Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
File: f67407cf-5834-4984-bfd7-dae383ea166b.roa (raw, json)
Hash identifier: k0N+z8kwFgoYmlifue0rfGIP3zm1h5VqfBj0l6BgCKE=
Subject key identifier: 7A:72:71:50:A6:44:74:F3:E6:45:27:F0:38:4E:B3:F8:19:8C:B4:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 707410DE7B1C91C70C536F7504E5EA8C80A5A3AE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:74:10:de:7b:1c:91:c7:0c:53:6f:75:04:e5:ea:8c:80:a5:a3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=666fc29d6e6b344f7159c2ce03be1944b86980097ca586ee7112f0773dca66ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ff:57:c0:2d:69:da:48:a4:31:01:20:e1:f9:
f0:f3:ce:83:f3:8b:30:d0:9c:ad:45:50:26:12:2b:
ad:e9:bd:1f:c7:32:7c:3c:20:1e:a5:18:af:b8:dd:
2f:71:4f:20:ca:39:06:40:d4:b3:60:f8:b6:4b:8a:
5f:d9:7c:9b:1d:ea:9b:0d:86:6c:02:9d:0a:08:bb:
e6:a8:a6:af:d3:8e:a0:4e:04:38:d0:21:c1:27:a1:
31:f6:28:93:e1:70:5d:55:be:ed:62:0b:ef:ff:4c:
14:e4:c6:d1:df:78:5c:f2:ed:c4:8f:14:a1:cc:36:
dd:98:d2:9d:ac:9c:f3:46:33:ee:71:bc:d1:fe:6a:
9a:a6:ff:93:1b:9c:a1:6d:d7:24:1c:07:80:21:d7:
c7:ff:c5:8c:12:d2:9f:a6:a1:79:40:a3:23:e4:b6:
20:3c:8b:f0:8e:9b:b7:a1:ac:d2:32:65:bc:e9:6e:
44:c7:a3:39:2c:b6:a4:1d:83:2f:4f:51:2d:6b:27:
41:5d:df:d9:5f:28:e3:bd:7b:91:3f:24:f0:2f:53:
85:9e:ea:6a:30:9d:a6:75:cb:29:07:0f:18:c9:23:
d0:9d:8d:3e:27:04:6d:0b:80:4f:66:a3:ab:1f:66:
a5:5c:b1:3c:4c:18:c3:20:52:ed:bd:22:f5:c9:31:
21:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:72:71:50:A6:44:74:F3:E6:45:27:F0:38:4E:B3:F8:19:8C:B4:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:db:8b:50:99:f8:0b:71:b7:d3:7c:3b:63:74:c1:a1:c4:9a:
c7:34:7b:ec:39:b3:fc:9f:a3:f5:ae:79:9d:50:3a:6c:22:db:
0d:90:38:e9:c2:18:9a:a2:31:c5:96:30:45:9c:b8:9d:94:30:
ff:d0:e6:58:7f:f0:ea:8f:c2:3b:48:5b:9d:0e:5b:5c:08:d6:
eb:d5:c2:72:e3:93:a4:0f:9f:df:4e:9f:a6:4b:e4:b5:04:26:
9b:0c:db:1d:f2:89:b5:a5:2c:99:3a:31:fe:19:a9:94:82:73:
93:3c:c3:df:8c:33:d7:db:c2:58:0a:d8:e7:cd:8f:1f:30:a1:
ac:2d:87:a4:07:bc:4a:f2:87:a5:d1:3e:e1:d4:03:e0:10:84:
22:b4:26:af:e5:2b:43:63:83:26:36:fa:35:4c:4a:19:86:02:
ca:c8:be:a5:7d:91:93:bd:7c:4a:31:2a:5f:06:7d:0f:5e:22:
04:45:a6:81:a7:08:8e:e3:3b:12:2b:3b:ab:74:f6:a5:d3:fa:
1b:cc:9c:a7:44:ec:51:f5:bc:58:f3:43:14:e6:85:1d:5e:43:
4d:a4:57:cc:e2:3e:e3:25:dd:5b:21:b1:17:57:7e:c7:67:7f:
14:d2:fd:0e:39:44:47:df:23:f6:77:19:0c:9f:64:d9:0f:9f:
81:33:b1:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcHQQ3nsckccMU291BOXqjIClo64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NmZjMjlkNmU2YjM0NGY3MTU5YzJjZTAzYmUxOTQ0Yjg2OTgwMDk3Y2E1
ODZlZTcxMTJmMDc3M2RjYTY2Y2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKT/V8AtadpIpDEBIOH58PPOg/OLMNCcrUVQJhIrrem9H8cyfDwgHqUYr7jd
L3FPIMo5BkDUs2D4tkuKX9l8mx3qmw2GbAKdCgi75qimr9OOoE4EONAhwSehMfYo
k+FwXVW+7WIL7/9MFOTG0d94XPLtxI8Uocw23ZjSnayc80Yz7nG80f5qmqb/kxuc
oW3XJBwHgCHXx//FjBLSn6aheUCjI+S2IDyL8I6bt6Gs0jJlvOluRMejOSy2pB2D
L09RLWsnQV3f2V8o4717kT8k8C9ThZ7qajCdpnXLKQcPGMkj0J2NPicEbQuAT2aj
qx9mpVyxPEwYwyBS7b0i9ckxIf0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR6cnFQ
pkR08+ZFJ/A4TrP4GYy0njAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjY3NDA3Y2YtNTgzNC00OTg0LWJmZDctZGFlMzgzZWExNjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAN24tQmfgLcbfTfDtjdMGhxJrHNHvsObP8n6P1rnmd
UDpsItsNkDjpwhiaojHFljBFnLidlDD/0OZYf/Dqj8I7SFudDltcCNbr1cJy45Ok
D5/fTp+mS+S1BCabDNsd8om1pSyZOjH+GamUgnOTPMPfjDPX28JYCtjnzY8fMKGs
LYekB7xK8oel0T7h1APgEIQitCav5StDY4MmNvo1TEoZhgLKyL6lfZGTvXxKMSpf
Bn0PXiIERaaBpwiO4zsSKzurdPal0/obzJynROxR9bxY80MU5oUdXkNNpFfM4j7j
Jd1bIbEXV37HZ38U0v0OOURH3yP2dxkMn2TZD5+BM7FR
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org