Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
File: 8d1cb951-0a3b-460a-9669-128180570058.roa (raw, json)
Hash identifier: OKUxI4oTD8Jb3+RYwGsbO3tDcOBDwbGM2yhktJF3ydo=
Subject key identifier: F0:74:B8:6B:B2:5D:4B:B8:83:67:3E:A3:4F:F5:E9:88:02:5A:DD:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70253B70ED6D497D76EEB8CB679419A73193A32C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:25:3b:70:ed:6d:49:7d:76:ee:b8:cb:67:94:19:a7:31:93:a3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=ef3213a3c43f6679654f98016444f2ac272c58d9e92c4a8600ff9259e8608465, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:68:99:f9:87:e9:ef:2e:3f:09:8b:14:b0:71:
d6:50:88:0d:b0:ad:b1:aa:3b:d4:98:2a:f0:2b:8a:
31:17:0b:71:03:e3:2e:06:1f:13:b8:f8:33:fe:07:
e6:55:cf:03:8e:d0:87:b1:98:4e:a1:ef:0b:79:bf:
7e:fd:33:61:cc:b4:8f:e7:3a:c1:e2:69:41:d6:94:
cb:7d:8e:44:be:30:f5:f6:a7:24:28:b8:0a:7a:be:
29:ce:54:23:27:c8:3b:54:f9:71:28:cf:ff:96:74:
c7:7c:34:37:f2:d9:9e:b2:44:a4:59:8f:39:c1:07:
39:80:c5:7e:43:ec:c4:f5:f5:86:e2:da:e0:93:ea:
cb:49:98:04:d1:5b:70:14:27:bd:f2:dc:9b:f5:83:
28:20:b7:1b:1a:02:7c:51:d9:25:c9:1c:b7:55:a7:
47:a3:73:07:30:58:9b:4c:45:da:99:96:b6:13:de:
b7:9c:d2:ab:68:e7:63:1c:33:56:e6:ca:06:33:1e:
b3:7a:02:fd:0e:d0:fe:46:8f:56:4b:04:4d:5d:64:
ad:a4:92:9f:e6:e3:8e:80:8e:98:b0:b0:29:da:4e:
7a:c0:fd:94:7c:b9:ab:dd:df:ff:09:10:de:92:73:
35:20:41:4b:54:f0:c9:e2:26:e7:47:15:cf:6a:c3:
14:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:74:B8:6B:B2:5D:4B:B8:83:67:3E:A3:4F:F5:E9:88:02:5A:DD:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
88:e9:f9:61:e5:42:14:4a:7c:f8:9a:9c:73:ae:0c:f7:27:40:
21:74:dc:7a:eb:94:ad:de:03:58:18:9b:05:47:e8:7d:bc:d2:
0d:2d:2e:3b:1c:d9:02:5c:75:30:30:20:5a:01:7a:af:e0:c1:
cf:75:58:be:b5:23:75:82:6e:02:8f:74:4f:0c:32:1e:3a:a4:
6f:f8:97:45:e8:93:cf:cf:2d:d8:0c:09:a6:51:4a:90:5a:88:
d8:e4:5b:b4:ae:39:7f:19:e0:08:df:97:9d:db:1c:9e:fc:45:
e0:78:82:33:48:f6:8b:2e:b2:d9:67:ac:4b:c6:a7:70:df:28:
7f:96:82:57:ad:e1:db:4e:9f:45:e1:16:c1:b1:05:2d:09:a9:
22:23:1d:eb:73:1b:56:23:c2:5b:3e:2f:40:ee:41:f3:bf:ef:
00:89:54:e1:a9:e8:f9:c6:8b:05:88:5b:0a:8e:bf:08:4b:5e:
ba:42:52:20:67:39:75:7d:2f:96:d7:10:d4:df:94:64:81:2d:
41:e7:1a:74:9b:c2:08:7e:71:60:fc:ca:4a:f8:f3:f8:fd:53:
2b:59:31:d5:45:40:29:88:16:20:47:41:58:b7:df:08:5d:dc:
20:81:58:2c:1d:f9:a6:ad:5e:2d:42:95:8d:1f:d9:9b:e4:52:
e2:5d:5e:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcCU7cO1tSX127rjLZ5QZpzGToywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMzIxM2EzYzQzZjY2Nzk2NTRmOTgwMTY0NDRmMmFjMjcyYzU4ZDllOTJj
NGE4NjAwZmY5MjU5ZTg2MDg0NjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRomfmH6e8uPwmLFLBx1lCIDbCtsao71Jgq8CuKMRcLcQPjLgYfE7j4M/4H
5lXPA47Qh7GYTqHvC3m/fv0zYcy0j+c6weJpQdaUy32ORL4w9fanJCi4Cnq+Kc5U
IyfIO1T5cSjP/5Z0x3w0N/LZnrJEpFmPOcEHOYDFfkPsxPX1huLa4JPqy0mYBNFb
cBQnvfLcm/WDKCC3GxoCfFHZJckct1WnR6NzBzBYm0xF2pmWthPet5zSq2jnYxwz
VubKBjMes3oC/Q7Q/kaPVksETV1kraSSn+bjjoCOmLCwKdpOesD9lHy5q93f/wkQ
3pJzNSBBS1TwyeIm50cVz2rDFC8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwdLhr
sl1LuINnPqNP9emIAlrdfTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQxY2I5NTEtMGEzYi00NjBhLTk2NjktMTI4MTgwNTcwMDU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQCI6flh5UIUSnz4mpxzrgz3J0AhdNx665St3gNYGJsF
R+h9vNINLS47HNkCXHUwMCBaAXqv4MHPdVi+tSN1gm4Cj3RPDDIeOqRv+JdF6JPP
zy3YDAmmUUqQWojY5Fu0rjl/GeAI35ed2xye/EXgeIIzSPaLLrLZZ6xLxqdw3yh/
loJXreHbTp9F4RbBsQUtCakiIx3rcxtWI8JbPi9A7kHzv+8AiVThqej5xosFiFsK
jr8IS166QlIgZzl1fS+W1xDU35RkgS1B5xp0m8IIfnFg/MpK+PP4/VMrWTHVRUAp
iBYgR0FYt98IXdwggVgsHfmmrV4tQpWNH9mb5FLiXV44
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org