Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
File: e18380f1-6ccd-4170-b605-ff97745298e0.roa (raw, json)
Hash identifier: wVVKTI+Q5UMY7ngEwiZL1jJaEUFn3uJbkkMA3hwEJOs=
Subject key identifier: 28:12:70:43:2F:81:D8:47:82:B2:61:17:99:CF:EB:4F:5B:30:FD:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A641C3547A436EA3C3EC81AF59F7C93E39DC20C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:64:1c:35:47:a4:36:ea:3c:3e:c8:1a:f5:9f:7c:93:e3:9d:c2:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4c414acceba77d61613bfb1ceb9510b99e8bf81a905e041c3721e1cd591dcd1b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e0:bd:20:8a:6f:28:b6:1c:31:50:d9:1e:83:
e7:90:ed:a5:91:ae:04:4d:00:57:9c:38:51:c0:7f:
79:fd:5e:fd:73:04:15:fe:aa:9b:5e:8b:c9:27:29:
4e:10:f9:6f:fe:f9:55:9e:7d:11:eb:6c:b0:f8:9d:
ea:58:a7:e1:a2:24:9b:4c:64:c9:d7:36:e7:4c:b5:
32:0b:a8:b6:9a:12:8a:14:9b:3f:52:88:c9:45:e2:
62:49:b4:62:30:20:0b:51:33:7a:8e:2d:bc:d8:86:
51:76:fa:6e:b4:62:86:fa:66:36:bc:26:b4:c8:0e:
49:18:33:19:b6:ba:98:66:a3:51:0f:37:0c:b6:e1:
31:ea:3d:64:33:c8:f1:72:af:38:3a:ef:59:23:bb:
0a:06:3f:11:b7:af:41:24:0e:a4:22:d9:0e:bb:8a:
f4:db:41:e8:ad:f3:ac:c2:4f:3b:42:e5:66:f6:9a:
cf:62:7e:52:c2:a2:84:be:d5:74:39:fc:b4:27:21:
f6:ab:88:55:e4:1f:e7:12:4e:3c:9c:45:e4:44:1d:
98:fc:a9:61:cb:e0:2b:60:92:f9:48:50:ab:26:31:
0c:ec:9f:02:e0:ab:cb:a3:ed:bf:28:fc:c5:49:ff:
6a:5c:c6:cd:4a:05:0f:36:e9:73:51:61:a1:ee:b7:
d2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:12:70:43:2F:81:D8:47:82:B2:61:17:99:CF:EB:4F:5B:30:FD:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18380f1-6ccd-4170-b605-ff97745298e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:2d:52:21:1e:3d:ea:6b:93:20:3c:77:65:34:7f:6b:eb:6d:
12:48:e4:72:3a:c7:d2:16:86:68:ba:34:0f:25:d7:24:a9:1c:
18:20:77:23:1d:fa:fd:f5:52:a9:f0:4c:d4:48:71:04:a2:21:
4d:49:53:76:e0:36:11:bb:e5:e4:fb:28:26:59:91:51:ad:0e:
24:55:46:39:2e:70:81:ad:a2:69:f3:87:9d:44:0e:1f:d6:03:
02:be:16:c9:e8:07:b8:25:07:80:23:13:de:8d:37:0b:e2:a1:
d5:ac:19:17:17:46:ae:2a:44:76:6b:d2:c4:86:a0:32:cc:c5:
f3:ea:7c:56:0a:51:b0:1d:04:33:8d:8e:40:dc:7d:44:5e:9f:
c9:de:30:d8:67:c8:16:f0:8b:d8:40:9b:4d:c5:d5:d3:a2:72:
e0:47:d2:db:4c:b0:9c:62:37:45:8d:cd:f4:04:a3:52:70:73:
03:15:f1:5f:db:33:33:13:8c:45:ae:33:e3:57:9b:39:85:5e:
16:90:ad:97:bb:34:d2:c4:72:b7:d8:ab:d7:bd:2d:11:46:7b:
ce:0d:d5:58:f7:54:69:9b:20:b2:46:ad:07:ea:41:af:83:0a:
ca:a3:e6:15:d4:a9:3a:83:d5:d8:01:01:51:a7:42:df:a5:b9:
a8:3c:91:94
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUamQcNUekNuo8Psga9Z98k+OdwgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNDE0YWNjZWJhNzdkNjE2MTNiZmIxY2ViOTUxMGI5OWU4YmY4MWE5MDVl
MDQxYzM3MjFlMWNkNTkxZGNkMWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDgvSCKbyi2HDFQ2R6D55DtpZGuBE0AV5w4UcB/ef1e/XMEFf6qm16LyScp
ThD5b/75VZ59EetssPid6lin4aIkm0xkydc250y1MguotpoSihSbP1KIyUXiYkm0
YjAgC1Ezeo4tvNiGUXb6brRihvpmNrwmtMgOSRgzGba6mGajUQ83DLbhMeo9ZDPI
8XKvODrvWSO7CgY/EbevQSQOpCLZDruK9NtB6K3zrMJPO0LlZvaaz2J+UsKihL7V
dDn8tCch9quIVeQf5xJOPJxF5EQdmPypYcvgK2CS+UhQqyYxDOyfAuCry6Ptvyj8
xUn/alzGzUoFDzbpc1Fhoe630vMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQoEnBD
L4HYR4KyYReZz+tPWzD9azAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTE4MzgwZjEtNmNjZC00MTcwLWI2MDUtZmY5Nzc0NTI5OGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQB1LVIhHj3qa5MgPHdlNH9r620SSORyOsfSFoZoujQP
JdckqRwYIHcjHfr99VKp8EzUSHEEoiFNSVN24DYRu+Xk+ygmWZFRrQ4kVUY5LnCB
raJp84edRA4f1gMCvhbJ6Ae4JQeAIxPejTcL4qHVrBkXF0auKkR2a9LEhqAyzMXz
6nxWClGwHQQzjY5A3H1EXp/J3jDYZ8gW8IvYQJtNxdXTonLgR9LbTLCcYjdFjc30
BKNScHMDFfFf2zMzE4xFrjPjV5s5hV4WkK2XuzTSxHK32KvXvS0RRnvODdVY91Rp
myCyRq0H6kGvgwrKo+YV1Kk6g9XYAQFRp0LfpbmoPJGU
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org