Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: HuZVpvQk32Ck+imzxqcGmyPnpcLTz0CCQee8tgML/2A=
Subject key identifier: 9E:A6:52:D4:0D:52:61:4C:8C:96:B8:13:51:9B:4D:C9:BA:1B:DB:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0148022149CB012964E363E748952707BB48A90F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Fri 29 Mar 2024 00:00:00 +0000
ROA not before: Fri 29 Mar 2024 00:00:00 +0000
ROA not after: Fri 03 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:48:02:21:49:cb:01:29:64:e3:63:e7:48:95:27:07:bb:48:a9:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : May 3 23:59:59 2024 GMT
Subject: serialNumber=f9e98f5297c7c6c2bcc8d15fc7de2c160cba8ddeed983cae5f76e418c82440d7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:62:b2:84:4d:4b:a0:18:7c:96:8e:86:32:e1:
52:71:a1:f6:a9:43:f6:98:77:c1:76:41:ef:59:bb:
d2:61:3f:49:aa:dc:45:dc:75:02:a1:25:ea:c4:27:
fc:f3:c9:7a:f7:25:4d:d4:e1:1a:c0:99:0f:f1:00:
66:1a:a4:19:10:60:71:c1:73:84:03:2b:79:10:b9:
54:85:b4:ff:35:de:a8:6e:e1:87:1d:0b:f3:9f:c1:
a9:a7:6e:ae:99:54:f7:31:70:68:c0:1f:45:82:e1:
6b:38:6e:f2:f3:e8:95:af:69:5f:ab:e8:ff:d1:e4:
ae:d2:15:ca:94:53:a4:54:a4:72:15:59:84:b0:6d:
5b:85:8a:c6:33:f8:ee:4f:b1:07:11:41:45:e6:a8:
47:09:51:57:9d:49:9b:3c:f2:9e:32:25:3b:56:c7:
a5:5e:ee:71:0c:07:9f:b9:a0:0f:34:47:81:36:eb:
14:d8:a2:6d:b4:2c:c0:10:ba:c3:76:c2:e8:80:ca:
c0:72:9d:b9:c3:f9:c6:97:57:4a:ca:7a:47:9d:c9:
01:e1:5a:c7:30:f9:71:59:e0:ca:df:98:ba:f3:e3:
a1:4f:71:61:12:0c:5d:97:70:ff:e7:1a:ff:e1:82:
9a:8f:35:9e:95:28:c3:08:48:a9:a7:5e:08:b5:ec:
64:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A6:52:D4:0D:52:61:4C:8C:96:B8:13:51:9B:4D:C9:BA:1B:DB:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:c9:d1:e6:dc:74:89:62:9c:da:22:e4:83:67:ab:09:c2:f7:
d9:42:0f:cc:52:02:94:88:19:01:9f:1b:a6:54:f1:d8:8f:7b:
4e:9e:a4:33:a0:5c:da:8b:a8:3d:f5:e7:31:b9:b7:6d:61:09:
01:b2:a3:43:4e:5f:59:58:b6:7e:62:98:45:42:d3:22:a8:14:
2e:f1:c0:79:56:8a:0c:40:73:3c:a0:af:45:81:33:ff:55:fe:
53:19:e5:40:2d:62:ee:34:dc:9c:c3:f3:45:6c:e8:d4:12:43:
cc:c0:c0:6b:60:69:4b:4a:c2:41:72:d9:85:39:ba:ee:ed:f5:
22:a3:1c:81:9e:de:94:f4:6f:ca:87:7c:0a:d0:6c:f2:da:cd:
cd:41:4f:20:5a:40:f0:b3:02:22:5d:ff:dd:d9:7d:c3:43:46:
b9:44:aa:43:2a:b9:4c:2e:8c:eb:95:87:ff:d8:73:d2:61:49:
e1:a5:69:01:dc:fd:62:b8:e8:04:84:21:87:72:bf:58:f1:62:
e1:5b:fb:9c:33:86:04:9d:2d:0f:ff:8a:dc:55:24:79:5c:14:
4e:83:fe:5a:79:f2:92:d8:8f:a9:10:ea:04:ca:5c:6a:b0:65:
53:99:70:cd:ac:59:ee:3d:a6:44:48:b5:39:a2:18:42:01:cc:
ce:64:81:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAUgCIUnLASlk42PnSJUnB7tIqQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjkwMDAwMDBaFw0yNDA1MDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ZTk4ZjUyOTdjN2M2YzJiY2M4ZDE1ZmM3ZGUyYzE2MGNiYThkZGVlZDk4
M2NhZTVmNzZlNDE4YzgyNDQwZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtisoRNS6AYfJaOhjLhUnGh9qlD9ph3wXZB71m70mE/SarcRdx1AqEl6sQn
/PPJevclTdThGsCZD/EAZhqkGRBgccFzhAMreRC5VIW0/zXeqG7hhx0L85/Bqadu
rplU9zFwaMAfRYLhazhu8vPola9pX6vo/9HkrtIVypRTpFSkchVZhLBtW4WKxjP4
7k+xBxFBReaoRwlRV51JmzzynjIlO1bHpV7ucQwHn7mgDzRHgTbrFNiibbQswBC6
w3bC6IDKwHKducP5xpdXSsp6R53JAeFaxzD5cVngyt+YuvPjoU9xYRIMXZdw/+ca
/+GCmo81npUowwhIqadeCLXsZDkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSeplLU
DVJhTIyWuBNRm03Juhvb5DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCJydHm3HSJYpzaIuSDZ6sJwvfZQg/MUgKUiBkBnxum
VPHYj3tOnqQzoFzai6g99ecxubdtYQkBsqNDTl9ZWLZ+YphFQtMiqBQu8cB5VooM
QHM8oK9FgTP/Vf5TGeVALWLuNNycw/NFbOjUEkPMwMBrYGlLSsJBctmFObru7fUi
oxyBnt6U9G/Kh3wK0Gzy2s3NQU8gWkDwswIiXf/d2X3DQ0a5RKpDKrlMLozrlYf/
2HPSYUnhpWkB3P1iuOgEhCGHcr9Y8WLhW/ucM4YEnS0P/4rcVSR5XBROg/5aefKS
2I+pEOoEylxqsGVTmXDNrFnuPaZESLU5ohhCAczOZIEH
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org