Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e13da95c-db81-44f8-9505-033de114acce.roa
File: e13da95c-db81-44f8-9505-033de114acce.roa (raw, json)
Hash identifier: FIqEmeRSUDkL4wOcpx7qtNPDBYS8o2xbOg3D1J+/jWo=
Subject key identifier: 25:B6:6E:06:08:86:2F:1B:61:4D:73:54:A8:52:60:CF:FE:C4:AE:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6358665705012BF77D00D3D441F35B30A944663F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e13da95c-db81-44f8-9505-033de114acce.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:58:66:57:05:01:2b:f7:7d:00:d3:d4:41:f3:5b:30:a9:44:66:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=166daf10aac745055ff418fad57b336578981b7aa5c2993a032068c91251178e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:49:b4:0c:64:8e:ac:56:f4:d6:09:80:65:b5:
22:bb:92:f7:3f:99:1f:c2:85:e4:f7:ad:71:2b:01:
9c:ad:d2:5b:23:43:a7:fe:d5:d6:93:06:8b:c5:6a:
35:94:c7:78:49:09:b7:2a:51:78:1b:28:54:35:86:
2b:aa:8e:b0:87:e2:83:5a:20:4f:3e:f0:f8:fe:87:
a6:e3:67:5f:9e:ce:56:2c:64:c2:19:b1:88:97:2c:
61:78:86:7f:1d:6b:b9:66:26:62:16:e1:1d:1f:ec:
ba:5d:2e:d8:e8:10:b2:11:94:e1:f6:09:24:e6:d5:
dd:35:23:21:1e:d8:e5:d0:c1:ab:96:3b:16:f3:2e:
9e:ab:82:4e:47:cf:e5:e0:1d:e4:71:c7:f2:da:21:
78:09:52:81:23:21:5f:2a:9c:08:16:2c:7c:5e:f6:
03:54:28:df:92:09:09:84:36:fc:68:e7:1a:83:b5:
55:a1:e7:06:ea:7c:34:3b:b4:b3:52:99:17:7f:d7:
23:53:35:18:04:cc:b3:dd:1d:56:a2:e6:67:10:81:
61:f0:0a:fe:10:82:ac:19:52:d3:62:5a:f9:52:63:
92:af:a6:79:41:c6:5b:ef:59:64:0d:96:28:19:06:
25:31:11:0f:b8:c7:71:e5:7a:4a:d8:91:ef:3e:d2:
df:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B6:6E:06:08:86:2F:1B:61:4D:73:54:A8:52:60:CF:FE:C4:AE:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e13da95c-db81-44f8-9505-033de114acce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b5:6c:0e:fc:6f:67:f9:fa:25:04:01:c5:63:19:d9:6c:32:94:
ba:f8:22:95:94:1f:40:18:f4:e9:83:e2:3c:8a:7e:12:36:2b:
8e:42:2a:23:b8:9c:d8:ec:b0:3b:9e:73:fc:a1:39:ef:78:23:
c8:9a:f2:fc:63:aa:ed:56:da:bd:86:32:eb:e6:62:9f:00:06:
c0:c1:4d:c5:b8:b1:36:4a:93:2f:73:65:1d:c6:3b:14:c0:a6:
65:c3:92:9d:18:03:a6:5f:6d:7e:44:ea:7c:b1:a1:34:d4:6b:
c1:4f:b0:89:38:2c:eb:5f:5f:2d:a1:7d:fa:1b:19:c4:a4:c7:
e1:0b:f4:22:77:77:bc:40:92:37:39:8c:16:88:8d:dd:c0:d9:
ea:d5:d0:32:66:a7:07:19:b3:e4:87:25:ec:8c:52:e7:72:30:
6f:96:a6:73:04:57:69:9f:ef:64:87:96:17:63:e8:c9:f2:ec:
d2:b9:de:87:7f:16:2e:c5:62:92:f7:a0:8f:dc:41:a8:8d:10:
d6:7d:8a:fe:e9:ed:31:a6:1c:ed:26:4b:77:9e:99:4d:f6:77:
73:38:26:9b:75:1d:23:03:51:e5:87:94:77:47:76:7f:0d:e2:
37:26:27:a0:60:91:83:d2:8e:fd:7d:f4:7b:56:27:30:a6:01:
1d:ab:27:54
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY1hmVwUBK/d9ANPUQfNbMKlEZj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NmRhZjEwYWFjNzQ1MDU1ZmY0MThmYWQ1N2IzMzY1Nzg5ODFiN2FhNWMy
OTkzYTAzMjA2OGM5MTI1MTE3OGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVJtAxkjqxW9NYJgGW1IruS9z+ZH8KF5PetcSsBnK3SWyNDp/7V1pMGi8Vq
NZTHeEkJtypReBsoVDWGK6qOsIfig1ogTz7w+P6HpuNnX57OVixkwhmxiJcsYXiG
fx1ruWYmYhbhHR/sul0u2OgQshGU4fYJJObV3TUjIR7Y5dDBq5Y7FvMunquCTkfP
5eAd5HHH8toheAlSgSMhXyqcCBYsfF72A1Qo35IJCYQ2/GjnGoO1VaHnBup8NDu0
s1KZF3/XI1M1GATMs90dVqLmZxCBYfAK/hCCrBlS02Ja+VJjkq+meUHGW+9ZZA2W
KBkGJTERD7jHceV6StiR7z7S370CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQltm4G
CIYvG2FNc1SoUmDP/sSu9TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTEzZGE5NWMtZGI4MS00NGY4LTk1MDUtMDMzZGUxMTRhY2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQC1bA78b2f5+iUEAcVjGdlsMpS6+CKVlB9AGPTpg+I8
in4SNiuOQiojuJzY7LA7nnP8oTnveCPImvL8Y6rtVtq9hjLr5mKfAAbAwU3FuLE2
SpMvc2UdxjsUwKZlw5KdGAOmX21+ROp8saE01GvBT7CJOCzrX18toX36GxnEpMfh
C/Qid3e8QJI3OYwWiI3dwNnq1dAyZqcHGbPkhyXsjFLncjBvlqZzBFdpn+9kh5YX
Y+jJ8uzSud6HfxYuxWKS96CP3EGojRDWfYr+6e0xphztJkt3nplN9ndzOCabdR0j
A1Hlh5R3R3Z/DeI3JiegYJGD0o79ffR7VicwpgEdqydU
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org