Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
File: 89aac802-59d0-4631-a004-2a1c6311b27f.roa (raw, json)
Hash identifier: gyBify6Is61MNYg+xlVyB0KLLpSVXw1+Y3FUOzV6eKU=
Subject key identifier: 6B:A7:01:3F:CF:C3:B0:62:08:2A:5F:16:5E:06:B0:95:F8:CB:D1:92
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D4F57FACAA04982AE1C81A8D320CE2245175479
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Mar 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:4f:57:fa:ca:a0:49:82:ae:1c:81:a8:d3:20:ce:22:45:17:54:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=70012cb79af32993f3d70fe3246a84fbe761e1903f9974f18c2d271cd50abc4c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:5b:07:2f:cd:7c:1b:d2:76:70:c4:61:dd:
4e:2d:0b:7f:1f:19:1b:73:13:06:7a:5c:e0:70:f4:
0c:dc:38:52:69:ad:36:fa:77:38:66:1f:dc:cb:1f:
08:43:30:a0:6c:d0:eb:13:44:2d:9e:1f:58:89:55:
8c:1c:53:a5:24:95:8c:e7:d8:b4:d7:00:76:92:2e:
25:23:9a:ac:c4:c1:9c:0c:54:7b:31:b7:84:57:7f:
f6:66:8b:30:81:7a:76:97:a6:9a:6a:c2:ac:88:3b:
c9:81:62:7c:ed:9b:b6:de:9f:88:60:fa:7d:29:79:
45:82:ac:76:bd:a4:89:37:ea:79:23:79:ed:5d:e5:
1d:0a:c2:42:44:a7:a6:7a:47:af:c6:e9:f5:43:17:
73:69:ce:c7:93:49:47:ed:81:71:b9:26:db:92:8e:
26:99:cc:3b:9c:d9:b8:7c:68:d0:2b:1a:27:8f:3a:
2d:3d:09:48:5f:3e:82:be:17:47:7a:20:07:25:84:
e3:4f:7b:16:95:71:07:2c:9f:ab:95:c9:30:ee:de:
6c:35:ea:a5:a5:21:de:df:c1:c6:54:ed:33:40:4f:
e9:ee:fe:54:83:fc:c5:1d:01:62:9c:55:88:3d:1a:
ee:57:bd:a2:e5:bd:26:f6:42:9a:ea:5c:6b:01:c0:
be:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A7:01:3F:CF:C3:B0:62:08:2A:5F:16:5E:06:B0:95:F8:CB:D1:92
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
50:3f:78:9a:b5:43:c1:15:51:7c:87:e9:2e:31:46:5c:aa:05:
d2:f7:5a:c7:4b:90:0e:12:ca:f7:7e:b2:86:13:44:32:ba:66:
94:76:0f:99:fa:b6:d0:70:14:87:6a:d1:ea:b8:ed:98:19:a3:
c2:00:06:fd:02:49:ee:12:52:1f:84:b6:b7:9d:42:25:fc:33:
a5:c7:92:a1:f4:db:38:c0:02:02:0e:08:db:73:ca:f0:26:95:
5b:12:fa:e6:a9:4e:61:58:da:a9:5f:bc:f2:7e:82:ee:42:14:
fe:c9:6f:5d:76:d6:22:7b:35:b2:e8:c9:e2:4e:c2:ba:5b:47:
3b:cc:77:bd:9b:9e:9c:fc:03:90:a4:eb:f4:e4:5d:2a:b0:4b:
d4:95:3f:ae:73:40:d0:e0:af:10:87:a0:d0:34:54:32:19:42:
6b:8b:a5:d4:e2:98:db:e5:bb:cb:42:9e:73:f2:3d:9e:72:3b:
ef:9c:20:d8:70:6f:c8:14:2f:e7:9f:86:6f:b1:bf:0e:2c:56:
e4:0b:93:b9:ee:c8:dc:92:5c:7a:ce:32:32:59:10:3b:a9:21:
75:b5:25:80:3d:31:c9:21:17:70:8b:e7:88:93:de:f9:0b:e8:
81:6d:a7:6e:67:44:95:4d:34:cf:04:62:63:7d:e8:4d:ab:26:
a6:06:1c:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULU9X+sqgSYKuHIGo0yDOIkUXVHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwMDEyY2I3OWFmMzI5OTNmM2Q3MGZlMzI0NmE4NGZiZTc2MWUxOTAzZjk5
NzRmMThjMmQyNzFjZDUwYWJjNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAeWwcvzXwb0nZwxGHdTi0Lfx8ZG3MTBnpc4HD0DNw4UmmtNvp3OGYf3Msf
CEMwoGzQ6xNELZ4fWIlVjBxTpSSVjOfYtNcAdpIuJSOarMTBnAxUezG3hFd/9maL
MIF6dpemmmrCrIg7yYFifO2btt6fiGD6fSl5RYKsdr2kiTfqeSN57V3lHQrCQkSn
pnpHr8bp9UMXc2nOx5NJR+2Bcbkm25KOJpnMO5zZuHxo0CsaJ486LT0JSF8+gr4X
R3ogByWE4097FpVxByyfq5XJMO7ebDXqpaUh3t/BxlTtM0BP6e7+VIP8xR0BYpxV
iD0a7le9ouW9JvZCmupcawHAvjcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRrpwE/
z8OwYggqXxZeBrCV+MvRkjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODlhYWM4MDItNTlkMC00NjMxLWEwMDQtMmExYzYzMTFiMjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQBQP3iatUPBFVF8h+kuMUZcqgXS91rHS5AOEsr3frKG
E0QyumaUdg+Z+rbQcBSHatHquO2YGaPCAAb9AknuElIfhLa3nUIl/DOlx5Kh9Ns4
wAICDgjbc8rwJpVbEvrmqU5hWNqpX7zyfoLuQhT+yW9ddtYiezWy6MniTsK6W0c7
zHe9m56c/AOQpOv05F0qsEvUlT+uc0DQ4K8Qh6DQNFQyGUJri6XU4pjb5bvLQp5z
8j2ecjvvnCDYcG/IFC/nn4Zvsb8OLFbkC5O57sjcklx6zjIyWRA7qSF1tSWAPTHJ
IRdwi+eIk975C+iBbaduZ0SVTTTPBGJjfehNqyamBhye
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:24 2024 by rpki-client on console-fra.rpki-client.org