Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: HCGTYnjFIQHLPgQM1s5YLZWVY8jW/ZTz2M02oiEX0No=
Subject key identifier: 2B:F9:38:A4:F9:1C:CC:CD:66:04:79:28:22:C5:5B:60:CD:C8:1D:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D77082AD03D38E360DC1C95CC5FC280DE28D415
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:77:08:2a:d0:3d:38:e3:60:dc:1c:95:cc:5f:c2:80:de:28:d4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=83d60b9b27ae88a765d740f8b9ff6f3f3c451516ae22889be9caaf1608a87ee4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:76:ce:6d:e8:46:27:71:41:0c:9e:73:f7:d1:
d3:a2:9d:f4:96:d2:5b:74:ad:1c:d0:dc:8a:c6:e1:
26:52:e5:c4:92:68:61:f5:19:7c:58:0e:29:87:69:
6d:36:01:54:02:b1:19:96:fa:20:8f:78:d9:a3:2b:
9a:57:81:44:c5:ef:a6:60:28:f5:cb:3d:27:2f:bc:
44:0e:2b:00:69:db:b0:c2:24:08:fb:3f:63:d9:05:
69:25:d0:db:05:f8:ca:b4:f4:8b:03:5b:1f:ab:33:
67:43:de:b8:97:f5:91:83:26:05:5e:6e:ae:8f:b9:
31:a5:35:83:56:03:95:e5:52:71:3c:1f:ce:63:8b:
77:7c:d0:fe:4b:98:d5:01:e0:3a:42:9d:6c:3c:77:
85:a6:ee:1d:2a:49:76:f3:d4:89:55:90:ec:d7:1b:
b1:be:2d:67:ac:ce:6a:72:57:64:db:51:4d:4b:38:
a3:ce:06:78:05:bb:14:9d:5b:92:26:63:30:1a:ac:
11:94:d3:81:31:d7:b4:d5:69:e8:cd:84:c8:d0:29:
7b:e9:f0:58:93:cd:24:23:f6:50:3d:55:fa:de:f3:
05:a0:58:e9:9a:a4:37:55:65:c4:14:7b:b3:b9:65:
e4:39:1a:07:1f:98:bc:4b:43:71:9e:e1:9e:10:9f:
78:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F9:38:A4:F9:1C:CC:CD:66:04:79:28:22:C5:5B:60:CD:C8:1D:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:a0:ff:eb:61:26:99:73:c3:48:a1:47:83:43:3a:12:3a:be:
d3:b5:04:a2:75:bf:fb:71:49:33:14:76:57:4c:62:ba:31:5b:
0b:eb:34:a9:d0:25:ab:c5:c0:87:56:33:33:7c:c3:c7:fb:41:
78:3e:87:20:f4:01:d6:14:a1:9d:ad:18:fe:46:be:e7:7c:5c:
fc:db:41:76:f5:06:86:40:11:1c:56:88:29:56:77:ba:1b:77:
c0:da:29:50:53:fe:b7:d5:d2:f8:90:51:59:d8:34:f2:63:b2:
60:0a:83:74:66:48:3e:49:12:0f:36:61:2e:26:b0:f7:96:2b:
a2:2c:98:2e:e8:f9:8c:ec:87:3d:29:6d:5e:77:7f:13:dd:9e:
f1:44:4d:50:42:2e:ea:43:c9:15:e5:42:62:18:93:43:0e:2b:
8b:50:ca:47:ff:bf:a7:69:cf:47:7e:dd:01:41:93:45:af:3f:
e8:e2:cc:34:aa:cd:6a:e7:69:3f:af:24:5c:1e:73:8a:18:bf:
47:0e:49:71:fc:12:c7:6d:35:b2:1d:7d:c6:a7:57:d2:a5:cd:
94:82:ef:c6:59:b1:5d:f3:0f:98:e4:fc:51:55:ff:f0:41:5e:
3b:f8:6f:33:7c:aa:4e:54:c8:4a:3e:31:1d:2a:22:35:f5:53:
31:8f:a4:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTXcIKtA9OONg3ByVzF/CgN4o1BUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZDYwYjliMjdhZTg4YTc2NWQ3NDBmOGI5ZmY2ZjNmM2M0NTE1MTZhZTIy
ODg5YmU5Y2FhZjE2MDhhODdlZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPZ2zm3oRidxQQyec/fR06Kd9JbSW3StHNDcisbhJlLlxJJoYfUZfFgOKYdp
bTYBVAKxGZb6II942aMrmleBRMXvpmAo9cs9Jy+8RA4rAGnbsMIkCPs/Y9kFaSXQ
2wX4yrT0iwNbH6szZ0PeuJf1kYMmBV5uro+5MaU1g1YDleVScTwfzmOLd3zQ/kuY
1QHgOkKdbDx3habuHSpJdvPUiVWQ7Ncbsb4tZ6zOanJXZNtRTUs4o84GeAW7FJ1b
kiZjMBqsEZTTgTHXtNVp6M2EyNApe+nwWJPNJCP2UD1V+t7zBaBY6ZqkN1VlxBR7
s7ll5DkaBx+YvEtDcZ7hnhCfeI0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQr+Tik
+RzMzWYEeSgixVtgzcgdbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQBFoP/rYSaZc8NIoUeDQzoSOr7TtQSidb/7cUkzFHZX
TGK6MVsL6zSp0CWrxcCHVjMzfMPH+0F4Pocg9AHWFKGdrRj+Rr7nfFz820F29QaG
QBEcVogpVne6G3fA2ilQU/631dL4kFFZ2DTyY7JgCoN0Zkg+SRIPNmEuJrD3liui
LJgu6PmM7Ic9KW1ed38T3Z7xRE1QQi7qQ8kV5UJiGJNDDiuLUMpH/7+nac9Hft0B
QZNFrz/o4sw0qs1q52k/ryRcHnOKGL9HDklx/BLHbTWyHX3Gp1fSpc2Ugu/GWbFd
8w+Y5PxRVf/wQV47+G8zfKpOVMhKPjEdKiI19VMxj6QA
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:46:57 2024 by rpki-client on console-fra.rpki-client.org