Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
File: dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa (raw, json)
Hash identifier: sjGnbfLxFT0KmUk9v/uJmZoSzx57L5IRISI7hEghKfc=
Subject key identifier: 90:E5:14:81:1D:A9:44:11:F4:9C:10:B6:F9:37:0D:40:7C:7F:87:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35D2244B4E53A63872AA621E0610CAD4A5A9DDA8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:d2:24:4b:4e:53:a6:38:72:aa:62:1e:06:10:ca:d4:a5:a9:dd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=b0ff225c086dd57b17c6dc6f0b057f353d174d10ff6a438305f50958f2411d13, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c4:fe:b6:4f:81:9b:3e:16:2f:59:ae:c1:43:
62:e0:8c:03:02:4a:fb:0e:71:88:61:d5:2e:61:4f:
f4:71:21:2f:9c:c6:3e:65:1a:76:e7:c4:12:28:9d:
e4:5d:4e:86:30:6d:a7:8e:d0:43:93:57:87:df:6c:
25:a3:d1:5b:c5:80:bb:49:92:84:e3:15:53:b9:71:
82:f7:7f:8c:ef:25:7f:bd:ec:af:37:5c:13:91:c0:
6a:4c:70:8f:d9:e8:23:0b:01:9a:eb:27:d4:c0:ad:
fb:1d:5e:09:b0:49:95:27:07:c5:11:e1:bb:be:fe:
f1:a9:e2:fb:a0:ca:f5:82:ec:85:1e:a6:26:63:51:
8e:6b:f8:fd:af:67:2b:7b:02:e6:d3:1d:cc:1b:e0:
47:31:80:46:5e:f3:61:9e:76:6a:2a:01:9a:01:08:
ae:40:c4:95:49:c1:3b:28:8c:af:bb:66:86:10:db:
df:fd:62:5b:43:67:f0:e4:45:d0:f9:1f:47:1e:24:
9f:56:49:fc:a2:84:1e:ce:3a:77:6b:de:88:42:76:
6e:bd:c0:03:b9:c3:ba:4d:61:fc:83:4d:ed:30:ff:
d4:94:53:0c:77:bc:f9:fa:07:aa:8f:ea:5f:38:85:
4f:62:bb:60:1c:3f:a7:ed:91:c8:c5:7e:96:78:e8:
fc:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E5:14:81:1D:A9:44:11:F4:9C:10:B6:F9:37:0D:40:7C:7F:87:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:ea:8d:20:f5:2b:72:34:be:b3:d4:b8:d0:91:47:6b:e4:18:
15:98:cd:2c:bc:f8:a6:d9:09:4a:e2:5d:78:16:44:fe:67:3a:
f0:13:4f:ea:ef:7c:35:d0:b8:ef:3d:ef:59:ba:58:e4:f6:f7:
71:e1:de:40:14:0b:ef:32:e4:66:d8:2f:ab:92:4d:60:cf:2f:
ef:79:bf:e7:8b:8e:ff:b1:e4:91:b4:e6:2d:23:b7:fe:c4:65:
fe:62:b3:59:c7:91:24:5f:55:fa:92:4e:86:c0:79:71:8b:05:
25:5f:0f:ef:9d:20:d7:c5:81:f8:45:8b:19:7f:f6:4e:2c:4d:
be:82:54:44:5c:52:2f:fb:ac:28:75:6e:0d:ca:77:49:90:af:
67:37:34:de:6f:b3:0a:07:28:2a:1b:8e:f1:ce:ab:5b:e7:05:
ad:9b:8a:45:95:0b:db:4a:d3:b3:93:d7:98:ed:36:16:06:93:
5d:9a:6d:cb:40:6a:6f:6b:76:f6:28:26:3f:e6:dd:0a:af:cc:
d7:df:a1:02:60:8f:fe:8c:46:2c:8b:f4:13:cd:da:55:e5:21:
01:d2:a0:b1:22:0d:25:4e:d8:94:e1:3d:6e:56:e4:ec:4f:23:
eb:1e:ba:17:97:c1:37:45:e3:f1:1f:00:82:b7:7d:f4:64:08:
b5:16:89:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNdIkS05TpjhyqmIeBhDK1KWp3agwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZmYyMjVjMDg2ZGQ1N2IxN2M2ZGM2ZjBiMDU3ZjM1M2QxNzRkMTBmZjZh
NDM4MzA1ZjUwOTU4ZjI0MTFkMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnE/rZPgZs+Fi9ZrsFDYuCMAwJK+w5xiGHVLmFP9HEhL5zGPmUadufEEiid
5F1OhjBtp47QQ5NXh99sJaPRW8WAu0mShOMVU7lxgvd/jO8lf73srzdcE5HAakxw
j9noIwsBmusn1MCt+x1eCbBJlScHxRHhu77+8ani+6DK9YLshR6mJmNRjmv4/a9n
K3sC5tMdzBvgRzGARl7zYZ52aioBmgEIrkDElUnBOyiMr7tmhhDb3/1iW0Nn8ORF
0PkfRx4kn1ZJ/KKEHs46d2veiEJ2br3AA7nDuk1h/INN7TD/1JRTDHe8+foHqo/q
XziFT2K7YBw/p+2RyMV+lnjo/McCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQ5RSB
HalEEfScELb5Nw1AfH+HMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM4NWRhMGYtMDgzMi00OWJlLTg2YTctY2E0ZTQyYzNlMGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQBl6o0g9StyNL6z1LjQkUdr5BgVmM0svPim2QlK4l14
FkT+ZzrwE0/q73w10LjvPe9Zuljk9vdx4d5AFAvvMuRm2C+rkk1gzy/veb/ni47/
seSRtOYtI7f+xGX+YrNZx5EkX1X6kk6GwHlxiwUlXw/vnSDXxYH4RYsZf/ZOLE2+
glREXFIv+6wodW4NyndJkK9nNzTeb7MKBygqG47xzqtb5wWtm4pFlQvbStOzk9eY
7TYWBpNdmm3LQGpva3b2KCY/5t0Kr8zX36ECYI/+jEYsi/QTzdpV5SEB0qCxIg0l
TtiU4T1uVuTsTyPrHroXl8E3RePxHwCCt330ZAi1Fony
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org