Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
File: ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa (raw, json)
Hash identifier: lNlDZCJ9FFxTvk54nxBw7WRvG6OBVgX3n2St4NzD+uw=
Subject key identifier: 0D:2B:E9:A7:77:B8:E6:F5:5E:CF:77:2A:1D:4F:C5:68:B0:90:BE:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5637C5E964749BCCF01B5DBCA6D5FDD74717EACE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:37:c5:e9:64:74:9b:cc:f0:1b:5d:bc:a6:d5:fd:d7:47:17:ea:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=8cdc2ed29e552b6edeffc4c75d34c9729f221252fa9f6a39aac72ce179a80e9a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:a7:ed:ac:1c:5b:93:31:13:ea:4f:b6:1e:
7c:44:91:7b:84:c4:ea:c1:13:14:ff:c7:3f:0d:6a:
97:e3:09:d5:3d:11:e2:18:aa:d3:db:9c:d6:a4:d0:
0a:6a:c8:a7:08:a7:f0:ed:57:24:82:f4:e1:ec:09:
b2:44:1e:7f:9d:1e:87:37:8c:39:ec:8d:b9:63:46:
ce:1d:9a:9b:86:65:dd:2c:9c:25:06:d9:83:5f:81:
ba:a0:28:84:f0:82:4a:6d:eb:5f:ad:ea:a4:5c:0d:
e2:aa:c7:68:ed:6e:a5:54:7a:4d:b2:c5:cb:c9:61:
8f:0a:74:8e:6c:16:88:a4:36:23:47:85:2d:84:b6:
7a:05:5e:e4:df:f5:07:b9:97:e5:71:3e:f7:dc:b0:
d4:af:93:c8:77:a7:4d:e2:85:76:37:0d:38:15:3d:
32:1b:b5:22:1a:87:89:e0:d8:d9:78:29:ad:b9:b7:
1a:c7:86:dc:66:cc:c7:f0:d8:31:fa:43:24:58:c0:
85:52:66:56:18:00:8c:a2:c2:2c:0b:47:ea:42:85:
d1:40:5c:23:35:22:4f:b9:61:6c:9e:aa:15:05:61:
04:06:ff:09:a9:84:49:bb:f9:c0:65:92:fc:f4:54:
4a:24:1b:22:33:2b:0b:b6:4f:a3:e2:f0:30:34:3f:
87:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2B:E9:A7:77:B8:E6:F5:5E:CF:77:2A:1D:4F:C5:68:B0:90:BE:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:dd:0c:04:e5:f7:83:6b:db:da:94:a6:19:a9:48:aa:56:77:
6c:5c:08:fd:08:6d:3e:88:2c:f1:56:0e:4e:e2:6e:a5:a3:0b:
78:ae:97:8d:51:fb:26:92:43:19:cb:3d:62:43:ba:e3:88:26:
3c:b9:3e:30:51:9a:b0:50:c8:b9:e0:e7:33:af:bb:e2:79:53:
02:63:ac:2a:c6:cc:e7:78:5e:60:30:f2:11:c1:15:f0:2c:89:
e6:07:3f:07:24:2c:aa:ac:c4:20:85:a7:bd:15:cb:f2:1d:9f:
b3:86:8f:ad:3f:fa:b2:85:cc:58:d4:c0:10:dc:0d:63:2b:fe:
3e:bb:cc:53:3f:e0:ac:c0:7a:18:39:f5:7e:70:9a:31:18:fe:
b7:2d:9b:4b:45:d6:7e:6f:ab:ab:0a:3f:6a:f7:76:da:4f:6e:
72:f0:55:50:8d:6e:5a:4c:e7:e1:34:f3:c4:90:af:3b:7d:56:
3a:06:98:09:e1:5d:9c:48:0e:89:ec:e5:05:2e:2f:4a:e0:77:
35:67:06:ea:e9:c8:d3:ff:1d:ff:8b:21:af:d9:53:99:39:ca:
9c:b8:79:99:c5:2c:03:e7:48:f8:e9:71:1c:44:1d:98:1e:56:
cc:4d:cf:1c:e7:1b:3f:40:10:21:6a:d9:0c:7e:5d:e6:0a:d9:
d1:a3:be:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVjfF6WR0m8zwG128ptX910cX6s4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjZGMyZWQyOWU1NTJiNmVkZWZmYzRjNzVkMzRjOTcyOWYyMjEyNTJmYTlm
NmEzOWFhYzcyY2UxNzlhODBlOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+xp+2sHFuTMRPqT7YefESRe4TE6sETFP/HPw1ql+MJ1T0R4hiq09uc1qTQ
CmrIpwin8O1XJIL04ewJskQef50ehzeMOeyNuWNGzh2am4Zl3SycJQbZg1+BuqAo
hPCCSm3rX63qpFwN4qrHaO1upVR6TbLFy8lhjwp0jmwWiKQ2I0eFLYS2egVe5N/1
B7mX5XE+99yw1K+TyHenTeKFdjcNOBU9Mhu1IhqHieDY2Xgprbm3GseG3GbMx/DY
MfpDJFjAhVJmVhgAjKLCLAtH6kKF0UBcIzUiT7lhbJ6qFQVhBAb/CamESbv5wGWS
/PRUSiQbIjMrC7ZPo+LwMDQ/h/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNK+mn
d7jm9V7PdyodT8VosJC+KjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2UxZDEyZjAtNTM0Ny00MWQ1LWI3YmItNzc4ZGRhMGMxZDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQDB3QwE5feDa9valKYZqUiqVndsXAj9CG0+iCzxVg5O
4m6lowt4rpeNUfsmkkMZyz1iQ7rjiCY8uT4wUZqwUMi54Oczr7vieVMCY6wqxszn
eF5gMPIRwRXwLInmBz8HJCyqrMQghae9FcvyHZ+zho+tP/qyhcxY1MAQ3A1jK/4+
u8xTP+CswHoYOfV+cJoxGP63LZtLRdZ+b6urCj9q93baT25y8FVQjW5aTOfhNPPE
kK87fVY6BpgJ4V2cSA6J7OUFLi9K4Hc1Zwbq6cjT/x3/iyGv2VOZOcqcuHmZxSwD
50j46XEcRB2YHlbMTc8c5xs/QBAhatkMfl3mCtnRo772
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org