Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: QDtLqykPGts6/kiUaKuQDDeV7E0+nfEpitAZeBMWSfk=
Subject key identifier: 69:B9:CA:F4:B0:31:5F:98:77:ED:93:6E:84:88:FB:55:97:E7:0F:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5487ADE289F3CAFF92EC19E2AD776B3FA222F193
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:87:ad:e2:89:f3:ca:ff:92:ec:19:e2:ad:77:6b:3f:a2:22:f1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=1099e2eb33f4de5e959e6c5b15cd9773383e2c7c99204d5818d5cf141faf4b30, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ea:47:bd:ac:46:48:f1:d5:88:b4:58:99:df:
fe:e7:a5:e1:5a:50:bb:43:b6:f0:fb:f7:f5:80:eb:
ba:4c:bb:0d:6a:58:47:d6:72:3c:39:e9:44:51:60:
11:5d:3c:0d:d8:2a:e4:d6:2f:a3:46:4a:b7:c5:0a:
e0:48:47:cf:78:25:1c:5f:01:30:98:77:75:89:5e:
0b:96:65:8c:49:1b:a2:3e:af:ff:4f:60:b7:c6:47:
7a:ce:cc:18:15:87:f1:63:e3:23:76:c1:bb:13:3b:
70:1a:4f:6d:dd:4c:c8:94:24:56:5a:70:d0:4a:1c:
19:98:af:66:9b:7f:d4:22:11:90:37:9a:97:a1:a7:
76:4a:ba:10:f9:d7:82:9d:91:b5:76:9a:c7:c6:82:
20:81:6e:59:eb:3f:0b:08:1e:57:a2:6b:d1:07:aa:
53:61:48:c4:ee:16:46:04:53:81:bb:d3:12:25:69:
c9:e2:42:6b:79:72:5b:72:c4:ce:ea:8a:c5:71:18:
a4:a0:47:08:2b:f5:aa:56:05:1f:d8:d0:1c:10:39:
23:c9:9f:ec:0b:99:1c:c4:a1:7b:d1:25:3c:2d:8f:
2d:48:df:10:ee:d9:87:80:b6:3b:52:05:d2:0a:45:
96:62:57:e8:09:ba:92:af:d6:6a:28:a0:f0:d9:b3:
1e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B9:CA:F4:B0:31:5F:98:77:ED:93:6E:84:88:FB:55:97:E7:0F:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:1d:57:94:73:a6:7c:02:11:4f:33:02:27:fe:5a:0b:0d:d8:
f2:e7:ac:fb:c9:a5:44:c0:0a:cf:19:33:df:e0:00:80:92:08:
e4:b1:d1:d5:b2:d5:ad:b1:6c:af:f9:8f:b0:2b:8b:ee:e7:c8:
b4:b0:99:0f:22:4e:d3:74:18:97:73:83:66:e8:6b:e5:c3:52:
1b:95:7d:b7:d4:18:b4:a4:81:86:3d:d7:bd:e0:a1:6f:9e:65:
03:d5:9b:3c:55:1f:0c:c1:a9:dc:91:4f:6e:74:17:b9:52:dd:
ea:19:4b:2a:d0:6b:a3:23:31:60:94:af:9f:8d:8e:df:b6:1f:
d1:da:87:a8:0c:f7:ed:92:1a:90:33:7e:c9:38:16:3e:45:ed:
66:22:14:ee:fa:6b:5b:d2:12:3c:df:44:7f:4e:cb:f7:fa:ed:
ce:7e:be:54:e3:53:42:8f:43:69:ee:27:3e:51:94:5d:a2:74:
0f:53:dc:c2:aa:24:93:c2:46:14:c9:92:8b:a3:d0:2e:94:c4:
f2:e6:4a:2e:75:a5:0a:f2:36:6f:f5:03:d3:12:96:93:ea:0e:
f3:5c:a8:a7:ed:15:7f:a9:77:c8:6e:01:66:79:89:36:c5:42:
ed:80:35:28:85:61:b9:23:4c:ef:5a:a5:2f:96:3a:bb:54:0c:
c4:30:a2:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVIet4onzyv+S7BnirXdrP6Ii8ZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwOTllMmViMzNmNGRlNWU5NTllNmM1YjE1Y2Q5NzczMzgzZTJjN2M5OTIw
NGQ1ODE4ZDVjZjE0MWZhZjRiMzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXqR72sRkjx1Yi0WJnf/uel4VpQu0O28Pv39YDruky7DWpYR9ZyPDnpRFFg
EV08Ddgq5NYvo0ZKt8UK4EhHz3glHF8BMJh3dYleC5ZljEkboj6v/09gt8ZHes7M
GBWH8WPjI3bBuxM7cBpPbd1MyJQkVlpw0EocGZivZpt/1CIRkDeal6Gndkq6EPnX
gp2RtXaax8aCIIFuWes/CwgeV6Jr0QeqU2FIxO4WRgRTgbvTEiVpyeJCa3lyW3LE
zuqKxXEYpKBHCCv1qlYFH9jQHBA5I8mf7AuZHMShe9ElPC2PLUjfEO7Zh4C2O1IF
0gpFlmJX6Am6kq/Waiig8NmzHkMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRpucr0
sDFfmHftk26EiPtVl+cPojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQCeHVeUc6Z8AhFPMwIn/loLDdjy56z7yaVEwArPGTPf
4ACAkgjksdHVstWtsWyv+Y+wK4vu58i0sJkPIk7TdBiXc4Nm6Gvlw1IblX231Bi0
pIGGPde94KFvnmUD1Zs8VR8MwanckU9udBe5Ut3qGUsq0GujIzFglK+fjY7fth/R
2oeoDPftkhqQM37JOBY+Re1mIhTu+mtb0hI830R/Tsv3+u3Ofr5U41NCj0Np7ic+
UZRdonQPU9zCqiSTwkYUyZKLo9AulMTy5koudaUK8jZv9QPTEpaT6g7zXKin7RV/
qXfIbgFmeYk2xULtgDUohWG5I0zvWqUvljq7VAzEMKJH
-----END CERTIFICATE-----
Generated at Thu Apr 25 20:25:59 2024 by rpki-client on console-fra.rpki-client.org