Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
File: e5242553-2ce0-44b9-a44b-832a808bc6b1.roa (raw, json)
Hash identifier: 8/9pPZZE5Hp4p8jMThXjPc+u7BpiMIVlVx5XsHjZvzc=
Subject key identifier: ED:3E:0C:6F:5A:E1:AB:14:35:4D:C5:00:6D:74:A8:A6:38:8C:BC:AC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 06D693FAA6A546522D23C7D1A5465D78C84B9CEF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:d6:93:fa:a6:a5:46:52:2d:23:c7:d1:a5:46:5d:78:c8:4b:9c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=d869da62baf5508364c91d2c9cfae68c7770652a952b4d801d90c5a22ae0f004, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:81:ad:1d:f1:61:dd:0d:63:c5:ef:c3:38:89:
f4:82:eb:a6:56:22:6c:f4:8d:5e:92:f3:56:8c:11:
4a:83:bc:ca:c0:6d:35:db:c3:60:2e:61:08:ea:5f:
96:2b:34:26:73:84:3c:87:07:34:cc:bf:7c:86:89:
6d:9b:49:9e:e5:f2:18:19:a9:af:6d:58:25:d1:c4:
64:15:59:0e:48:7d:ee:5f:74:73:70:e7:ce:1a:f5:
01:fb:76:14:7e:20:25:fd:a1:fb:d4:72:69:83:4b:
c1:ac:73:c1:75:fd:a8:2a:68:6a:55:b7:0f:ed:f3:
e5:2b:fb:82:47:75:8c:31:e8:16:38:0a:bf:72:07:
68:cd:85:24:32:79:fd:a5:a6:b2:3c:f3:8e:7b:51:
cf:14:ab:8f:53:d6:61:9c:62:ac:1f:b7:44:23:d3:
5a:9a:51:d2:4a:d1:db:f7:4b:6e:91:ce:f5:9f:a8:
37:d1:17:55:d1:fd:40:a2:b7:b6:fd:9a:15:7d:fc:
76:fc:0a:06:a3:1a:a5:a8:f8:72:7f:9b:20:c6:9a:
28:14:47:8f:fb:23:e1:e2:8f:cc:82:4d:7d:d4:eb:
c0:3c:e3:b9:3d:9d:74:2c:03:ce:d1:64:2b:55:9e:
58:e7:29:11:78:ad:20:b9:c9:7e:22:d0:ec:73:f2:
4e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3E:0C:6F:5A:E1:AB:14:35:4D:C5:00:6D:74:A8:A6:38:8C:BC:AC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:35:54:f1:83:87:69:be:8f:8f:73:e0:88:76:09:58:07:79:
0e:c6:7d:5d:12:f0:e6:70:17:ed:85:01:17:d6:a1:81:90:5b:
f5:e8:35:32:df:fc:5d:98:a2:68:9e:92:d8:c0:8f:a1:10:50:
39:f9:45:25:22:98:3e:46:ca:8e:3a:f1:a9:22:ca:03:c5:66:
d2:15:db:10:76:19:42:d2:ac:ca:15:f0:eb:23:c5:5b:0f:ea:
57:69:64:b6:68:8c:a8:39:e9:fc:b4:65:0f:14:be:70:4d:18:
8c:5e:36:0c:52:9b:31:75:9f:d2:44:67:76:b5:4a:74:67:71:
f6:6c:b1:02:ba:4b:00:c8:ce:80:bc:c2:f9:77:97:7f:17:13:
6f:d8:bc:f5:cf:31:b4:80:d5:01:b2:f1:b9:80:58:57:47:e3:
b7:32:56:cf:e4:8d:c7:ec:54:1c:32:20:32:97:e2:01:41:80:
cc:6c:91:ea:9d:a7:b6:5e:fb:57:c8:c0:9a:45:d5:93:bb:8d:
54:41:28:29:85:c4:74:e4:f9:b7:e9:bd:2d:9f:6f:85:6d:8c:
d6:32:1b:d9:2f:b4:52:42:90:f0:21:ad:d3:31:40:a9:d6:d7:
6b:c4:f0:7f:06:8a:30:0e:18:a8:de:07:85:89:da:4d:af:6c:
0e:1c:1c:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBtaT+qalRlItI8fRpUZdeMhLnO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4NjlkYTYyYmFmNTUwODM2NGM5MWQyYzljZmFlNjhjNzc3MDY1MmE5NTJi
NGQ4MDFkOTBjNWEyMmFlMGYwMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGBrR3xYd0NY8XvwziJ9ILrplYibPSNXpLzVowRSoO8ysBtNdvDYC5hCOpf
lis0JnOEPIcHNMy/fIaJbZtJnuXyGBmpr21YJdHEZBVZDkh97l90c3Dnzhr1Aft2
FH4gJf2h+9RyaYNLwaxzwXX9qCpoalW3D+3z5Sv7gkd1jDHoFjgKv3IHaM2FJDJ5
/aWmsjzzjntRzxSrj1PWYZxirB+3RCPTWppR0krR2/dLbpHO9Z+oN9EXVdH9QKK3
tv2aFX38dvwKBqMapaj4cn+bIMaaKBRHj/sj4eKPzIJNfdTrwDzjuT2ddCwDztFk
K1WeWOcpEXitILnJfiLQ7HPyTuECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtPgxv
WuGrFDVNxQBtdKimOIy8rDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTUyNDI1NTMtMmNlMC00NGI5LWE0NGItODMyYTgwOGJjNmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQAQNVTxg4dpvo+Pc+CIdglYB3kOxn1dEvDmcBfthQEX
1qGBkFv16DUy3/xdmKJonpLYwI+hEFA5+UUlIpg+RsqOOvGpIsoDxWbSFdsQdhlC
0qzKFfDrI8VbD+pXaWS2aIyoOen8tGUPFL5wTRiMXjYMUpsxdZ/SRGd2tUp0Z3H2
bLECuksAyM6AvML5d5d/FxNv2Lz1zzG0gNUBsvG5gFhXR+O3MlbP5I3H7FQcMiAy
l+IBQYDMbJHqnae2XvtXyMCaRdWTu41UQSgphcR05Pm36b0tn2+FbYzWMhvZL7RS
QpDwIa3TMUCp1tdrxPB/BoowDhio3geFidpNr2wOHBz4
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org