Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa
File: 7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa (raw, json)
Hash identifier: peg9mq62DDfiEccP5Urp2uXHE5TeBYRSvj3tCThkyJo=
Subject key identifier: 4C:5D:24:FD:89:70:71:5C:DA:4B:DD:B0:0B:5E:72:F0:F2:AB:6B:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CE0351BFA1C79950AB25CB547A36439E92E4527
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e0:35:1b:fa:1c:79:95:0a:b2:5c:b5:47:a3:64:39:e9:2e:45:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=42c0bc1bdc0fb1674d7160f2c1f65c184bb46d780eb4136703d18bfb628dc07e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:04:91:cb:9b:76:2a:96:74:ba:2b:89:e8:9d:
c2:be:7b:b8:29:0d:25:0f:c3:d8:3e:f5:db:7d:5f:
99:61:51:83:cc:63:5b:b8:d3:83:53:82:56:48:08:
ff:72:80:87:f2:ce:a5:e2:76:6c:3a:01:1c:4b:f6:
6f:e9:39:ad:9c:14:8c:e3:c2:ca:e2:13:b2:26:9e:
e7:c8:b2:4d:03:38:b7:51:ad:4b:40:44:72:45:ab:
74:58:40:25:c7:82:b1:36:1b:6a:07:92:55:51:37:
38:47:3f:f2:35:5a:98:3e:d2:a2:78:c4:64:af:99:
a4:dc:18:e9:2d:6f:0a:5d:2c:43:1a:ff:bd:ff:b3:
84:49:c4:87:06:77:34:5a:b1:20:89:88:a2:54:ce:
af:75:62:76:0b:9f:9a:dc:6b:fc:02:a3:ed:70:ff:
bd:8e:70:7c:b7:ec:a2:bd:4c:41:cd:57:a6:f5:fd:
1a:9b:d3:51:59:4e:ad:6f:ca:31:b1:50:fd:2b:40:
a8:d6:83:5d:2b:a8:23:55:57:09:44:aa:e3:84:c2:
7c:cb:27:b3:43:bc:9c:38:2c:72:f7:61:53:cb:e9:
cc:c0:ee:69:b4:a7:4d:fa:6d:fd:88:57:a8:48:23:
e3:e8:ba:a9:97:20:22:b3:cb:a7:9c:ea:42:84:40:
35:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:5D:24:FD:89:70:71:5C:DA:4B:DD:B0:0B:5E:72:F0:F2:AB:6B:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7986b90e-a286-4c02-b5e7-b85bd3d860a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:15:35:2a:51:10:24:25:cb:86:de:17:d8:82:2e:6c:67:9c:
34:f2:bd:27:3e:3f:23:eb:bf:be:d4:11:eb:ad:99:ad:46:ef:
4a:e9:26:2d:1e:9d:6d:c7:4c:39:7e:2c:73:2b:74:8b:60:18:
36:7b:ad:8b:b9:de:2c:16:09:71:74:d1:d5:32:90:ff:14:d7:
1d:95:7b:52:eb:a7:1d:6e:12:75:0c:e8:bd:e3:89:bc:88:c7:
a9:97:47:d5:24:c9:0c:0d:dd:5a:70:7b:21:bd:00:79:42:9b:
10:fe:62:e7:54:13:1c:3d:f0:42:89:39:5b:ea:3e:59:78:b2:
f8:35:10:30:8c:e6:9a:4c:6e:29:f3:cf:9e:25:4a:e0:49:57:
c7:3c:e4:cd:e5:45:1f:b5:d7:06:84:ea:da:7d:26:a8:81:6a:
b7:4b:80:3c:a2:4a:08:a1:b7:e7:fe:21:07:5e:b6:1a:ef:74:
01:97:4b:11:5c:57:6f:59:f9:58:0f:09:44:d2:34:13:14:7f:
d8:42:0c:c7:47:c7:39:3c:8a:cc:81:1f:59:eb:b8:68:08:c0:
7b:e8:f5:74:65:b2:a1:ca:e3:68:50:1c:7e:c2:54:c6:f0:6c:
ec:33:48:e5:61:32:86:17:88:45:31:93:4e:0e:33:2b:f7:8f:
c1:f2:9e:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfOA1G/oceZUKsly1R6NkOekuRScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyYzBiYzFiZGMwZmIxNjc0ZDcxNjBmMmMxZjY1YzE4NGJiNDZkNzgwZWI0
MTM2NzAzZDE4YmZiNjI4ZGMwN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwEkcubdiqWdLorieidwr57uCkNJQ/D2D71231fmWFRg8xjW7jTg1OCVkgI
/3KAh/LOpeJ2bDoBHEv2b+k5rZwUjOPCyuITsiae58iyTQM4t1GtS0BEckWrdFhA
JceCsTYbageSVVE3OEc/8jVamD7SonjEZK+ZpNwY6S1vCl0sQxr/vf+zhEnEhwZ3
NFqxIImIolTOr3Vidgufmtxr/AKj7XD/vY5wfLfsor1MQc1XpvX9GpvTUVlOrW/K
MbFQ/StAqNaDXSuoI1VXCUSq44TCfMsns0O8nDgscvdhU8vpzMDuabSnTfpt/YhX
qEgj4+i6qZcgIrPLp5zqQoRANe0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRMXST9
iXBxXNpL3bALXnLw8qtrlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzk4NmI5MGUtYTI4Ni00YzAyLWI1ZTctYjg1YmQzZDg2MGE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQCnFTUqURAkJcuG3hfYgi5sZ5w08r0nPj8j67++1BHr
rZmtRu9K6SYtHp1tx0w5fixzK3SLYBg2e62Lud4sFglxdNHVMpD/FNcdlXtS66cd
bhJ1DOi944m8iMepl0fVJMkMDd1acHshvQB5QpsQ/mLnVBMcPfBCiTlb6j5ZeLL4
NRAwjOaaTG4p88+eJUrgSVfHPOTN5UUftdcGhOrafSaogWq3S4A8okoIobfn/iEH
XrYa73QBl0sRXFdvWflYDwlE0jQTFH/YQgzHR8c5PIrMgR9Z67hoCMB76PV0ZbKh
yuNoUBx+wlTG8GzsM0jlYTKGF4hFMZNODjMr94/B8p71
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org