Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
File: bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa (raw, json)
Hash identifier: WNzEtCedlnLyWZBKoKjKEplmfuDHpcVWk0PynVRQ1Io=
Subject key identifier: D7:2A:95:9C:A8:F3:22:60:92:DB:E0:06:B5:12:8D:06:C1:23:45:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F8F6403ED0E62C1D4E46236613A6548823B05CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:8f:64:03:ed:0e:62:c1:d4:e4:62:36:61:3a:65:48:82:3b:05:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=69eb00dc5b2e436b78d787e388fb99e650d3f6ccd7e2132042841bc1b28444fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:35:83:8e:3f:38:5f:f2:39:db:5b:ff:19:c7:
ad:19:db:00:99:50:64:a6:dc:b3:42:c6:d3:2e:fa:
57:94:b5:c9:67:a7:1a:2a:9d:69:4f:6d:4d:03:7c:
55:9a:a3:06:49:53:fd:ee:7e:9d:3c:d7:64:9b:37:
71:7c:9a:c2:78:91:23:50:cb:9f:c7:4d:da:dd:fd:
00:25:09:21:f7:34:b7:5a:20:ed:86:69:be:9c:1a:
d2:87:6b:19:27:50:7d:1c:9a:7c:fc:b0:af:ad:d6:
81:e5:7b:b1:a5:38:1b:cb:e1:d8:db:24:99:cc:6b:
90:ae:a0:b6:04:b7:dc:d3:e2:dd:e1:d4:d4:d5:45:
06:af:30:16:7c:5b:f7:fd:dc:4a:44:94:38:1a:79:
a7:a6:c7:3b:35:29:71:2c:1c:0d:7c:35:58:21:a6:
02:bc:f0:4e:b1:23:59:9d:bf:cf:3d:62:18:e3:82:
eb:03:b1:8c:d4:04:63:1b:1d:e2:d3:50:64:86:5d:
b7:cc:4c:44:20:4b:e9:15:f2:af:92:5b:1f:b2:58:
bf:a2:51:1d:bf:01:79:7c:a7:5c:83:b4:d2:cf:17:
d7:6d:99:55:7a:06:4f:9e:35:fc:35:47:da:9e:07:
7b:24:6b:ae:e7:e7:d9:8b:d4:91:94:b5:59:d9:d8:
67:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2A:95:9C:A8:F3:22:60:92:DB:E0:06:B5:12:8D:06:C1:23:45:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bdc2fb04-f12a-485f-b2b6-8b93ed722da5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:be:53:37:5e:7f:6d:cc:9b:4c:26:3e:e8:63:af:dd:64:63:
41:ab:99:b0:ef:1c:93:6a:de:80:39:40:de:25:09:3f:d1:40:
91:83:c2:22:96:d9:be:0a:24:f3:fa:f2:7e:ac:10:ef:e0:37:
c0:4b:85:30:e7:86:76:b0:7f:13:bc:65:0c:a6:db:7b:3e:ff:
ec:9b:1e:2e:44:b2:6b:c8:d8:71:1f:81:78:b6:00:ec:79:3a:
2c:cc:c7:5f:09:37:c0:70:02:af:6a:93:25:2d:5c:f3:1b:22:
3a:43:88:06:a6:48:21:d5:cd:c3:20:9e:31:da:ac:0f:37:bf:
0c:19:f2:48:fa:03:72:db:71:49:e4:bd:b6:2a:ab:60:97:66:
99:41:15:46:93:6d:d7:ab:9b:e9:76:4f:28:63:d9:22:1b:7a:
77:c4:b5:cf:9a:6c:d3:cf:85:66:6a:77:28:c0:93:c7:ee:bf:
0b:31:a2:3b:1c:28:76:67:38:a8:0b:49:d4:9a:12:17:f2:d9:
98:aa:f9:9c:a9:b1:9b:70:65:3b:97:d3:93:41:d5:25:c5:2f:
97:51:c1:d5:b5:b8:20:0e:59:b9:fc:65:ea:92:78:7d:26:d2:
6f:3e:35:2b:9f:39:72:98:6b:3b:d6:98:bd:f4:81:96:e1:ad:
34:67:37:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP49kA+0OYsHU5GI2YTplSII7BcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5ZWIwMGRjNWIyZTQzNmI3OGQ3ODdlMzg4ZmI5OWU2NTBkM2Y2Y2NkN2Uy
MTMyMDQyODQxYmMxYjI4NDQ0ZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMs1g44/OF/yOdtb/xnHrRnbAJlQZKbcs0LG0y76V5S1yWenGiqdaU9tTQN8
VZqjBklT/e5+nTzXZJs3cXyawniRI1DLn8dN2t39ACUJIfc0t1og7YZpvpwa0odr
GSdQfRyafPywr63WgeV7saU4G8vh2NskmcxrkK6gtgS33NPi3eHU1NVFBq8wFnxb
9/3cSkSUOBp5p6bHOzUpcSwcDXw1WCGmArzwTrEjWZ2/zz1iGOOC6wOxjNQEYxsd
4tNQZIZdt8xMRCBL6RXyr5JbH7JYv6JRHb8BeXynXIO00s8X122ZVXoGT541/DVH
2p4HeyRrrufn2YvUkZS1WdnYZ4cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTXKpWc
qPMiYJLb4Aa1Eo0GwSNFwDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmRjMmZiMDQtZjEyYS00ODVmLWIyYjYtOGI5M2VkNzIyZGE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQAvvlM3Xn9tzJtMJj7oY6/dZGNBq5mw7xyTat6AOUDe
JQk/0UCRg8Iiltm+CiTz+vJ+rBDv4DfAS4Uw54Z2sH8TvGUMptt7Pv/smx4uRLJr
yNhxH4F4tgDseToszMdfCTfAcAKvapMlLVzzGyI6Q4gGpkgh1c3DIJ4x2qwPN78M
GfJI+gNy23FJ5L22Kqtgl2aZQRVGk23Xq5vpdk8oY9kiG3p3xLXPmmzTz4Vmanco
wJPH7r8LMaI7HCh2ZzioC0nUmhIX8tmYqvmcqbGbcGU7l9OTQdUlxS+XUcHVtbgg
Dlm5/GXqknh9JtJvPjUrnzlymGs71pi99IGW4a00ZzfW
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org