Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7764f303-17ca-41de-afb2-e2a4278e047f.roa
File: 7764f303-17ca-41de-afb2-e2a4278e047f.roa (raw, json)
Hash identifier: gzL16XD3flyWFUHyHb6afaDYIvLWQvv2vzwIc9qJoVQ=
Subject key identifier: B2:50:EE:E1:2C:29:D0:A1:96:B8:E2:36:0E:BF:7D:01:EE:62:A6:9F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 045CB579D19FC5455124BABA2F3ABF476599F2E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7764f303-17ca-41de-afb2-e2a4278e047f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:5c:b5:79:d1:9f:c5:45:51:24:ba:ba:2f:3a:bf:47:65:99:f2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=d8297fdc20f56e6b26701e042c095bfddbef88c659488ce3fe4932aa6ec0f288, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:42:9b:ed:3e:13:a8:6c:71:4e:a0:9f:49:
51:d3:cf:aa:44:3b:8f:b5:ea:a5:5d:55:f7:aa:b7:
c6:88:8b:e3:7d:1e:b4:d2:c2:40:18:8a:66:fb:6f:
dc:21:f3:9c:d9:f3:dd:95:30:e8:67:eb:cc:67:d8:
5f:a8:ce:0d:a8:b2:ef:89:6e:12:6a:3b:3c:88:3f:
58:7f:e0:00:95:06:3b:d5:c6:d4:fa:4a:d3:08:91:
da:c2:62:15:6c:a9:0d:a3:a8:cd:c6:3a:82:ff:8d:
cd:43:81:e2:17:7f:83:8b:d7:c5:6b:43:78:bb:ea:
fd:2e:7a:59:c9:17:37:21:7e:6f:47:0f:11:a2:78:
1a:a1:2f:0e:31:7f:ae:c0:eb:40:03:fa:01:a2:3f:
fa:ed:79:35:02:b7:f3:d3:58:a0:61:2f:0e:8f:51:
20:0d:c9:44:0d:1a:73:15:34:30:ca:d4:c9:62:b2:
26:a0:b4:3c:ec:6c:26:00:05:67:38:e2:29:9e:76:
69:ce:6b:03:a0:56:57:26:c9:fd:3c:c8:ac:b5:7b:
26:25:d3:2f:c1:4d:73:7f:7f:60:0a:08:23:c3:cf:
7f:47:62:31:5a:8d:54:e0:c2:10:8e:d8:3a:5f:1a:
33:bb:e6:be:0f:0e:87:fe:75:bd:33:c5:e9:1a:fe:
b4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:50:EE:E1:2C:29:D0:A1:96:B8:E2:36:0E:BF:7D:01:EE:62:A6:9F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7764f303-17ca-41de-afb2-e2a4278e047f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
93:09:95:4a:f8:f3:e5:bf:61:3a:e2:51:fa:dd:54:87:16:1b:
9d:65:9a:e5:6a:18:bc:6e:59:68:79:84:8b:d4:e1:0a:b5:d7:
9e:bd:bd:f6:34:11:23:32:77:c6:92:e4:f5:83:43:7a:5d:be:
c2:10:9b:f6:21:fd:96:28:bf:87:e9:6c:99:39:88:d6:57:08:
07:3c:f3:8d:a8:9b:24:ad:dc:50:18:4a:6b:ca:e4:78:15:b7:
dd:c5:60:d6:ff:42:af:87:55:b9:94:3d:b1:17:8a:c3:45:9a:
d5:28:ba:09:ee:15:c9:34:39:c8:75:bc:7d:11:d1:45:cb:59:
17:db:16:75:ee:c6:5f:0c:a7:04:28:bf:ed:2e:6b:ee:34:81:
18:a4:b6:77:ac:10:61:50:cc:51:1f:04:2e:81:6c:ee:e3:13:
6f:2b:b7:83:86:6b:59:42:6b:4c:97:e2:5c:e8:f3:c9:d9:42:
e6:72:f7:3a:35:6a:d1:c2:fa:0f:5d:50:fc:08:64:f4:af:32:
e6:01:4f:74:1b:c6:be:50:91:36:64:9a:e4:ae:7f:df:3a:a9:
d5:60:ca:25:97:80:70:ef:b9:c8:43:57:7f:2f:dc:53:a0:10:
91:6e:ed:56:bd:13:8c:f7:e3:f9:ff:be:56:29:b6:07:46:4d:
4d:da:3c:73
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBFy1edGfxUVRJLq6Lzq/R2WZ8ucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4Mjk3ZmRjMjBmNTZlNmIyNjcwMWUwNDJjMDk1YmZkZGJlZjg4YzY1OTQ4
OGNlM2ZlNDkzMmFhNmVjMGYyODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMU0QpvtPhOobHFOoJ9JUdPPqkQ7j7XqpV1V96q3xoiL430etNLCQBiKZvtv
3CHznNnz3ZUw6GfrzGfYX6jODaiy74luEmo7PIg/WH/gAJUGO9XG1PpK0wiR2sJi
FWypDaOozcY6gv+NzUOB4hd/g4vXxWtDeLvq/S56WckXNyF+b0cPEaJ4GqEvDjF/
rsDrQAP6AaI/+u15NQK389NYoGEvDo9RIA3JRA0acxU0MMrUyWKyJqC0POxsJgAF
ZzjiKZ52ac5rA6BWVybJ/TzIrLV7JiXTL8FNc39/YAoII8PPf0diMVqNVODCEI7Y
Ol8aM7vmvg8Oh/51vTPF6Rr+tFcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSyUO7h
LCnQoZa44jYOv30B7mKmnzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzc2NGYzMDMtMTdjYS00MWRlLWFmYjItZTJhNDI3OGUwNDdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQCTCZVK+PPlv2E64lH63VSHFhudZZrlahi8blloeYSL
1OEKtdeevb32NBEjMnfGkuT1g0N6Xb7CEJv2If2WKL+H6WyZOYjWVwgHPPONqJsk
rdxQGEpryuR4FbfdxWDW/0Kvh1W5lD2xF4rDRZrVKLoJ7hXJNDnIdbx9EdFFy1kX
2xZ17sZfDKcEKL/tLmvuNIEYpLZ3rBBhUMxRHwQugWzu4xNvK7eDhmtZQmtMl+Jc
6PPJ2ULmcvc6NWrRwvoPXVD8CGT0rzLmAU90G8a+UJE2ZJrkrn/fOqnVYMoll4Bw
77nIQ1d/L9xToBCRbu1WvROM9+P5/75WKbYHRk1N2jxz
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org