Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: H/U9JWnNXstoaU9HxVpnuaEQx3kC7qvGTZlH0RQ9N+s=
Subject key identifier: BE:87:65:FA:4D:0B:C6:09:8C:48:03:7A:A5:19:8F:21:3C:E4:61:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D24251F3D1E0E1F5AF99CAB3917B6ED6CDBD875
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:24:25:1f:3d:1e:0e:1f:5a:f9:9c:ab:39:17:b6:ed:6c:db:d8:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=eb9e09cfddc7144a0bc53f22d12637c77dfd99f51503c956ac419bad98806ca2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:40:2e:d1:70:10:d1:89:65:61:92:61:bf:47:
3b:52:70:cf:94:fb:26:9d:79:0d:cf:2e:31:b1:b5:
3d:b4:af:da:4e:26:36:64:8b:c8:09:c5:2d:ba:e8:
ef:a3:60:56:c3:a1:41:39:c4:7c:ff:d8:f9:77:56:
79:05:32:7f:d0:5d:89:bf:b2:14:01:14:9d:71:95:
7e:f4:fa:16:84:47:4e:3e:1e:f0:b6:38:9f:cc:1f:
23:e0:fd:e5:e5:5c:c8:9a:0a:2f:d1:bd:0a:60:d2:
81:5a:0a:9f:e1:0e:51:15:0a:85:9b:11:60:11:7b:
33:4e:33:1a:f4:f5:84:4c:91:12:72:9c:c9:ec:3e:
71:63:03:44:e0:e8:2f:eb:8b:14:d8:8b:03:fc:5d:
25:78:cc:8c:27:f5:6c:39:45:cd:48:d1:a5:af:7a:
e7:df:ad:98:75:9d:ec:21:60:af:0c:de:c2:d7:08:
3f:5f:5c:12:ee:2f:e1:82:9c:e5:71:7a:00:44:d7:
61:19:20:91:de:99:36:ee:0c:fb:9e:0e:5f:8b:48:
99:92:f5:4e:67:94:06:2d:96:22:28:98:a9:b9:5b:
16:b8:83:a7:94:de:1e:ff:1f:1a:eb:66:9a:27:07:
74:d0:99:24:22:fc:53:3a:e9:d7:20:8f:31:7b:23:
4b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:87:65:FA:4D:0B:C6:09:8C:48:03:7A:A5:19:8F:21:3C:E4:61:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:21:d0:56:e3:06:0a:70:25:37:8f:a9:5a:ea:6a:4f:c1:d2:
90:e6:f2:31:95:76:c5:5d:d7:9a:a5:e3:e4:b0:7d:5f:03:1d:
35:77:38:21:81:54:7a:a8:07:04:f6:1c:a2:a2:85:bc:65:e4:
bc:d3:43:4c:a0:71:eb:aa:f5:61:79:bc:25:b5:0e:4e:26:9d:
85:4f:16:ca:7b:1c:a6:24:63:b1:2f:bc:3a:28:4c:45:ea:48:
cc:7e:89:44:17:27:98:79:94:40:a2:38:d8:7c:4e:99:c8:b3:
f4:8b:db:c6:f3:30:98:f9:81:2d:27:75:40:e1:ff:c1:fd:f4:
37:5a:75:71:9d:c9:74:4a:06:e2:99:51:6e:ee:b4:2d:e8:b4:
2a:80:00:40:89:b4:e9:bf:3d:71:ae:f8:d6:8b:fe:a1:49:80:
28:4a:4b:45:8c:ef:49:d1:8b:c5:9a:a0:34:75:bf:8e:d3:e1:
16:48:d8:c0:cf:68:ba:3c:73:de:f5:4a:04:e3:e7:a7:fd:14:
28:87:53:f1:bb:b9:08:64:28:3c:cd:25:f9:91:6c:20:42:1a:
c7:d5:6a:4f:ff:c6:05:c0:5a:cc:b0:78:3d:77:e3:b1:7b:66:
71:ca:b8:ab:e1:df:b0:d9:35:6b:45:07:b9:b0:0b:b8:f1:4f:
69:8e:d3:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfSQlHz0eDh9a+ZyrORe27Wzb2HUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViOWUwOWNmZGRjNzE0NGEwYmM1M2YyMmQxMjYzN2M3N2RmZDk5ZjUxNTAz
Yzk1NmFjNDE5YmFkOTg4MDZjYTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhALtFwENGJZWGSYb9HO1Jwz5T7Jp15Dc8uMbG1PbSv2k4mNmSLyAnFLbro
76NgVsOhQTnEfP/Y+XdWeQUyf9Bdib+yFAEUnXGVfvT6FoRHTj4e8LY4n8wfI+D9
5eVcyJoKL9G9CmDSgVoKn+EOURUKhZsRYBF7M04zGvT1hEyREnKcyew+cWMDRODo
L+uLFNiLA/xdJXjMjCf1bDlFzUjRpa9659+tmHWd7CFgrwzewtcIP19cEu4v4YKc
5XF6AETXYRkgkd6ZNu4M+54OX4tImZL1TmeUBi2WIiiYqblbFriDp5TeHv8fGutm
micHdNCZJCL8Uzrp1yCPMXsjSwMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+h2X6
TQvGCYxIA3qlGY8hPORhMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBiIdBW4wYKcCU3j6la6mpPwdKQ5vIxlXbFXdeapePk
sH1fAx01dzghgVR6qAcE9hyiooW8ZeS800NMoHHrqvVhebwltQ5OJp2FTxbKexym
JGOxL7w6KExF6kjMfolEFyeYeZRAojjYfE6ZyLP0i9vG8zCY+YEtJ3VA4f/B/fQ3
WnVxncl0SgbimVFu7rQt6LQqgABAibTpvz1xrvjWi/6hSYAoSktFjO9J0YvFmqA0
db+O0+EWSNjAz2i6PHPe9UoE4+en/RQoh1Pxu7kIZCg8zSX5kWwgQhrH1WpP/8YF
wFrMsHg9d+Oxe2Zxyrir4d+w2TVrRQe5sAu48U9pjtNO
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org