Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
File: 7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa (raw, json)
Hash identifier: AIFgxFmmfEBPUbEBCnGa7ss2pUl48So3u9mR2R+t18U=
Subject key identifier: 24:7C:C3:17:BE:7E:4B:F0:6C:A2:A7:F8:F1:43:26:EC:16:86:F8:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60E01ABDDDCA782618A52923DB6E8F0E6F0DDBBA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:e0:1a:bd:dd:ca:78:26:18:a5:29:23:db:6e:8f:0e:6f:0d:db:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=86deef2b75d410fdbbcab34287d18f710bafddffdd9ae14e3eac7f1ac37223ff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:52:6a:0e:90:28:56:b5:67:dc:c1:25:07:0b:
cc:e3:7e:2f:6e:d8:18:cf:e5:7f:b3:b1:9e:65:e5:
6f:a4:cb:d9:4f:80:ba:0c:6c:30:f4:b7:21:43:03:
65:ba:4d:4f:04:78:b9:38:7c:a9:98:27:e5:39:43:
94:1b:04:7f:0b:43:8d:b7:8d:7c:aa:9c:99:a8:be:
cc:34:43:9d:12:da:a5:de:38:e7:f8:84:58:8b:43:
e8:ed:6d:fe:bb:c2:0b:5c:cb:b9:4b:04:8a:e1:3a:
39:07:79:92:41:05:0f:95:18:3c:41:c7:96:30:02:
c4:c9:16:c7:16:78:d0:d2:cf:ad:2b:ab:45:4b:86:
ee:9a:41:a3:6c:1c:55:3e:84:fc:a6:bb:c4:15:b4:
52:e4:31:63:c9:07:72:7e:32:ef:c1:32:49:c6:6f:
d1:d1:95:3b:c8:b5:07:02:7c:34:4d:40:85:6e:1a:
e1:ba:48:d5:98:79:b7:52:ea:ea:87:b8:27:6b:15:
51:03:10:7a:60:b3:7d:d7:29:12:e4:c4:08:64:e1:
0a:79:29:ae:dd:3d:7b:42:07:40:f1:32:02:b0:cd:
8d:06:db:b2:1a:96:41:a9:75:55:fd:7f:74:eb:0d:
e2:38:5e:2e:77:d0:ca:01:8d:0e:c6:b0:0f:f6:b6:
11:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7C:C3:17:BE:7E:4B:F0:6C:A2:A7:F8:F1:43:26:EC:16:86:F8:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:10:40:68:66:47:8b:df:0b:e9:6f:7a:21:dd:da:2d:95:a1:
b0:15:e5:10:09:7c:ff:99:bb:52:87:c6:8d:c6:4d:b7:b9:c5:
9b:f1:36:65:6b:de:4a:2a:f2:a2:f5:3c:d2:90:47:19:98:35:
1e:1d:7b:44:81:66:c6:05:61:36:59:c2:8e:96:f6:2a:a4:48:
dc:b7:b5:8b:b2:72:2f:40:5c:a8:ca:52:60:7d:7b:55:2d:ab:
d4:2e:14:5c:90:1c:ac:a3:0c:99:42:86:fe:9f:7a:be:20:6d:
91:ec:0d:cb:9a:df:a7:37:85:7e:a1:f0:ca:d9:c5:ac:53:ea:
39:2f:2d:a5:a9:ea:88:1d:c8:5c:77:07:b5:eb:04:c1:39:ab:
55:44:b1:dd:73:58:92:48:78:46:42:9f:77:b2:2c:00:e4:85:
97:fd:c3:57:71:34:20:47:e4:53:29:64:3a:20:f8:70:4b:20:
24:9c:a6:ea:96:bf:83:be:ca:67:55:a5:ad:b4:16:88:39:dc:
e3:18:55:fe:08:b9:43:4c:33:7a:7b:7f:d3:6c:fb:31:57:1f:
49:3e:ed:ce:a0:f3:7f:32:f4:1e:91:89:e5:84:a7:4c:35:2e:
d9:fe:2c:b9:53:2f:8b:fe:de:25:29:4f:9e:46:ca:91:bc:15:
b9:8f:62:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYOAavd3KeCYYpSkj226PDm8N27owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2ZGVlZjJiNzVkNDEwZmRiYmNhYjM0Mjg3ZDE4ZjcxMGJhZmRkZmZkZDlh
ZTE0ZTNlYWM3ZjFhYzM3MjIzZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlSag6QKFa1Z9zBJQcLzON+L27YGM/lf7OxnmXlb6TL2U+AugxsMPS3IUMD
ZbpNTwR4uTh8qZgn5TlDlBsEfwtDjbeNfKqcmai+zDRDnRLapd445/iEWItD6O1t
/rvCC1zLuUsEiuE6OQd5kkEFD5UYPEHHljACxMkWxxZ40NLPrSurRUuG7ppBo2wc
VT6E/Ka7xBW0UuQxY8kHcn4y78EyScZv0dGVO8i1BwJ8NE1AhW4a4bpI1Zh5t1Lq
6oe4J2sVUQMQemCzfdcpEuTECGThCnkprt09e0IHQPEyArDNjQbbshqWQal1Vf1/
dOsN4jheLnfQygGNDsawD/a2EVkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkfMMX
vn5L8Gyip/jxQybsFob4dDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzE5MmU3NjEtMDVhOS00YzNlLTliMjItZWIzZWQwYzM3ZDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQB1EEBoZkeL3wvpb3oh3dotlaGwFeUQCXz/mbtSh8aN
xk23ucWb8TZla95KKvKi9TzSkEcZmDUeHXtEgWbGBWE2WcKOlvYqpEjct7WLsnIv
QFyoylJgfXtVLavULhRckBysowyZQob+n3q+IG2R7A3Lmt+nN4V+ofDK2cWsU+o5
Ly2lqeqIHchcdwe16wTBOatVRLHdc1iSSHhGQp93siwA5IWX/cNXcTQgR+RTKWQ6
IPhwSyAknKbqlr+DvspnVaWttBaIOdzjGFX+CLlDTDN6e3/TbPsxVx9JPu3OoPN/
MvQekYnlhKdMNS7Z/iy5Uy+L/t4lKU+eRsqRvBW5j2Lt
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org