Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
File: c64c4a95-84a7-4a8b-8228-9d83b2456072.roa (raw, json)
Hash identifier: whVSWuibEXiKZ4g5W2LQnZpX/8E1df5t9boOGUacb6U=
Subject key identifier: B4:06:C5:F2:34:22:0E:7C:D9:53:52:36:47:10:03:70:46:A8:6C:F4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A4534B052BD30875FDB5826B0CBB139916C97E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:45:34:b0:52:bd:30:87:5f:db:58:26:b0:cb:b1:39:91:6c:97:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=7ce25967420bc65358079d832390029048d113052560686b30c838832fa9e8ea, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:36:1d:55:13:68:ca:00:40:94:94:e6:cd:05:
68:ac:a2:5a:19:87:ec:83:01:3e:95:90:c6:53:3e:
e9:7f:8b:ac:3c:12:85:a4:99:51:c9:de:85:4b:25:
41:26:70:59:ed:b5:ed:f1:34:4f:97:b5:aa:ad:b7:
d8:6d:dd:d4:6b:ca:c8:09:ed:06:5a:bc:2c:0f:1a:
54:b3:68:a9:ce:4e:65:47:c6:a3:8e:bb:c7:39:15:
cb:c7:37:40:66:3e:da:58:bf:f5:27:89:10:22:56:
76:dd:73:8e:fb:50:92:cc:b6:f1:f0:c1:8f:b4:01:
3a:a0:ea:76:01:79:43:10:6b:26:2f:1e:18:1c:ae:
25:57:be:0e:dd:26:b8:72:ff:e1:01:4b:2b:45:88:
5b:c3:6d:ff:74:8a:ce:96:6c:db:2e:21:2a:39:1f:
d6:18:76:a1:62:e5:bb:b4:ec:46:85:7d:be:00:18:
bd:be:75:17:02:cf:3a:47:28:f3:6c:70:90:b4:cd:
45:5a:9d:df:53:4d:99:c4:0b:87:0d:fd:21:8d:09:
92:27:3e:e0:6d:78:d3:4c:d9:f5:89:21:5e:c1:08:
ba:cd:2c:f8:f6:7e:f8:c8:ea:2b:b9:65:ef:01:67:
28:83:95:1b:38:13:f9:68:94:97:1b:45:ab:ea:a3:
32:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:06:C5:F2:34:22:0E:7C:D9:53:52:36:47:10:03:70:46:A8:6C:F4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c64c4a95-84a7-4a8b-8228-9d83b2456072.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
35:96:75:f1:68:f0:5e:23:92:5c:42:e8:3a:db:5c:d4:2f:a1:
1a:16:94:3e:50:d7:77:88:96:65:9e:f2:f6:e8:6c:2e:da:8a:
18:c1:f9:6c:d6:f5:68:51:23:1a:4c:f1:67:14:6b:ea:9d:b5:
23:5c:e2:7d:b3:7d:fc:8e:93:c7:58:af:01:05:d3:07:2c:f1:
e7:f2:ae:d0:20:a8:6c:e0:ae:15:46:a5:97:25:1c:a8:31:88:
43:d2:b0:e5:7a:95:c8:1a:34:20:bf:0a:2c:20:c6:43:73:04:
5b:fb:3d:57:d5:c9:dc:04:68:7e:30:b9:94:3c:3d:e5:05:f7:
9c:48:c5:b8:e8:40:10:b6:43:83:3a:63:79:d1:24:2d:89:2d:
4e:d2:f3:af:6a:56:c4:6d:97:6c:ef:5f:a9:e6:57:33:ae:e3:
e8:b0:09:7d:0f:1e:36:0c:b3:1f:4d:7d:1c:21:96:3e:a8:bd:
b0:02:15:5d:7d:2a:c8:f4:b6:c6:91:02:f2:67:eb:ad:98:d1:
5c:f2:37:0a:04:33:13:47:a3:d2:30:87:5c:d6:d7:3e:fb:64:
91:f6:1e:e9:4f:ce:77:1a:a9:16:cc:e4:b5:9c:25:33:49:eb:
0c:fb:83:b9:f6:01:43:a7:1d:7b:ea:40:62:b8:97:00:b3:53:
b5:f6:28:1b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKkU0sFK9MIdf21gmsMuxOZFsl+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjZTI1OTY3NDIwYmM2NTM1ODA3OWQ4MzIzOTAwMjkwNDhkMTEzMDUyNTYw
Njg2YjMwYzgzODgzMmZhOWU4ZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALk2HVUTaMoAQJSU5s0FaKyiWhmH7IMBPpWQxlM+6X+LrDwShaSZUcnehUsl
QSZwWe217fE0T5e1qq232G3d1GvKyAntBlq8LA8aVLNoqc5OZUfGo467xzkVy8c3
QGY+2li/9SeJECJWdt1zjvtQksy28fDBj7QBOqDqdgF5QxBrJi8eGByuJVe+Dt0m
uHL/4QFLK0WIW8Nt/3SKzpZs2y4hKjkf1hh2oWLlu7TsRoV9vgAYvb51FwLPOkco
82xwkLTNRVqd31NNmcQLhw39IY0Jkic+4G1400zZ9YkhXsEIus0s+PZ++MjqK7ll
7wFnKIOVGzgT+WiUlxtFq+qjMtkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS0BsXy
NCIOfNlTUjZHEANwRqhs9DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzY0YzRhOTUtODRhNy00YThiLTgyMjgtOWQ4M2IyNDU2MDcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEANZZ18WjwXiOSXELoOttc1C+hGhaUPlDXd4iWZZ7y
9uhsLtqKGMH5bNb1aFEjGkzxZxRr6p21I1zifbN9/I6Tx1ivAQXTByzx5/Ku0CCo
bOCuFUallyUcqDGIQ9Kw5XqVyBo0IL8KLCDGQ3MEW/s9V9XJ3ARofjC5lDw95QX3
nEjFuOhAELZDgzpjedEkLYktTtLzr2pWxG2XbO9fqeZXM67j6LAJfQ8eNgyzH019
HCGWPqi9sAIVXX0qyPS2xpEC8mfrrZjRXPI3CgQzE0ej0jCHXNbXPvtkkfYe6U/O
dxqpFszktZwlM0nrDPuDufYBQ6cde+pAYriXALNTtfYoGw==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org