1b:68:78:69:e9:99:6d:32:13:cc:5a:8b:
ba:ee:9b:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ7lF7HoY0pxQyCTxYfYjo4TtqBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3OGU1NGU4ZWEyNjNjMjFiYjI1MDQ3YzFjYTc3MTAwNWYxNzVjZTM1YzU5
YWI0NjE1NjBjYjM3ODk2NzRkNWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKCzN4Rnh930ONh7nDlMQPo7sOiQZRSi9diE2jSK7VJ7TKZlNEiOf+g1eBjm
H7wMAq6DySAOHyHE5PwOHSvskK+x2QZsoLXRccbRCKQDIzFStIB5lHPB+PVwfjFP
xIzYF7JsZFRmZ7qNOxd73UKs/FgYFZNjYFUBC8Trt6D4ZIMpSd7rYx6x41hxo2Py
O6rnM150E48sDIHmgDfTf+1yANq8pkZ0sUHpWFZV3BAgNruLDippp/3Ggx4DmV66
wVodNRvICbVsUL6kZEHNnhC0U4S2a6WyEQMF74vAHmQv6i6nDJY/gwweLeF3qHLV
mhp+RMSvYDlyL6trfvl/V3pyOAsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR/9muo
MA5wC2xdA930aaIS4kEWijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjczZThhNDItZTdkNC00NmE5LTgzMDItYzc3MTQyNmNkNDA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQBGTWjFLpBcvG+4EiYEoY9T24NlQLAV7bHdablbtGcP
cyQXKBMQ0Tu4qVK3RZ27WAWOrgH29Wkc9nEsft2OOPBCVINbp0lmKo75vkMRnLQc
UbgcPKnSQ+4QeDK20G5x1fanzvfX8TfVhiSsK+l9UQaZCBnE740YlYITwg0i1BlW
xAyZg+ol3u8lFHDSnEtUM91jbYjHM9rxW/FjQ21dGnVB2pqi7gVjBRYTXldL3o6Y
B6Lf15rKJPB/MzDLvioV0AoRvRu17CKJcAFqpNcdKXAdPT0rK2vLsZ6XbG/JCDWP
0jrxgmxWs5YCK0rtFANS6IsbaHhp6ZltMhPMWou67pv9
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org