Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa
File: cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa (raw, json)
Hash identifier: Qk7jNCXbVqOtp6VRfsaUfo4QJkNgZ5YtfH7GtLYKn3Q=
Subject key identifier: 60:6A:BC:0D:D1:44:F1:6E:E5:21:54:F1:C6:D1:BD:97:63:CB:18:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F64D1F4CC7D42310A0685A4D883BB7B039CB53C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.16.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:64:d1:f4:cc:7d:42:31:0a:06:85:a4:d8:83:bb:7b:03:9c:b5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=770ecbe2f497aa03f40443862471c033779f004ac80ac3a31af738bdaf92e396, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e5:1d:c8:43:b9:9e:1c:7d:04:9b:0a:f7:d7:
e7:7c:48:c3:68:40:15:39:c7:b4:31:bc:68:68:32:
c1:e3:1e:cf:51:fb:dd:2e:a4:b1:6f:5b:92:7c:e7:
42:68:01:c3:71:29:50:30:fb:5b:d7:33:36:0c:0a:
91:fa:a6:09:c7:e6:b5:c2:ce:54:b3:a1:9a:cc:ed:
0b:bc:4a:51:58:18:0a:de:44:f5:33:ad:f6:fd:69:
fb:54:07:60:c9:ff:4f:7d:f6:66:8c:58:2f:35:45:
6c:9e:94:ab:9d:16:a8:1c:34:a6:06:a0:bd:8a:05:
4b:b3:c7:e9:54:6b:2b:49:3b:e8:ea:62:40:cb:c7:
dd:f5:c2:f6:ce:70:cc:46:7d:b6:33:28:a0:2a:50:
88:9a:3b:16:16:3c:3d:0a:23:af:fd:84:3a:3b:b9:
a2:63:bd:e9:e0:42:fd:91:60:e0:b6:fe:14:15:b7:
96:91:b7:cd:4b:17:ef:c4:d7:05:56:1d:17:c1:ec:
b6:d6:b2:01:e2:18:5d:7b:7f:c1:0b:4c:d0:51:04:
11:91:05:0d:c4:fc:fc:06:24:d6:d5:02:eb:cc:22:
b4:a9:ac:16:c0:3b:a1:7a:40:55:a6:4d:85:6c:c4:
6d:b4:7d:da:23:6b:53:89:6d:aa:1f:07:7f:1f:ed:
5b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6A:BC:0D:D1:44:F1:6E:E5:21:54:F1:C6:D1:BD:97:63:CB:18:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bc:02:a6:33:1a:9f:a0:fa:54:d0:49:4d:0d:13:d8:5d:27:03:
03:38:49:fc:96:34:1e:4e:1e:9c:d0:35:fe:af:2b:6a:64:44:
a4:e1:84:9f:3e:30:c0:52:88:89:f9:78:7a:88:33:67:1d:29:
42:40:f9:4e:e8:d3:34:c5:dd:33:01:00:44:5b:71:9b:16:9f:
4e:1d:9d:b0:68:1a:4d:33:3a:a6:32:95:48:82:99:65:5f:bd:
f0:78:83:c0:28:47:6b:62:de:89:0c:e0:bb:c5:d6:ac:67:f6:
3b:00:3f:80:87:e8:26:33:c0:35:e8:31:80:fd:72:e6:5b:e8:
77:3e:5d:01:d0:40:e3:f3:c0:dc:59:b8:8c:f5:81:54:fd:ca:
4b:f7:85:58:af:7a:ea:66:a6:ac:14:f9:92:ff:93:c4:a1:6f:
19:41:89:36:cc:af:e4:24:54:4c:d6:ce:57:50:82:77:e5:f6:
57:9b:a8:39:f8:40:c3:a3:73:c2:11:0c:ae:d4:39:4e:54:b2:
24:6c:d7:b5:9f:cc:2c:54:be:7b:47:35:e8:dd:8d:d9:eb:d2:
54:5b:ca:7c:b4:10:86:f7:6f:8c:cd:51:de:f3:51:22:b7:b2:
43:d9:35:d0:22:1b:b6:fb:7c:0d:a2:60:8f:b1:7d:32:08:16:
8b:b0:e5:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH2TR9Mx9QjEKBoWk2IO7ewOctTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3MGVjYmUyZjQ5N2FhMDNmNDA0NDM4NjI0NzFjMDMzNzc5ZjAwNGFjODBh
YzNhMzFhZjczOGJkYWY5MmUzOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKflHchDuZ4cfQSbCvfX53xIw2hAFTnHtDG8aGgyweMez1H73S6ksW9bknzn
QmgBw3EpUDD7W9czNgwKkfqmCcfmtcLOVLOhmsztC7xKUVgYCt5E9TOt9v1p+1QH
YMn/T332ZoxYLzVFbJ6Uq50WqBw0pgagvYoFS7PH6VRrK0k76OpiQMvH3fXC9s5w
zEZ9tjMooCpQiJo7FhY8PQojr/2EOju5omO96eBC/ZFg4Lb+FBW3lpG3zUsX78TX
BVYdF8HsttayAeIYXXt/wQtM0FEEEZEFDcT8/AYk1tUC68witKmsFsA7oXpAVaZN
hWzEbbR92iNrU4ltqh8Hfx/tW4cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRgarwN
0UTxbuUhVPHG0b2XY8sYHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2I0NGQ4NTgtN2I4Mi00YzQ3LTg2Y2ItYjJlNjIzZGFhOGY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQC8AqYzGp+g+lTQSU0NE9hdJwMDOEn8ljQeTh6c0DX+
rytqZESk4YSfPjDAUoiJ+Xh6iDNnHSlCQPlO6NM0xd0zAQBEW3GbFp9OHZ2waBpN
MzqmMpVIgpllX73weIPAKEdrYt6JDOC7xdasZ/Y7AD+Ah+gmM8A16DGA/XLmW+h3
Pl0B0EDj88DcWbiM9YFU/cpL94VYr3rqZqasFPmS/5PEoW8ZQYk2zK/kJFRM1s5X
UIJ35fZXm6g5+EDDo3PCEQyu1DlOVLIkbNe1n8wsVL57RzXo3Y3Z69JUW8p8tBCG
92+MzVHe81Eit7JD2TXQIhu2+3wNomCPsX0yCBaLsOX9
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org