Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
File: 7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa (raw, json)
Hash identifier: JxKP9piokjWtYvSnaG+Qt9zGbw6ZkqdnoFPgDFI5VtE=
Subject key identifier: 13:EE:52:0F:60:13:1D:8A:C1:20:CC:44:93:CD:AB:51:9D:E7:E5:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19BC7953F6E987EA9013B0883BBABBD485E922CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:bc:79:53:f6:e9:87:ea:90:13:b0:88:3b:ba:bb:d4:85:e9:22:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2e16edf1db0cd693a60763d2d8d469cd5e9f7c56b52997548e192121fd4846f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:0d:6f:0f:f0:b1:88:5b:b3:c6:e9:0e:e5:
00:75:b0:8c:78:58:d6:fe:57:95:d5:95:e6:40:a3:
25:cc:1d:fd:aa:5e:95:58:fa:87:8b:51:d4:81:1c:
3a:4f:af:9a:27:ac:0a:25:48:42:c5:c2:5e:62:23:
8b:66:7f:07:4e:86:5d:c1:de:8b:6b:44:67:11:c4:
aa:22:5a:b3:24:ae:9d:5a:d2:73:0c:c4:f4:8e:3b:
a8:ba:09:87:83:09:ff:83:86:ed:1e:77:e4:ed:b6:
14:fe:47:d2:29:4e:fa:05:d5:5f:94:f8:17:9a:ee:
44:84:e2:f3:79:bf:89:3c:ef:45:d7:bb:1a:50:dd:
b0:bd:2d:93:f8:24:7f:4c:1f:2f:10:57:43:14:5d:
5a:7c:4c:77:3b:85:4a:ba:cd:1d:46:34:86:21:f2:
a1:8f:b7:59:d0:f8:5a:89:c3:c2:a7:75:33:71:38:
30:b5:83:93:72:55:0e:99:92:9c:f9:5c:d8:72:82:
57:c0:e3:20:79:8c:4d:cb:bd:47:57:4a:09:bf:38:
ae:07:fe:ff:96:8c:66:3d:06:4a:a3:0c:6d:0e:53:
6b:72:f8:78:61:02:6e:5c:74:60:c5:d5:8d:e7:b3:
eb:00:ea:f6:7c:12:6c:d1:0f:4e:71:c8:2b:26:00:
68:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EE:52:0F:60:13:1D:8A:C1:20:CC:44:93:CD:AB:51:9D:E7:E5:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3e:29:fc:21:0c:ec:36:7f:66:63:f5:74:b8:c6:d6:99:5d:7d:
f8:cb:0d:2c:37:1a:d5:b3:aa:7c:40:5a:ed:d4:9b:a5:45:07:
32:61:8b:7a:fe:4d:7f:95:bd:33:13:c8:65:cd:eb:e9:bb:74:
dc:02:a7:7b:dd:f0:64:80:28:eb:d1:0f:cb:05:dd:7e:df:22:
34:2c:68:4e:98:98:23:a2:52:ad:00:77:99:de:66:80:05:1f:
f9:6b:d3:e7:6e:f3:b1:91:57:fc:0a:fc:90:d2:b7:2c:fa:dd:
03:f6:2f:72:6b:fa:4f:db:58:55:14:21:c2:38:3d:75:b7:b4:
e4:87:1d:79:4f:82:74:24:b5:d3:89:24:d7:d7:39:46:17:0a:
c7:58:4d:99:1b:30:d6:b1:58:b0:c7:b9:99:0d:38:6a:86:0b:
a4:db:bc:52:fe:a0:ea:e4:e1:53:00:39:2d:5a:ff:19:b5:df:
20:72:78:f5:92:f9:95:6a:6b:61:92:55:6d:f7:40:f7:ec:52:
b8:c1:5d:e8:4f:dc:29:78:a5:65:a4:ed:8f:e1:7d:34:6d:c5:
c8:5a:03:f4:cc:6a:63:c2:97:cd:e3:42:05:8b:71:49:9f:85:
0f:cd:08:26:8f:67:d4:23:b6:97:4a:82:4a:ff:8e:ba:68:17:
13:b4:32:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGbx5U/bph+qQE7CIO7q71IXpIswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMTZlZGYxZGIwY2Q2OTNhNjA3NjNkMmQ4ZDQ2OWNkNWU5ZjdjNTZiNTI5
OTc1NDhlMTkyMTIxZmQ0ODQ2ZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVdDW8P8LGIW7PG6Q7lAHWwjHhY1v5XldWV5kCjJcwd/apelVj6h4tR1IEc
Ok+vmiesCiVIQsXCXmIji2Z/B06GXcHei2tEZxHEqiJasySunVrScwzE9I47qLoJ
h4MJ/4OG7R535O22FP5H0ilO+gXVX5T4F5ruRITi83m/iTzvRde7GlDdsL0tk/gk
f0wfLxBXQxRdWnxMdzuFSrrNHUY0hiHyoY+3WdD4WonDwqd1M3E4MLWDk3JVDpmS
nPlc2HKCV8DjIHmMTcu9R1dKCb84rgf+/5aMZj0GSqMMbQ5Ta3L4eGECblx0YMXV
jeez6wDq9nwSbNEPTnHIKyYAaPUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQT7lIP
YBMdisEgzESTzatRneflMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y3NDJiOTEtZGVkNC00ZDhlLWJkMzYtMGIxODdmMjdmYjIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQA+KfwhDOw2f2Zj9XS4xtaZXX34yw0sNxrVs6p8QFrt
1JulRQcyYYt6/k1/lb0zE8hlzevpu3TcAqd73fBkgCjr0Q/LBd1+3yI0LGhOmJgj
olKtAHeZ3maABR/5a9PnbvOxkVf8CvyQ0rcs+t0D9i9ya/pP21hVFCHCOD11t7Tk
hx15T4J0JLXTiSTX1zlGFwrHWE2ZGzDWsViwx7mZDThqhguk27xS/qDq5OFTADkt
Wv8Ztd8gcnj1kvmVamthklVt90D37FK4wV3oT9wpeKVlpO2P4X00bcXIWgP0zGpj
wpfN40IFi3FJn4UPzQgmj2fUI7aXSoJK/466aBcTtDLb
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org