Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc21f5a9-b6e5-453c-a66b-c9eee5d06588.roa
File: fc21f5a9-b6e5-453c-a66b-c9eee5d06588.roa (raw, json)
Hash identifier: Oa548I2iVI497ZPbT9Dd1islZ0eJ640ThwZ/kqV+5Ts=
Subject key identifier: 44:E6:A8:DB:80:7A:8B:D0:7F:BE:23:38:E6:5F:23:2E:03:A8:88:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D0E3C322F0C69AE6235FDFA7A91D65D28DB840A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc21f5a9-b6e5-453c-a66b-c9eee5d06588.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:0e:3c:32:2f:0c:69:ae:62:35:fd:fa:7a:91:d6:5d:28:db:84:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2917894f53081832ab26b4d925db7b57ed821bc02b468e137a376d4f9e32002d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:60:61:11:e5:37:6a:51:43:28:53:95:2d:a1:
80:0c:58:49:8c:97:4e:8e:b5:1d:f2:b4:84:31:f4:
2d:65:97:8a:be:01:ed:de:c0:26:5d:cb:a8:bd:0e:
d7:fd:c8:71:4c:df:42:da:78:fe:9e:3b:c2:d2:6a:
e8:57:80:57:1f:93:0c:bd:e3:04:c3:2c:80:7f:49:
bf:1c:44:3d:07:9b:36:9c:3e:e1:b6:a1:95:7e:ae:
9f:93:84:cd:88:a2:97:dd:31:41:03:ad:6d:a3:a4:
4d:fd:2a:87:82:7e:8b:39:ad:08:ac:7f:8e:7c:de:
3b:07:e3:1e:fb:6e:53:96:8d:df:2b:3f:9a:52:79:
d2:57:06:e6:2a:17:c5:a3:31:cd:a5:b5:11:7a:8f:
36:1b:27:c2:78:15:dd:2b:f5:10:49:f0:85:f2:23:
fe:5a:5e:c8:b0:e1:7f:33:7a:d0:b2:8c:e8:24:15:
45:f2:ce:4f:7b:44:2d:f3:7b:dd:c5:bf:f2:ca:06:
57:7b:57:a8:b8:00:c6:43:6e:d7:06:60:06:bf:46:
66:b4:96:9f:d4:b2:c7:60:20:13:44:f7:c8:06:67:
9f:0a:4f:69:36:24:02:d4:31:dc:48:4e:f6:1a:59:
b0:08:30:b9:62:e5:52:d7:37:72:2f:54:e0:88:f8:
a8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E6:A8:DB:80:7A:8B:D0:7F:BE:23:38:E6:5F:23:2E:03:A8:88:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc21f5a9-b6e5-453c-a66b-c9eee5d06588.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d5:09:d5:a6:b9:46:42:02:72:ce:a9:05:3e:a8:67:4b:92:1c:
e6:60:ea:6e:48:2c:3a:84:89:26:0e:9a:97:fa:67:27:f5:40:
dc:81:ee:14:26:5f:ff:dc:4b:7b:88:60:64:35:b2:89:a8:3a:
ec:50:f1:80:96:33:71:26:3c:d7:78:ca:32:8d:75:97:98:6f:
62:29:70:c9:25:cf:24:25:ae:47:0f:45:71:54:84:f6:fa:8c:
31:5a:d1:b4:16:6d:12:97:2b:31:4f:5d:06:28:6f:1f:8b:f9:
b9:54:ae:f0:e6:08:46:d1:62:5d:17:24:01:f6:d1:4e:a4:ad:
5b:44:5e:d6:e1:16:ed:0e:8d:33:eb:47:f0:1f:b6:64:19:ba:
55:8d:13:e8:bf:84:14:73:2e:94:ee:65:18:90:05:a6:93:ae:
c3:9c:60:d2:9c:1c:30:4f:52:3e:9d:fc:b6:25:f6:0c:3e:d7:
35:e1:50:3f:89:37:c5:3b:43:a3:f4:18:b4:82:23:79:25:55:
38:0c:df:bc:d6:7a:5f:08:f6:e5:bb:6a:98:6c:93:07:ec:2f:
c7:65:32:b7:70:bf:98:66:38:80:bc:b2:48:57:70:c3:52:e1:
fc:5a:a3:38:ce:7d:4b:1d:f6:f2:a7:cb:5c:39:b9:cf:86:6f:
94:56:11:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTQ48Mi8Maa5iNf36epHWXSjbhAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MTc4OTRmNTMwODE4MzJhYjI2YjRkOTI1ZGI3YjU3ZWQ4MjFiYzAyYjQ2
OGUxMzdhMzc2ZDRmOWUzMjAwMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdgYRHlN2pRQyhTlS2hgAxYSYyXTo61HfK0hDH0LWWXir4B7d7AJl3LqL0O
1/3IcUzfQtp4/p47wtJq6FeAVx+TDL3jBMMsgH9JvxxEPQebNpw+4bahlX6un5OE
zYiil90xQQOtbaOkTf0qh4J+izmtCKx/jnzeOwfjHvtuU5aN3ys/mlJ50lcG5ioX
xaMxzaW1EXqPNhsnwngV3Sv1EEnwhfIj/lpeyLDhfzN60LKM6CQVRfLOT3tELfN7
3cW/8soGV3tXqLgAxkNu1wZgBr9GZrSWn9Syx2AgE0T3yAZnnwpPaTYkAtQx3EhO
9hpZsAgwuWLlUtc3ci9U4Ij4qMMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRE5qjb
gHqL0H++IzjmXyMuA6iIdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMyMWY1YTktYjZlNS00NTNjLWE2NmItYzllZWU1ZDA2NTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQDVCdWmuUZCAnLOqQU+qGdLkhzmYOpuSCw6hIkmDpqX
+mcn9UDcge4UJl//3Et7iGBkNbKJqDrsUPGAljNxJjzXeMoyjXWXmG9iKXDJJc8k
Ja5HD0VxVIT2+owxWtG0Fm0SlysxT10GKG8fi/m5VK7w5ghG0WJdFyQB9tFOpK1b
RF7W4RbtDo0z60fwH7ZkGbpVjRPov4QUcy6U7mUYkAWmk67DnGDSnBwwT1I+nfy2
JfYMPtc14VA/iTfFO0Oj9Bi0giN5JVU4DN+81npfCPblu2qYbJMH7C/HZTK3cL+Y
ZjiAvLJIV3DDUuH8WqM4zn1LHfbyp8tcObnPhm+UVhE1
-----END CERTIFICATE-----
Generated at Sat Apr 20 01:48:10 2024 by rpki-client on console-fra.rpki-client.org