Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05373da7-488d-4f72-bdea-e35c5d9faf3e.roa
File: 05373da7-488d-4f72-bdea-e35c5d9faf3e.roa (raw, json)
Hash identifier: Czb3N4SamPrppmsqTi1mgivlHAFmCT4s9LtJ8DxyE+8=
Subject key identifier: B2:0C:9A:49:4A:83:94:87:19:6F:61:F6:9A:0D:45:89:6B:B7:D3:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6073EC847C62C7BFDD91538786296D9193AB394D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05373da7-488d-4f72-bdea-e35c5d9faf3e.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.128.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:73:ec:84:7c:62:c7:bf:dd:91:53:87:86:29:6d:91:93:ab:39:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=7aa10ab62de47645986f317cfa95a94ac77feb9f9a2e27065987828f38b8183e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7a:40:45:28:70:24:0c:60:db:b6:4c:62:63:
b8:3a:51:eb:a7:d2:64:2d:ce:22:9f:49:39:bc:89:
67:c4:b6:a3:aa:c5:91:9d:30:0f:d4:aa:d7:60:33:
b2:f4:fa:ea:28:dc:5d:69:10:fb:ca:04:d7:5b:23:
b3:61:f4:37:e5:32:07:10:3d:91:12:8a:00:db:a4:
2f:e9:4b:9a:0a:89:fb:c1:70:ad:01:ad:8f:ac:e2:
a3:a2:de:54:c1:5d:90:19:60:6f:e1:fe:1f:c2:a2:
b8:d3:95:e4:75:91:ec:a8:27:d9:da:88:13:2e:2b:
7a:47:ea:0d:82:80:ae:3c:70:b9:48:21:b5:de:b4:
58:61:ee:e2:f6:00:91:a4:38:9a:2b:42:31:de:17:
8f:fa:2e:c9:48:50:1c:73:58:dc:d3:57:de:8b:8f:
b4:a5:72:2c:c8:cb:0c:15:7a:f8:0c:a5:e3:5f:02:
99:00:8e:34:12:e4:48:ba:7d:8c:00:88:31:0d:a6:
f0:77:0d:d0:ba:d3:73:95:be:fb:5b:9d:0b:38:0f:
50:c2:5f:44:eb:92:e7:92:60:07:65:77:de:42:ed:
5f:16:8d:15:e6:79:e0:a9:c7:23:79:54:b5:3a:83:
fa:74:6d:4c:77:a3:28:24:34:6e:1f:65:0e:1b:b1:
e6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0C:9A:49:4A:83:94:87:19:6F:61:F6:9A:0D:45:89:6B:B7:D3:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05373da7-488d-4f72-bdea-e35c5d9faf3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:de:2a:61:45:36:5d:d6:f8:66:4a:78:d5:ce:30:fc:5f:cb:
82:4b:1d:8a:a3:bc:8c:51:9f:e7:40:18:06:e0:76:dd:5c:af:
d3:d3:a3:3b:fe:8c:99:ec:87:34:70:db:15:6a:a7:2d:85:b3:
b8:b0:e5:85:50:fb:0e:3b:5f:e8:71:18:b0:41:cc:af:ad:68:
fe:b4:66:a2:e5:b2:63:be:8b:78:2e:c6:20:aa:49:aa:7d:27:
0b:44:c1:f4:26:1d:b7:36:d6:b4:6a:74:78:74:2d:0b:77:b8:
fc:5e:71:ff:4c:69:6b:91:3e:fe:e1:ad:a0:70:32:f4:6a:ed:
6d:80:36:2e:fb:ba:d2:e8:8c:21:49:0b:65:08:a6:d1:aa:79:
a2:33:0e:89:ab:16:96:bd:15:d4:31:74:b7:57:f7:a8:22:ef:
eb:77:22:2e:d8:61:8d:f9:4f:c4:69:73:d4:ce:78:2e:75:4d:
eb:1e:66:b0:72:5c:0e:72:7e:81:e8:df:9b:78:10:ad:c7:36:
b6:94:41:88:ed:09:a0:c2:1b:d6:02:24:7e:eb:b0:72:12:cd:
3e:ee:6b:44:0a:2e:86:4e:75:78:08:17:a0:f0:c5:11:cf:74:
2d:21:11:ec:ce:e2:31:90:c5:af:fc:e6:02:32:a9:2b:fa:48:
e6:10:3b:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYHPshHxix7/dkVOHhiltkZOrOU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhYTEwYWI2MmRlNDc2NDU5ODZmMzE3Y2ZhOTVhOTRhYzc3ZmViOWY5YTJl
MjcwNjU5ODc4MjhmMzhiODE4M2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl6QEUocCQMYNu2TGJjuDpR66fSZC3OIp9JObyJZ8S2o6rFkZ0wD9Sq12Az
svT66ijcXWkQ+8oE11sjs2H0N+UyBxA9kRKKANukL+lLmgqJ+8FwrQGtj6zio6Le
VMFdkBlgb+H+H8KiuNOV5HWR7Kgn2dqIEy4rekfqDYKArjxwuUghtd60WGHu4vYA
kaQ4mitCMd4Xj/ouyUhQHHNY3NNX3ouPtKVyLMjLDBV6+Ayl418CmQCONBLkSLp9
jACIMQ2m8HcN0LrTc5W++1udCzgPUMJfROuS55JgB2V33kLtXxaNFeZ54KnHI3lU
tTqD+nRtTHejKCQ0bh9lDhux5ncCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSyDJpJ
SoOUhxlvYfaaDUWJa7fTLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDUzNzNkYTctNDg4ZC00ZjcyLWJkZWEtZTM1YzVkOWZhZjNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEAGt4qYUU2Xdb4Zkp41c4w/F/LgksdiqO8jFGf50AY
BuB23Vyv09OjO/6MmeyHNHDbFWqnLYWzuLDlhVD7Djtf6HEYsEHMr61o/rRmouWy
Y76LeC7GIKpJqn0nC0TB9CYdtzbWtGp0eHQtC3e4/F5x/0xpa5E+/uGtoHAy9Grt
bYA2Lvu60uiMIUkLZQim0ap5ojMOiasWlr0V1DF0t1f3qCLv63ciLthhjflPxGlz
1M54LnVN6x5msHJcDnJ+gejfm3gQrcc2tpRBiO0JoMIb1gIkfuuwchLNPu5rRAou
hk51eAgXoPDFEc90LSER7M7iMZDFr/zmAjKpK/pI5hA7Fw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org