Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
File: 7121a047-d001-4dca-a807-79f5c57d8a70.roa (raw, json)
Hash identifier: u4kdMkLsbVV89hHI9fk8oDIN+eKgXruRP+UZ5sVNO4U=
Subject key identifier: B5:B4:50:68:DB:B2:B2:A9:A3:EA:4B:E3:22:C6:F3:8C:6F:76:5E:BD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F5951322C6B2D97253DB775C167C2A225816E8F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:59:51:32:2c:6b:2d:97:25:3d:b7:75:c1:67:c2:a2:25:81:6e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=d4d555d042a73ace4172ec625672de74e03356bbae9c8cc009fda7a6286f60b4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:f6:da:7d:55:e2:66:e7:f1:64:4b:72:7e:
f9:41:c1:32:09:b5:c5:1b:1e:0b:ea:5c:ba:2f:45:
09:d1:72:2a:de:c5:26:c5:19:8f:ea:75:dd:66:2a:
03:5a:84:47:45:46:28:d0:5f:3b:92:b5:d6:b1:19:
87:af:a8:f5:5c:8b:0c:c1:00:5e:91:9d:64:22:81:
37:4f:36:d4:58:0b:fd:57:8a:65:50:72:96:7a:4e:
3d:6e:04:9b:4b:84:9c:99:3c:70:53:7b:b5:57:53:
48:54:e0:88:0a:0f:3e:b6:d5:26:b6:2c:35:5b:86:
87:3f:0c:0d:dc:5c:8a:97:87:85:34:b5:1d:c3:2d:
5b:43:66:0b:df:0a:4c:6b:30:dc:c8:e9:0d:7c:3e:
c2:a9:6d:8e:e4:3a:58:f8:f9:74:1b:e1:5c:e6:09:
77:db:38:28:f9:3e:5e:ee:a5:d8:10:98:5a:e0:a2:
8c:aa:3e:66:80:a5:c3:3e:ea:a3:6e:df:05:93:75:
6b:b0:38:f6:9b:1e:cd:56:65:fe:fe:9e:66:fb:96:
f8:ab:e2:5c:9e:0f:82:8e:c8:88:06:a3:02:99:5c:
bd:0a:70:4d:a0:ad:f6:15:67:1e:0a:0e:f5:39:58:
63:c6:13:03:72:74:5a:6b:9f:31:3b:7f:7a:7f:03:
0d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B4:50:68:DB:B2:B2:A9:A3:EA:4B:E3:22:C6:F3:8C:6F:76:5E:BD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7121a047-d001-4dca-a807-79f5c57d8a70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:ca:a5:47:34:ea:e4:21:b1:46:24:31:d5:be:57:11:a8:2a:
10:6a:48:4b:a3:25:fc:34:e2:bc:eb:7f:9e:c1:18:8d:b4:43:
2a:7b:89:f8:59:2c:4f:42:0c:de:e1:5e:13:92:97:41:5d:6d:
b5:01:b2:31:5a:40:c6:8f:8a:05:36:23:e5:05:49:29:65:93:
ff:62:23:71:83:8e:f8:71:e9:76:56:20:26:17:d3:c8:37:25:
9a:d7:0b:89:01:d4:b3:4b:cc:b9:97:9f:24:a0:c1:05:0d:9b:
1b:ff:d1:6e:67:4f:eb:19:ea:86:2c:fe:36:89:50:94:da:4e:
dd:ad:ca:1a:4e:b1:3b:43:af:c0:9b:54:c3:21:76:20:3a:90:
3c:e7:45:33:2b:6d:6e:fa:d4:33:7b:8b:56:86:32:12:88:8e:
c9:37:7c:e1:38:6d:ef:32:d3:8a:52:58:61:cd:8b:65:bf:12:
f2:3a:97:58:8c:eb:38:9a:08:d0:a4:9b:13:b6:c9:01:21:37:
82:08:c5:ab:2b:fe:4e:69:bf:e1:ae:3d:25:7a:db:5f:c7:bb:
69:ed:9a:85:0d:cb:f2:fb:26:62:b4:70:0f:ea:d0:55:a0:8c:
4c:21:bb:16:20:68:2b:28:31:7e:d6:fb:ac:5e:6d:5c:ca:73:
71:b2:d5:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP1lRMixrLZclPbd1wWfCoiWBbo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ZDU1NWQwNDJhNzNhY2U0MTcyZWM2MjU2NzJkZTc0ZTAzMzU2YmJhZTlj
OGNjMDA5ZmRhN2E2Mjg2ZjYwYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz29tp9VeJm5/FkS3J++UHBMgm1xRseC+pcui9FCdFyKt7FJsUZj+p13WYq
A1qER0VGKNBfO5K11rEZh6+o9VyLDMEAXpGdZCKBN0821FgL/VeKZVBylnpOPW4E
m0uEnJk8cFN7tVdTSFTgiAoPPrbVJrYsNVuGhz8MDdxcipeHhTS1HcMtW0NmC98K
TGsw3MjpDXw+wqltjuQ6WPj5dBvhXOYJd9s4KPk+Xu6l2BCYWuCijKo+ZoClwz7q
o27fBZN1a7A49psezVZl/v6eZvuW+KviXJ4Pgo7IiAajAplcvQpwTaCt9hVnHgoO
9TlYY8YTA3J0WmufMTt/en8DDVkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1tFBo
27KyqaPqS+MixvOMb3ZevTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzEyMWEwNDctZDAwMS00ZGNhLWE4MDctNzlmNWM1N2Q4YTcwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQCpyqVHNOrkIbFGJDHVvlcRqCoQakhLoyX8NOK863+e
wRiNtEMqe4n4WSxPQgze4V4TkpdBXW21AbIxWkDGj4oFNiPlBUkpZZP/YiNxg474
cel2ViAmF9PINyWa1wuJAdSzS8y5l58koMEFDZsb/9FuZ0/rGeqGLP42iVCU2k7d
rcoaTrE7Q6/Am1TDIXYgOpA850UzK21u+tQze4tWhjISiI7JN3zhOG3vMtOKUlhh
zYtlvxLyOpdYjOs4mgjQpJsTtskBITeCCMWrK/5Oab/hrj0lettfx7tp7ZqFDcvy
+yZitHAP6tBVoIxMIbsWIGgrKDF+1vusXm1cynNxstWo
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org