Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
File: 8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa (raw, json)
Hash identifier: V8GA3yYwr3NJ6o4oCd9dI2AkelwmzPoC2Hq9nrWRd1k=
Subject key identifier: 20:ED:FA:53:22:10:4C:6B:BF:FA:5E:AD:24:DE:76:5A:AB:CF:1C:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2BB6DD3D3FFED788C8029B51624A6A087D0A3CED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:b6:dd:3d:3f:fe:d7:88:c8:02:9b:51:62:4a:6a:08:7d:0a:3c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=9a6845e1db78b56ff90c256461c3f2e9b97bb5bef012f91fe6ee135135f2ab26, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:65:2d:50:53:74:44:13:d8:8e:ec:83:ae:eb:
6c:2b:9b:66:63:ed:d6:d5:2e:c0:e4:d7:45:d0:ee:
20:fb:4a:79:22:90:1d:b2:bb:fb:c4:7b:dc:6b:83:
25:0a:c2:a8:9f:41:7d:ed:0d:bc:1f:ae:9c:58:fb:
b7:4b:27:5d:ba:dd:e1:32:b8:cc:4c:64:ae:a3:91:
4b:f2:f2:51:37:af:0e:5f:53:ed:cc:8d:46:c6:13:
66:55:4c:6f:33:3f:a5:69:b6:82:fd:9e:99:b5:5b:
ec:4c:47:55:2d:80:f6:99:d1:30:60:04:f7:0a:30:
7f:bc:af:6b:6e:52:29:cd:82:f0:c6:05:39:ea:da:
bd:64:2a:33:c1:4c:db:a5:74:e9:a4:28:7b:8e:8d:
bf:2c:e0:64:4e:dd:d1:3f:e8:31:8a:1b:f6:45:73:
c7:98:f6:88:be:55:3b:60:59:ea:0b:45:b8:a5:d2:
6b:29:c4:5b:2a:82:99:b4:78:a1:57:cb:4f:f4:c7:
31:ab:42:b6:42:98:8f:b4:26:9f:35:df:2b:35:2b:
82:bd:25:bd:eb:58:63:2f:c8:7e:7c:ee:44:dc:f3:
5a:85:55:ec:54:85:0d:d7:f1:ab:80:f3:75:17:47:
6f:75:08:73:83:a2:eb:58:f2:f8:98:5c:4c:50:a9:
dd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:ED:FA:53:22:10:4C:6B:BF:FA:5E:AD:24:DE:76:5A:AB:CF:1C:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a2d5f28-0fcb-419c-a873-3933dd3409d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
47:5e:d6:5f:b2:fc:51:4a:09:a3:b6:16:aa:e3:f3:fd:9c:4c:
13:df:da:14:9d:4d:4e:ab:4b:77:c7:cd:21:f4:49:8b:53:d6:
cc:66:ed:4c:31:12:e6:27:f7:e3:c8:e4:65:11:46:be:6d:ec:
f3:f0:7e:4d:f9:70:6b:bf:37:a5:df:81:19:3e:46:ad:12:41:
01:87:41:38:0c:20:f6:61:90:f4:d5:50:34:23:ea:94:30:65:
09:4b:a7:b8:13:d1:e8:4a:33:9e:e1:15:3f:bb:00:b8:26:04:
63:44:82:79:78:de:d2:04:15:51:61:f3:12:cc:c0:c8:3c:0d:
37:47:1e:ab:a1:46:42:ca:5b:5c:38:20:16:f1:b7:77:73:d6:
86:87:73:47:2c:37:79:58:12:60:6b:2f:6e:b3:d3:f7:da:8d:
94:ed:0d:ea:72:22:4a:73:ee:d0:43:a2:65:9c:af:2b:a1:c5:
d3:6b:bc:68:9d:21:54:e9:77:2e:79:81:19:79:6c:97:2f:f1:
bd:20:b9:f6:51:7d:d1:6b:a6:e1:d4:93:7b:00:8c:bc:61:70:
24:9f:6d:7c:4d:cf:f1:e8:35:33:56:65:c3:13:fc:df:3b:2c:
fb:f4:bc:86:90:19:32:b3:a9:03:1d:8f:ab:96:22:fa:bc:c1:
8a:47:d5:2c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK7bdPT/+14jIAptRYkpqCH0KPO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNjg0NWUxZGI3OGI1NmZmOTBjMjU2NDYxYzNmMmU5Yjk3YmI1YmVmMDEy
ZjkxZmU2ZWUxMzUxMzVmMmFiMjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1lLVBTdEQT2I7sg67rbCubZmPt1tUuwOTXRdDuIPtKeSKQHbK7+8R73GuD
JQrCqJ9Bfe0NvB+unFj7t0snXbrd4TK4zExkrqORS/LyUTevDl9T7cyNRsYTZlVM
bzM/pWm2gv2embVb7ExHVS2A9pnRMGAE9wowf7yva25SKc2C8MYFOeravWQqM8FM
26V06aQoe46NvyzgZE7d0T/oMYob9kVzx5j2iL5VO2BZ6gtFuKXSaynEWyqCmbR4
oVfLT/THMatCtkKYj7QmnzXfKzUrgr0lvetYYy/IfnzuRNzzWoVV7FSFDdfxq4Dz
dRdHb3UIc4Oi61jy+JhcTFCp3Y8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQg7fpT
IhBMa7/6Xq0k3nZaq88c8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGEyZDVmMjgtMGZjYi00MTljLWE4NzMtMzkzM2RkMzQwOWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBHXtZfsvxRSgmjthaq4/P9nEwT39oUnU1Oq0t3x80h
9EmLU9bMZu1MMRLmJ/fjyORlEUa+bezz8H5N+XBrvzel34EZPkatEkEBh0E4DCD2
YZD01VA0I+qUMGUJS6e4E9HoSjOe4RU/uwC4JgRjRIJ5eN7SBBVRYfMSzMDIPA03
Rx6roUZCyltcOCAW8bd3c9aGh3NHLDd5WBJgay9us9P32o2U7Q3qciJKc+7QQ6Jl
nK8rocXTa7xonSFU6XcueYEZeWyXL/G9ILn2UX3Ra6bh1JN7AIy8YXAkn218Tc/x
6DUzVmXDE/zfOyz79LyGkBkys6kDHY+rliL6vMGKR9Us
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org