Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: vk0GuBCHfqpwO7AEcaciB7KZMb6J540zdeAoA6+spjY=
Subject key identifier: D8:AB:F9:0C:B0:70:ED:A8:E5:E3:25:30:70:E1:52:68:0F:0D:D0:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7663A09BFC226E06243906626DBB86191F6E563F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:63:a0:9b:fc:22:6e:06:24:39:06:62:6d:bb:86:19:1f:6e:56:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=701a62117f4639bd79fc0c9948025b12f4c0cd25b5b098a34f1b083b27f47bf1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:24:b7:1a:aa:c1:70:95:a0:ed:76:25:49:d1:
e9:78:08:1a:6f:01:b2:33:b1:d0:9f:ed:b4:93:02:
85:2e:90:9d:b7:1f:f7:a4:e5:a7:70:35:af:23:90:
39:1a:b7:29:ae:d4:81:08:07:54:89:68:20:e0:56:
26:09:05:d0:4a:7c:27:7f:d6:df:6d:4b:03:ff:ba:
0e:62:4f:9f:12:16:66:ca:2d:8b:f4:41:ce:03:37:
56:dd:10:41:e1:49:0b:f7:05:7a:dc:88:4a:e8:e3:
14:df:f5:4e:38:14:09:bc:d1:b2:98:c1:1e:35:b0:
af:09:67:2a:a2:0b:00:41:d6:b9:41:f5:1b:bd:37:
cd:08:99:ca:03:73:01:6c:b8:83:2c:ba:9f:3b:03:
1a:14:a1:4b:11:2e:2d:41:b9:f3:4c:51:35:5a:a8:
bd:b1:e2:4a:e4:0c:ae:9d:b1:28:e3:d4:78:9a:ff:
f7:15:95:d8:78:07:78:f9:0f:d6:1a:e0:49:e3:26:
59:8d:bb:d4:8f:ed:b2:6f:9e:d1:d6:4a:79:77:ee:
20:76:aa:0d:92:23:31:4d:51:a1:8f:c4:e8:ed:82:
bf:6f:54:94:c4:cd:73:27:8b:be:da:4a:be:ec:c3:
21:95:0b:6c:8a:24:b6:84:9e:71:5f:33:ca:f4:75:
83:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AB:F9:0C:B0:70:ED:A8:E5:E3:25:30:70:E1:52:68:0F:0D:D0:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2c:a4:54:b1:be:53:e7:24:53:c6:ef:2b:13:e7:99:7e:05:e3:
0b:c0:4d:97:da:85:0e:dc:76:c0:50:75:81:5a:a4:03:fd:c3:
89:6d:a1:1c:26:30:de:62:a0:f7:8f:de:16:b4:cb:fa:94:37:
76:23:95:75:22:fc:f7:a2:07:3d:d3:6e:ff:77:ec:ed:79:ee:
f0:06:af:9c:f6:e9:2f:17:d3:93:17:f9:5a:68:d1:79:b0:61:
ba:e0:15:0e:f4:30:37:f4:c6:07:1f:69:8b:90:d0:f8:e2:8c:
0e:92:ac:bf:58:ff:00:9e:ec:08:71:13:08:19:f3:a1:1b:89:
02:79:60:77:81:0e:7a:1d:72:eb:c6:9d:e4:31:5e:2c:0d:f8:
bd:e3:53:a3:f9:4a:6a:98:15:83:94:2c:46:a2:e2:fa:70:96:
6f:6c:3b:1d:ea:29:aa:6a:f5:35:18:38:88:48:06:10:88:8a:
c2:a4:dc:49:62:8a:86:f0:f7:43:72:09:3c:d2:7b:79:cf:5d:
fa:79:46:f6:65:d2:06:f3:fb:2b:d7:f5:06:09:04:fc:36:bc:
70:55:a2:79:08:06:ea:ec:73:d5:c3:62:a9:aa:a9:a1:e3:7c:
3d:12:be:89:99:1d:db:0c:c1:b5:74:f1:c6:48:79:94:f9:f4:
35:ba:d9:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdmOgm/wibgYkOQZibbuGGR9uVj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwMWE2MjExN2Y0NjM5YmQ3OWZjMGM5OTQ4MDI1YjEyZjRjMGNkMjViNWIw
OThhMzRmMWIwODNiMjdmNDdiZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkktxqqwXCVoO12JUnR6XgIGm8BsjOx0J/ttJMChS6Qnbcf96Tlp3A1ryOQ
ORq3Ka7UgQgHVIloIOBWJgkF0Ep8J3/W321LA/+6DmJPnxIWZsoti/RBzgM3Vt0Q
QeFJC/cFetyISujjFN/1TjgUCbzRspjBHjWwrwlnKqILAEHWuUH1G703zQiZygNz
AWy4gyy6nzsDGhShSxEuLUG580xRNVqovbHiSuQMrp2xKOPUeJr/9xWV2HgHePkP
1hrgSeMmWY271I/tsm+e0dZKeXfuIHaqDZIjMU1RoY/E6O2Cv29UlMTNcyeLvtpK
vuzDIZULbIoktoSecV8zyvR1g78CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTYq/kM
sHDtqOXjJTBw4VJoDw3QbTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQAspFSxvlPnJFPG7ysT55l+BeMLwE2X2oUO3HbAUHWB
WqQD/cOJbaEcJjDeYqD3j94WtMv6lDd2I5V1Ivz3ogc9027/d+ztee7wBq+c9ukv
F9OTF/laaNF5sGG64BUO9DA39MYHH2mLkND44owOkqy/WP8AnuwIcRMIGfOhG4kC
eWB3gQ56HXLrxp3kMV4sDfi941Oj+UpqmBWDlCxGouL6cJZvbDsd6imqavU1GDiI
SAYQiIrCpNxJYoqG8PdDcgk80nt5z136eUb2ZdIG8/sr1/UGCQT8NrxwVaJ5CAbq
7HPVw2Kpqqmh43w9Er6JmR3bDMG1dPHGSHmU+fQ1utnI
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:15 2024 by rpki-client on console-ams.rpki-client.org