Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
File: 0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa (raw, json)
Hash identifier: M5+gWL7/hgpioAjg9U27O65QIuyBef52GmCT98nMSUc=
Subject key identifier: 54:CD:75:17:F1:6B:33:0F:95:2F:39:4D:95:48:29:82:95:B6:40:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 097B9AC97B98D919F3FE9CD4649EED899BFE916E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:7b:9a:c9:7b:98:d9:19:f3:fe:9c:d4:64:9e:ed:89:9b:fe:91:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=381c6b2534bfa3a3e5db9aa4cb08ad59608f644fd91aa0f7bb40f84a33b2e831, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:63:a9:91:c3:8a:a3:5c:b8:35:9a:5d:43:7b:
a7:e5:6e:29:45:83:a8:35:c4:96:38:8e:6a:28:b9:
71:1b:79:3d:6d:0d:58:27:02:a3:5a:9c:fb:51:25:
82:1c:0d:81:f5:29:0b:ed:84:74:23:0e:64:6d:18:
e0:25:17:0b:b4:dc:df:98:47:b5:ed:7c:22:56:94:
7b:7c:59:80:34:33:7f:60:0a:77:c2:55:57:33:ae:
b4:fd:3c:42:14:76:d8:fa:ad:3f:2d:4a:c8:e8:87:
29:23:c2:25:c8:25:d5:1d:e9:ff:f3:58:d3:a2:52:
eb:cb:4f:a2:b7:31:b9:e7:3f:11:bb:0a:03:ec:d6:
b4:c9:1f:6e:cf:33:df:d6:09:82:62:23:c1:17:ea:
f6:35:56:d1:41:74:e9:da:79:07:44:3a:31:22:54:
e0:fb:e2:86:83:5d:e0:0b:a8:86:11:af:cf:85:89:
e8:2b:7f:e5:ae:64:c4:09:e7:78:17:92:dc:8c:df:
85:34:f8:0d:79:92:b5:31:35:84:92:88:f1:c3:23:
7a:95:e0:29:5f:91:5e:1d:fd:f6:4f:5d:b6:9f:5b:
4f:58:b6:e1:1e:9d:4d:46:f6:cf:e7:0d:2d:7c:bb:
22:23:74:5b:ee:29:5a:ad:3d:22:e4:b5:16:aa:11:
69:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CD:75:17:F1:6B:33:0F:95:2F:39:4D:95:48:29:82:95:B6:40:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d1:d4:30:49:df:34:f1:53:9a:a7:13:06:c5:dc:9d:ba:dc:cd:
83:90:b5:52:7c:54:2e:c3:c9:86:91:b8:ee:45:6c:bb:dd:ce:
8a:6f:91:6b:94:48:a1:15:a6:a4:15:db:c9:63:60:9a:e9:d9:
05:ce:f3:19:c7:ef:e7:d2:35:35:d3:32:b7:c6:9b:87:82:1d:
56:77:45:41:67:27:fc:13:f0:cd:5e:53:3e:00:5b:f8:f1:b4:
80:da:5d:29:34:3a:76:1e:d7:f3:af:c6:47:77:21:96:32:e7:
9e:9d:a0:6c:ba:23:c2:d8:11:e2:45:a1:1c:55:d8:ac:e4:bc:
8f:07:86:87:03:fd:6f:82:da:05:2a:93:f6:21:10:ec:ef:d2:
cf:90:ec:d8:85:76:1b:25:b5:cd:fd:8f:5b:b4:67:88:2c:a3:
a2:90:35:c7:54:ce:b9:8c:88:82:75:d4:88:d6:42:29:39:b8:
93:e0:e4:05:51:60:24:03:da:53:b9:e5:f7:0d:32:0e:cf:b9:
fd:a0:78:0d:71:ce:10:a0:b5:cb:c1:da:c8:54:9a:6c:a2:af:
90:bf:83:79:01:9c:95:b4:8c:6e:e5:74:72:a3:e0:fe:07:da:
bb:14:78:82:9d:27:8f:41:07:b7:23:a9:1f:e7:ff:05:84:5a:
9b:29:d5:28
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCXuayXuY2Rnz/pzUZJ7tiZv+kW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MWM2YjI1MzRiZmEzYTNlNWRiOWFhNGNiMDhhZDU5NjA4ZjY0NGZkOTFh
YTBmN2JiNDBmODRhMzNiMmU4MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMljqZHDiqNcuDWaXUN7p+VuKUWDqDXEljiOaii5cRt5PW0NWCcCo1qc+1El
ghwNgfUpC+2EdCMOZG0Y4CUXC7Tc35hHte18IlaUe3xZgDQzf2AKd8JVVzOutP08
QhR22PqtPy1KyOiHKSPCJcgl1R3p//NY06JS68tPorcxuec/EbsKA+zWtMkfbs8z
39YJgmIjwRfq9jVW0UF06dp5B0Q6MSJU4PvihoNd4AuohhGvz4WJ6Ct/5a5kxAnn
eBeS3IzfhTT4DXmStTE1hJKI8cMjepXgKV+RXh399k9dtp9bT1i24R6dTUb2z+cN
LXy7IiN0W+4pWq09IuS1FqoRaYUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRUzXUX
8WszD5UvOU2VSCmClbZA0DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGU2Y2Y4Y2ItMDI5Yi00MWI4LWFhMDUtNzMxMGY3ZjE0MWQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQDR1DBJ3zTxU5qnEwbF3J263M2DkLVSfFQuw8mGkbju
RWy73c6Kb5FrlEihFaakFdvJY2Ca6dkFzvMZx+/n0jU10zK3xpuHgh1Wd0VBZyf8
E/DNXlM+AFv48bSA2l0pNDp2Htfzr8ZHdyGWMueenaBsuiPC2BHiRaEcVdis5LyP
B4aHA/1vgtoFKpP2IRDs79LPkOzYhXYbJbXN/Y9btGeILKOikDXHVM65jIiCddSI
1kIpObiT4OQFUWAkA9pTueX3DTIOz7n9oHgNcc4QoLXLwdrIVJpsoq+Qv4N5AZyV
tIxu5XRyo+D+B9q7FHiCnSePQQe3I6kf5/8FhFqbKdUo
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org