Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
File: 72138391-f885-46be-9450-815e493cd6a4.roa (raw, json)
Hash identifier: ix3xQ7IoyW68HM35xEUKF/qVqw78JeK99QTve7r6GLI=
Subject key identifier: 2D:DD:67:8A:79:A4:48:E6:3A:40:1B:33:2B:2F:0C:5A:67:9A:95:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55BC3E7D5C42F659FEE97FA48CFB0D7DACB6941E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:bc:3e:7d:5c:42:f6:59:fe:e9:7f:a4:8c:fb:0d:7d:ac:b6:94:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=74c6684cb1e71c63c0820d0429ef8430cb099c5cdbbbfdb360792a5ff4a3ef0e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0a:ab:2d:db:f3:cb:39:29:b3:5b:d9:5d:30:
6c:27:ae:30:33:1d:13:45:7d:a1:e5:2a:bb:99:11:
4e:0e:e2:cb:be:81:df:5e:13:76:d5:c4:14:be:3c:
78:b4:e2:a2:15:1f:8d:43:ae:18:4c:6a:b4:98:08:
e3:97:c0:09:c6:29:f8:c2:4d:14:45:91:b1:10:7f:
6f:10:6c:a7:f2:b8:d9:db:23:e5:9f:71:50:58:8f:
c5:04:57:e1:af:34:a4:ff:de:53:9a:fb:53:6c:b6:
22:d2:55:42:e9:50:0e:66:e0:ef:48:86:c1:c1:7d:
11:c6:59:da:62:4a:bb:68:49:73:29:ab:5a:7a:6b:
4a:d4:e3:62:06:5b:fd:3c:64:b7:11:52:b8:d2:d4:
a2:23:d6:aa:d7:ef:30:03:fa:07:7d:f9:37:f8:6e:
8a:d8:a1:3d:74:ca:f4:70:e2:53:04:8b:9e:4f:0a:
26:11:b0:a2:8c:41:8b:a7:8c:43:da:a3:dd:5a:67:
67:28:08:88:98:9b:45:8e:d3:e0:a5:bb:e6:f4:9f:
b6:9c:40:5e:75:56:fe:99:62:8a:d6:cf:b3:57:85:
22:3d:22:ee:de:2a:5c:c3:6e:be:c9:21:65:81:99:
68:87:0f:e6:62:05:2b:ba:f7:c5:11:2b:16:aa:bf:
3b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DD:67:8A:79:A4:48:E6:3A:40:1B:33:2B:2F:0C:5A:67:9A:95:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c6:fe:72:f8:7c:69:14:60:b3:38:5a:4e:06:a3:49:9d:23:da:
7d:40:18:97:e2:14:ca:15:de:9d:2f:9a:87:5d:e3:ec:dc:22:
a4:a7:d3:84:cd:21:08:e2:10:d9:ea:d6:32:6b:0e:bc:95:c1:
52:9d:d5:5d:37:e9:06:f4:64:28:34:1c:d8:2a:ef:e2:b8:95:
c3:1b:2a:68:a0:ea:0b:bb:47:33:b1:a4:37:e1:f8:6c:16:78:
d9:d3:a3:6e:17:ab:55:4d:1f:84:35:d2:54:90:e2:45:81:a6:
71:a7:e7:80:0b:0b:ec:1f:44:78:93:41:cd:ef:de:c8:ab:06:
18:10:96:7c:2a:6e:37:ae:c6:d8:4c:da:48:df:8c:88:ff:98:
ab:34:f1:2f:13:74:2b:86:63:0f:01:91:53:fa:f4:3b:67:80:
5d:56:fe:3f:b7:4d:6f:ab:77:91:21:2f:7d:8c:a1:91:97:27:
74:4d:3f:62:38:e3:50:c0:ed:46:c7:14:c2:a8:cd:cc:a0:4f:
56:2c:05:8e:1e:55:4c:17:3b:21:66:19:f6:ec:70:e8:c4:40:
eb:c6:df:f9:41:ff:c4:ee:5f:10:f3:b7:b9:75:a9:13:9e:35:
b8:46:54:dd:95:b8:08:a3:fa:01:2d:34:a6:44:f9:2e:3e:60:
b6:4c:ee:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVbw+fVxC9ln+6X+kjPsNfay2lB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0YzY2ODRjYjFlNzFjNjNjMDgyMGQwNDI5ZWY4NDMwY2IwOTljNWNkYmJi
ZmRiMzYwNzkyYTVmZjRhM2VmMGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0Kqy3b88s5KbNb2V0wbCeuMDMdE0V9oeUqu5kRTg7iy76B314TdtXEFL48
eLTiohUfjUOuGExqtJgI45fACcYp+MJNFEWRsRB/bxBsp/K42dsj5Z9xUFiPxQRX
4a80pP/eU5r7U2y2ItJVQulQDmbg70iGwcF9EcZZ2mJKu2hJcymrWnprStTjYgZb
/TxktxFSuNLUoiPWqtfvMAP6B335N/huitihPXTK9HDiUwSLnk8KJhGwooxBi6eM
Q9qj3VpnZygIiJibRY7T4KW75vSftpxAXnVW/pliitbPs1eFIj0i7t4qXMNuvskh
ZYGZaIcP5mIFK7r3xRErFqq/O+kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQt3WeK
eaRI5jpAGzMrLwxaZ5qVVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzIxMzgzOTEtZjg4NS00NmJlLTk0NTAtODE1ZTQ5M2NkNmE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQDG/nL4fGkUYLM4Wk4Go0mdI9p9QBiX4hTKFd6dL5qH
XePs3CKkp9OEzSEI4hDZ6tYyaw68lcFSndVdN+kG9GQoNBzYKu/iuJXDGypooOoL
u0czsaQ34fhsFnjZ06NuF6tVTR+ENdJUkOJFgaZxp+eACwvsH0R4k0HN797IqwYY
EJZ8Km43rsbYTNpI34yI/5irNPEvE3QrhmMPAZFT+vQ7Z4BdVv4/t01vq3eRIS99
jKGRlyd0TT9iOONQwO1GxxTCqM3MoE9WLAWOHlVMFzshZhn27HDoxEDrxt/5Qf/E
7l8Q87e5dakTnjW4RlTdlbgIo/oBLTSmRPkuPmC2TO58
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:20 2024 by rpki-client on console-fra.rpki-client.org