Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa
File: 9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa (raw, json)
Hash identifier: ZGXwew1+bqNYOh3TnwaUyuW5Zma6SlFAEumfLQRi+Iw=
Subject key identifier: 4A:7B:56:E3:83:7D:FA:AD:46:3E:9A:E5:10:96:A9:38:1D:46:C7:A6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F69C410E2393EDBB9C97BB15B9CCBF9256D9F22
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:69:c4:10:e2:39:3e:db:b9:c9:7b:b1:5b:9c:cb:f9:25:6d:9f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=60b85056662f3df9d4f3bc6507001ac738366697310d47e8f06ee68d063cc9a4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:72:a3:b6:32:98:eb:64:7e:3c:6b:2b:e8:ce:
b9:6d:0c:9a:a6:8f:de:22:6c:fa:5b:61:31:e0:d9:
4d:68:55:63:a8:e9:a7:dc:28:5e:95:03:bd:ef:45:
ab:70:ae:ab:69:86:df:d2:ff:a4:d1:3b:91:06:97:
80:52:83:6f:a4:05:7b:4e:62:cf:ca:01:71:18:63:
c6:5f:bc:64:29:82:72:97:01:42:9a:30:fb:87:65:
34:a1:3c:e7:69:e3:62:6d:6f:5d:c2:bf:92:b3:fc:
70:d3:d6:74:3d:d1:5a:20:60:f5:f2:8d:e4:52:88:
e4:f5:62:7c:98:e9:dc:d1:67:24:9d:fc:fa:4f:44:
b4:68:5d:61:04:e3:85:e6:c9:38:9e:04:11:5e:31:
65:77:87:c6:67:d6:99:3b:ba:c1:6f:3f:85:fb:ae:
5b:ed:ee:33:6b:23:ad:4a:00:64:97:b8:32:e5:31:
1a:42:3e:b1:fc:4a:5c:8e:6f:fb:69:c3:66:8a:c1:
4a:34:9d:86:5b:21:8e:27:3d:a2:db:d4:86:55:c2:
60:75:14:0d:a6:b3:ea:0e:f8:ec:cd:fc:bb:b5:7d:
06:61:30:96:31:bf:6d:8b:00:c8:8c:a2:c9:0e:df:
e8:7d:a8:e3:9c:e5:b0:d1:50:cd:6a:7e:e9:72:62:
07:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7B:56:E3:83:7D:FA:AD:46:3E:9A:E5:10:96:A9:38:1D:46:C7:A6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b4:da:9f:5e:8f:7f:7e:90:1e:0a:71:70:74:ff:70:de:9f:83:
d4:df:e5:dd:93:e0:eb:39:de:20:b6:5a:1c:d1:1b:21:01:38:
9b:ac:95:5a:7a:98:f1:b3:8b:d1:7f:ee:37:02:fe:c3:f6:f7:
6b:c7:ec:d3:bd:8d:03:29:a4:1c:c2:59:4c:35:2b:cd:da:ed:
e7:67:d7:87:9b:c9:2e:47:a3:f4:c1:6a:83:f7:2d:bf:36:2f:
6a:63:f4:66:5a:a5:6b:cf:95:d8:38:db:e1:c3:2f:bf:54:3f:
b2:93:a1:84:db:61:da:cd:ab:30:c9:bb:59:0a:d5:19:6d:58:
bb:08:a3:41:5c:a4:cd:6f:2f:af:38:6d:8a:96:33:7b:2e:a2:
26:4a:cc:7b:76:bc:95:47:23:8f:fa:aa:9d:68:1e:45:d5:0a:
01:dd:20:a1:3e:2c:de:63:92:2b:69:8f:bd:7b:0c:41:6c:ce:
f8:0e:22:79:a2:ab:1f:9c:0f:f1:eb:00:21:25:d6:1f:ac:bd:
c7:3f:da:db:bb:c6:02:de:c8:27:9d:20:9c:04:fc:88:db:00:
88:d9:72:07:4d:b7:ea:de:24:f7:66:d3:11:6d:e5:06:17:37:
19:47:86:d7:e1:b8:51:ed:84:77:c2:13:fc:5b:a6:92:c2:ff:
ad:04:67:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb2nEEOI5Ptu5yXuxW5zL+SVtnyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwYjg1MDU2NjYyZjNkZjlkNGYzYmM2NTA3MDAxYWM3MzgzNjY2OTczMTBk
NDdlOGYwNmVlNjhkMDYzY2M5YTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRyo7YymOtkfjxrK+jOuW0MmqaP3iJs+lthMeDZTWhVY6jpp9woXpUDve9F
q3Cuq2mG39L/pNE7kQaXgFKDb6QFe05iz8oBcRhjxl+8ZCmCcpcBQpow+4dlNKE8
52njYm1vXcK/krP8cNPWdD3RWiBg9fKN5FKI5PVifJjp3NFnJJ38+k9EtGhdYQTj
hebJOJ4EEV4xZXeHxmfWmTu6wW8/hfuuW+3uM2sjrUoAZJe4MuUxGkI+sfxKXI5v
+2nDZorBSjSdhlshjic9otvUhlXCYHUUDaaz6g747M38u7V9BmEwljG/bYsAyIyi
yQ7f6H2o45zlsNFQzWp+6XJiB20CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRKe1bj
g336rUY+muUQlqk4HUbHpjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWIzZTg0NzgtYTViNC00ZDNiLWI0M2ItOGQ2ZGFlZjM5MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtNqfXo9/fpAeCnFwdP9w3p+D1N/l3ZPg6zneILZa
HNEbIQE4m6yVWnqY8bOL0X/uNwL+w/b3a8fs072NAymkHMJZTDUrzdrt52fXh5vJ
Lkej9MFqg/ctvzYvamP0Zlqla8+V2Djb4cMvv1Q/spOhhNth2s2rMMm7WQrVGW1Y
uwijQVykzW8vrzhtipYzey6iJkrMe3a8lUcjj/qqnWgeRdUKAd0goT4s3mOSK2mP
vXsMQWzO+A4ieaKrH5wP8esAISXWH6y9xz/a27vGAt7IJ50gnAT8iNsAiNlyB023
6t4k92bTEW3lBhc3GUeG1+G4Ue2Ed8IT/FumksL/rQRn5Q==
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:10:10 2024 by rpki-client on console-fra.rpki-client.org