Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json)
Hash identifier: 5/oBosneR1mFQLJP5C4jzodzD26fObS3CDEfzXvIx+I=
Subject key identifier: A9:AE:17:05:1B:C0:DA:27:34:23:13:98:5C:48:B2:8F:27:C4:C9:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EE9D0BB9AF97738EB481362779BA1400AF5C384
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:e9:d0:bb:9a:f9:77:38:eb:48:13:62:77:9b:a1:40:0a:f5:c3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=525c16c92087fb2ae7fc06d17a6f047fdac9380b2b309118791d6805f3313bfd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:5f:1f:79:ad:74:5c:dd:ee:64:e7:5b:68:
55:34:06:be:86:d5:4e:8a:52:fe:30:0e:25:7b:4c:
84:56:91:e8:2a:ed:15:0e:25:91:63:0f:6a:99:24:
ae:bf:e5:bf:c7:43:95:be:f6:f7:b0:d2:1c:b1:b5:
55:94:0f:67:5d:4a:76:f7:25:89:f3:58:bd:49:29:
1f:e1:e7:84:d6:81:a4:8e:d2:90:11:8f:84:45:64:
b1:a2:be:de:9d:2d:41:47:76:78:66:f1:67:ee:05:
56:9c:0f:1c:e9:27:1b:a5:51:30:97:e8:55:4e:37:
75:6e:65:89:95:c0:61:67:69:14:4a:87:16:ec:25:
18:a5:86:20:91:52:aa:b6:b3:c3:58:32:14:a0:c6:
9b:f4:6c:92:c4:d6:f8:ab:b1:a3:0d:25:b1:19:79:
25:d0:7f:2a:3d:03:d7:90:5a:36:27:5e:59:8c:77:
0e:2d:d3:64:50:69:78:b2:79:0c:43:1a:b8:df:34:
99:6b:be:8e:71:ac:ce:ca:8a:50:28:58:07:cf:98:
f5:58:aa:ae:36:d6:24:62:e2:6a:dd:e4:7d:05:51:
6e:43:9b:74:35:6c:66:4b:62:de:f5:57:e9:43:60:
84:86:d3:04:f9:22:32:13:86:34:a5:30:15:03:06:
54:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AE:17:05:1B:C0:DA:27:34:23:13:98:5C:48:B2:8F:27:C4:C9:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:f5:9d:c1:d8:27:be:68:4d:eb:8e:36:88:42:32:6e:8f:63:
ed:9f:9f:99:34:46:51:f1:ee:e6:75:4c:3d:64:aa:bc:be:3d:
aa:e9:6c:93:d3:ec:bd:b7:37:0f:65:dd:e8:19:59:1d:07:b4:
5a:4b:aa:34:35:bb:05:56:93:ab:e0:64:69:47:c8:01:44:f0:
ac:2c:a1:84:af:18:dd:68:75:57:cb:38:53:40:09:cc:c7:5e:
8f:39:42:08:ee:8a:d4:72:05:65:4d:d3:9b:bd:5a:a8:22:66:
2e:9e:aa:bf:d2:4e:76:61:21:85:4f:1d:bf:f6:9e:cd:d7:04:
66:3b:2e:5e:f3:4e:a8:3d:e3:18:67:3b:bf:2b:83:ea:9e:fd:
6b:b8:80:52:97:60:47:6c:b7:de:75:4d:c0:61:3b:80:30:8b:
62:f2:9e:c2:70:0a:1c:14:09:92:d6:05:df:cc:cc:a7:19:f5:
9a:56:bc:7c:b5:fa:ee:72:45:b5:3d:ce:16:14:8b:46:dd:08:
2f:6a:1e:18:cd:c9:03:65:59:dd:9d:d8:5c:76:4a:09:37:5b:
a6:f3:31:03:3d:47:6d:b8:a1:c7:86:4c:09:ec:d4:40:fa:a3:
ce:a3:6a:5d:89:ae:70:c4:ea:ee:72:4b:7a:ba:17:eb:c2:42:
19:91:ef:b9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXunQu5r5dzjrSBNid5uhQAr1w4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNWMxNmM5MjA4N2ZiMmFlN2ZjMDZkMTdhNmYwNDdmZGFjOTM4MGIyYjMw
OTExODc5MWQ2ODA1ZjMzMTNiZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL79Xx95rXRc3e5k51toVTQGvobVTopS/jAOJXtMhFaR6CrtFQ4lkWMPapkk
rr/lv8dDlb7297DSHLG1VZQPZ11KdvclifNYvUkpH+HnhNaBpI7SkBGPhEVksaK+
3p0tQUd2eGbxZ+4FVpwPHOknG6VRMJfoVU43dW5liZXAYWdpFEqHFuwlGKWGIJFS
qrazw1gyFKDGm/RsksTW+Kuxow0lsRl5JdB/Kj0D15BaNideWYx3Di3TZFBpeLJ5
DEMauN80mWu+jnGszsqKUChYB8+Y9ViqrjbWJGLiat3kfQVRbkObdDVsZkti3vVX
6UNghIbTBPkiMhOGNKUwFQMGVDcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSprhcF
G8DaJzQjE5hcSLKPJ8TJ1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCX9Z3B2Ce+aE3rjjaIQjJuj2Ptn5+ZNEZR8e7mdUw9
ZKq8vj2q6WyT0+y9tzcPZd3oGVkdB7RaS6o0NbsFVpOr4GRpR8gBRPCsLKGErxjd
aHVXyzhTQAnMx16POUII7orUcgVlTdObvVqoImYunqq/0k52YSGFTx2/9p7N1wRm
Oy5e806oPeMYZzu/K4Pqnv1ruIBSl2BHbLfedU3AYTuAMIti8p7CcAocFAmS1gXf
zMynGfWaVrx8tfruckW1Pc4WFItG3Qgvah4YzckDZVndndhcdkoJN1um8zEDPUdt
uKHHhkwJ7NRA+qPOo2pdia5wxOruckt6uhfrwkIZke+5
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org