Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
File: 77b69854-7acc-4257-9488-ffcab8197c82.roa (raw, json)
Hash identifier: eek923q3OROyk4MXbNmTc+VY8a2TTwD+quiiU9gtOpU=
Subject key identifier: 4A:13:B7:10:1B:B3:C8:02:88:74:C0:E5:E4:A2:E0:C3:BC:16:0E:AC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2774D121F23D08275CCC06CD2CB76FDFA04256B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:74:d1:21:f2:3d:08:27:5c:cc:06:cd:2c:b7:6f:df:a0:42:56:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b71d506e6bca937e342c4c1c3c717346c677d34dcbdf0d19c7353e568afa930d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:65:39:5c:56:d8:89:3a:ed:69:b4:6b:07:b8:
52:bb:a9:eb:d9:d1:1f:3b:09:fe:61:f9:c4:02:6f:
3c:b1:5a:c4:c2:34:ea:62:74:f0:6d:4f:61:02:65:
de:ce:a1:7a:35:28:80:50:ff:ce:73:ca:5e:a5:b1:
e7:4d:38:77:1c:5c:24:42:e0:f0:70:5c:4e:3e:99:
c3:6e:ff:17:a0:26:c0:e3:ef:ac:80:51:74:16:03:
68:22:f2:fc:89:31:3b:e8:d9:99:7e:e1:72:2b:84:
86:a5:74:ce:a8:42:45:1d:d9:ab:a5:3a:e4:6c:d3:
56:a1:a7:2f:d0:50:a5:fd:50:cc:78:fc:99:6f:2b:
55:cd:14:92:75:1a:fd:91:db:5f:5b:4f:46:d0:7a:
76:f7:2d:e1:7f:40:fd:61:c8:c8:3b:28:63:69:cb:
67:28:60:f3:0c:49:43:9b:41:29:36:7c:a4:17:4e:
c1:6f:1a:bc:93:f3:d6:46:a8:7b:8d:38:ff:7d:66:
76:a5:b0:30:41:16:2d:dc:50:db:73:ce:1c:f8:cd:
83:78:89:00:e3:ff:20:ca:a5:8e:13:84:27:82:19:
77:ee:0c:6e:c5:9f:a7:f7:53:54:53:ab:3a:32:fa:
bf:8e:7b:93:99:4e:e7:b9:10:6d:91:64:d2:e7:f1:
fb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:13:B7:10:1B:B3:C8:02:88:74:C0:E5:E4:A2:E0:C3:BC:16:0E:AC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:42:7f:56:16:8f:8a:f6:6f:67:d2:ef:5c:77:c3:7c:cd:db:
b1:cc:c4:51:1d:cd:73:dd:bc:06:57:a3:6d:87:06:90:83:ba:
8a:ae:06:60:12:86:ee:e3:42:b3:c8:2e:c8:49:15:64:29:31:
89:d7:b7:e4:73:5a:2e:06:66:8b:11:5b:bb:9a:bb:98:b8:86:
41:f9:e7:6a:13:75:8f:c1:26:9d:05:ab:fe:69:1f:28:6f:a5:
e5:d5:a5:21:a3:55:7a:8f:ef:52:b5:44:70:6f:d2:84:a7:84:
66:ac:15:6c:85:bd:fa:c6:3c:f4:ed:d2:f7:7b:ef:8d:b3:40:
3e:9c:d9:b5:d8:2a:a6:5f:fb:77:f0:00:62:2e:78:a8:4c:22:
ed:17:17:c3:44:89:70:3a:98:e3:ac:8b:24:f0:27:7e:5b:80:
d3:15:a0:1d:f2:ff:f6:aa:cf:ed:e7:c4:b9:66:1d:5f:9a:a4:
98:5a:00:90:15:96:69:5c:04:1b:29:3c:23:d3:f2:6a:9e:cf:
82:1e:09:fb:e3:6b:6c:4b:55:72:f3:56:58:a4:eb:68:97:8a:
46:eb:20:60:35:66:2b:36:08:9a:d8:28:0b:22:de:b8:30:74:
f7:01:95:03:4a:5d:76:85:b1:e4:40:97:f5:0c:6e:41:ac:69:
58:9a:63:88
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ3TRIfI9CCdczAbNLLdv36BCVrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MWQ1MDZlNmJjYTkzN2UzNDJjNGMxYzNjNzE3MzQ2YzY3N2QzNGRjYmRm
MGQxOWM3MzUzZTU2OGFmYTkzMGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMllOVxW2Ik67Wm0awe4Urup69nRHzsJ/mH5xAJvPLFaxMI06mJ08G1PYQJl
3s6hejUogFD/znPKXqWx5004dxxcJELg8HBcTj6Zw27/F6AmwOPvrIBRdBYDaCLy
/IkxO+jZmX7hciuEhqV0zqhCRR3Zq6U65GzTVqGnL9BQpf1QzHj8mW8rVc0UknUa
/ZHbX1tPRtB6dvct4X9A/WHIyDsoY2nLZyhg8wxJQ5tBKTZ8pBdOwW8avJPz1kao
e404/31mdqWwMEEWLdxQ23POHPjNg3iJAOP/IMqljhOEJ4IZd+4MbsWfp/dTVFOr
OjL6v457k5lO57kQbZFk0ufx+ykCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRKE7cQ
G7PIAoh0wOXkouDDvBYOrDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzdiNjk4NTQtN2FjYy00MjU3LTk0ODgtZmZjYWI4MTk3YzgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQCyQn9WFo+K9m9n0u9cd8N8zduxzMRRHc1z3bwGV6Nt
hwaQg7qKrgZgEobu40KzyC7ISRVkKTGJ17fkc1ouBmaLEVu7mruYuIZB+edqE3WP
wSadBav+aR8ob6Xl1aUho1V6j+9StURwb9KEp4RmrBVshb36xjz07dL3e++Ns0A+
nNm12CqmX/t38ABiLnioTCLtFxfDRIlwOpjjrIsk8Cd+W4DTFaAd8v/2qs/t58S5
Zh1fmqSYWgCQFZZpXAQbKTwj0/Jqns+CHgn742tsS1Vy81ZYpOtol4pG6yBgNWYr
Ngia2CgLIt64MHT3AZUDSl12hbHkQJf1DG5BrGlYmmOI
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org