Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: z2bf5HAy63xOTTqWQqwM3Uj/wRGfKhLCtgWlemZVmrY=
Subject key identifier: 1E:34:E1:C0:7A:08:82:FB:0A:5E:F2:4B:13:AC:B5:A4:9A:38:F9:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 520EA2AF880B5FF0AC0FC04E8EE725F8B6663E0D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:0e:a2:af:88:0b:5f:f0:ac:0f:c0:4e:8e:e7:25:f8:b6:66:3e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f973a1604201d3d90977a04b19e5b52912b2963106f8f713e3d5d61b09add465, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b7:3a:52:98:34:f5:c4:7b:77:f5:09:21:cd:
e9:dd:e0:ec:bb:ab:82:3e:88:39:14:7f:7c:c0:18:
d4:f5:61:1c:28:15:c0:6b:23:4d:d1:11:c1:01:9b:
82:d3:81:2b:5d:9d:2d:bd:aa:d8:b9:c1:85:a7:2f:
df:13:d9:2b:be:33:bc:7c:4e:a0:7a:15:2e:95:88:
78:ca:4f:cd:c5:4e:d1:47:86:6a:b9:ca:21:05:1f:
47:26:8f:e7:4e:51:c7:2a:92:fa:8b:60:a3:c3:77:
b8:46:07:de:46:53:89:07:6b:b7:46:86:9b:54:08:
f7:41:7e:62:aa:28:52:a3:b1:02:b9:fb:10:00:e4:
64:63:4f:ad:76:9b:73:6b:ec:17:a8:87:2a:32:76:
db:91:02:29:9c:d6:bd:5f:cf:a9:fb:bf:cb:24:b7:
24:f4:48:0a:96:1a:12:49:2a:e5:5c:a1:4d:5b:97:
6e:79:23:40:d9:ce:6a:e2:cf:d5:f9:08:8c:3e:5d:
80:96:b1:3b:49:df:dc:11:c7:a1:9b:2a:c1:73:1b:
97:bd:3d:f4:52:61:58:b9:a2:68:71:5f:79:ac:61:
26:ae:84:df:08:0b:4c:5b:ea:c6:4c:b1:d2:4c:c2:
2a:c7:25:63:79:f2:03:1d:6f:5c:58:50:e3:74:fa:
2f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:34:E1:C0:7A:08:82:FB:0A:5E:F2:4B:13:AC:B5:A4:9A:38:F9:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
82:3d:b7:4f:42:8d:27:8b:26:f0:20:1f:6a:a1:2d:cf:d9:cd:
cd:f1:57:70:ac:f5:38:8e:77:72:50:c5:52:46:c2:f8:96:ae:
ee:f0:d2:fd:d7:d9:38:43:4f:dd:41:a6:a8:8a:11:94:ff:5f:
0e:07:79:fb:32:dc:aa:83:58:e9:26:b6:f8:16:c5:c4:90:c5:
32:b5:bf:8b:53:43:72:64:1e:21:b2:a1:8a:08:bc:26:12:06:
69:96:9d:f7:0b:80:37:fb:37:9e:0e:2f:44:47:0b:d2:d9:cf:
b5:69:fe:31:e7:21:f9:14:39:9a:1e:94:9c:70:04:1d:fe:8a:
9a:99:29:20:a4:92:5d:1e:25:13:6c:47:20:9c:f6:74:fc:15:
63:03:4e:93:2c:5e:d3:d4:5a:8d:f4:0b:55:7d:e9:28:63:8e:
03:af:54:b5:97:32:63:4d:32:18:bd:0a:1a:84:50:69:e4:ea:
d5:bb:3f:05:73:fa:7d:e5:de:f8:4b:6c:f2:ae:2c:56:40:4d:
dc:ac:5c:38:0f:de:de:bd:64:db:1f:ec:de:ac:94:4b:f6:b3:
40:e4:cf:2f:22:03:dc:2f:68:1d:ce:d3:1c:08:67:22:15:79:
dc:49:de:26:05:ed:30:57:cd:34:4f:0b:b9:6a:ec:0a:77:6e:
36:bd:1b:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUg6ir4gLX/CsD8BOjucl+LZmPg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5NzNhMTYwNDIwMWQzZDkwOTc3YTA0YjE5ZTViNTI5MTJiMjk2MzEwNmY4
ZjcxM2UzZDVkNjFiMDlhZGQ0NjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS3OlKYNPXEe3f1CSHN6d3g7Lurgj6IORR/fMAY1PVhHCgVwGsjTdERwQGb
gtOBK12dLb2q2LnBhacv3xPZK74zvHxOoHoVLpWIeMpPzcVO0UeGarnKIQUfRyaP
505RxyqS+otgo8N3uEYH3kZTiQdrt0aGm1QI90F+YqooUqOxArn7EADkZGNPrXab
c2vsF6iHKjJ225ECKZzWvV/Pqfu/yyS3JPRICpYaEkkq5VyhTVuXbnkjQNnOauLP
1fkIjD5dgJaxO0nf3BHHoZsqwXMbl7099FJhWLmiaHFfeaxhJq6E3wgLTFvqxkyx
0kzCKsclY3nyAx1vXFhQ43T6L1kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeNOHA
egiC+wpe8ksTrLWkmjj5GzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCCPbdPQo0niybwIB9qoS3P2c3N8VdwrPU4jndyUMVS
RsL4lq7u8NL919k4Q0/dQaaoihGU/18OB3n7Mtyqg1jpJrb4FsXEkMUytb+LU0Ny
ZB4hsqGKCLwmEgZplp33C4A3+zeeDi9ERwvS2c+1af4x5yH5FDmaHpSccAQd/oqa
mSkgpJJdHiUTbEcgnPZ0/BVjA06TLF7T1FqN9AtVfekoY44Dr1S1lzJjTTIYvQoa
hFBp5OrVuz8Fc/p95d74S2zyrixWQE3crFw4D97evWTbH+zerJRL9rNA5M8vIgPc
L2gdztMcCGciFXncSd4mBe0wV800Twu5auwKd242vRtm
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org