Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
File: 15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa (raw, json)
Hash identifier: EfFYa2Bdn3EXfzL6pGvoN5cCvyDySMwxVFzH2jV40sI=
Subject key identifier: 05:41:79:65:F9:2C:C3:FA:0C:F1:AF:F3:FB:42:33:7C:3B:0F:64:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52797F6ABEEFA3A57DCE974F2203786F95F9E62F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:79:7f:6a:be:ef:a3:a5:7d:ce:97:4f:22:03:78:6f:95:f9:e6:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=9737814b2df743574e8a2ec80ba45e58bee3922358c6332a4f801f4659406d60, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f7:21:71:20:32:e8:0d:18:db:7f:2f:6a:fc:
2d:6d:ed:17:e7:41:99:42:79:5f:37:17:dd:a8:09:
df:e9:bc:1a:a4:24:ba:f2:46:66:6d:ff:2d:e1:df:
6e:d3:b3:0c:55:77:b1:51:05:b5:f4:02:31:ca:34:
8e:64:2f:0a:84:2d:18:00:94:6e:75:b2:ec:23:82:
6d:64:b1:a8:59:33:b7:17:e0:d8:5b:44:14:43:75:
66:f5:ca:55:e4:6e:40:52:ad:0d:94:fa:c9:01:26:
5f:21:ab:69:bf:99:21:4f:f3:cf:32:46:44:93:d8:
d1:18:8d:a0:df:88:7e:6e:4e:50:e2:55:4a:14:df:
27:19:ca:2d:38:31:48:83:c0:94:e3:ba:49:ed:66:
ab:ac:bb:82:f1:d0:6f:89:47:aa:f8:50:34:e5:ad:
1a:4a:f1:a2:46:b7:ca:8e:97:10:30:b4:6c:68:8b:
65:28:1f:5f:79:4f:45:ff:a3:58:d1:5b:47:35:69:
9d:a8:76:16:68:71:e0:b3:f3:d1:4a:95:eb:4b:04:
62:0e:e1:0e:2e:14:ca:98:f7:8c:4d:ee:47:bf:10:
1d:3d:bf:f6:3b:81:03:aa:2d:21:3a:60:a9:8b:4b:
ce:1b:34:73:da:5a:40:69:73:09:a0:74:69:fb:98:
eb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:41:79:65:F9:2C:C3:FA:0C:F1:AF:F3:FB:42:33:7C:3B:0F:64:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15be84ca-a9ee-44c8-9bac-fcbe3415ae22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:e4:92:ca:6e:44:c7:3e:ca:74:d3:77:71:0e:11:ff:77:ca:
00:8e:6c:aa:25:f7:fb:05:eb:f1:38:a8:ef:d5:de:59:a8:d0:
28:fb:a8:90:77:9c:f2:d1:89:d1:4c:1a:22:f0:5f:a6:6a:f5:
f5:ad:ea:d9:c3:a5:a7:19:e9:c3:b7:87:4e:95:88:a5:cf:4b:
89:13:6a:d9:c5:9d:7d:be:bb:4f:8a:f2:62:98:80:83:e1:5e:
45:43:9d:85:4a:4f:f6:16:ff:7f:bf:59:ed:78:68:b3:e3:a0:
44:0b:99:52:ff:03:cd:1b:4a:66:81:4b:cc:54:e5:19:66:90:
c3:11:6c:87:d7:6e:8b:d6:29:ec:29:1b:e1:1a:b2:e0:9f:1f:
a6:d9:4c:fd:f5:0b:31:da:67:d3:12:f4:1d:0e:cf:ec:9c:27:
ff:0e:17:a3:d2:ac:e0:e0:93:60:19:70:8d:e7:20:76:e1:f4:
ed:8f:a3:09:12:46:3b:c9:8e:ba:fa:61:bc:e7:c5:18:55:b1:
cf:dc:20:01:7c:c1:e4:d7:fd:46:34:bb:83:26:e9:6d:96:7e:
f3:c8:ad:83:26:09:8c:5f:ac:a0:bb:9e:91:01:2d:b6:15:98:
34:fb:bf:b1:98:9a:c2:e9:78:1f:da:70:0f:15:0e:6a:54:59:
25:89:63:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUnl/ar7vo6V9zpdPIgN4b5X55i8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3Mzc4MTRiMmRmNzQzNTc0ZThhMmVjODBiYTQ1ZTU4YmVlMzkyMjM1OGM2
MzMyYTRmODAxZjQ2NTk0MDZkNjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/3IXEgMugNGNt/L2r8LW3tF+dBmUJ5XzcX3agJ3+m8GqQkuvJGZm3/LeHf
btOzDFV3sVEFtfQCMco0jmQvCoQtGACUbnWy7COCbWSxqFkztxfg2FtEFEN1ZvXK
VeRuQFKtDZT6yQEmXyGrab+ZIU/zzzJGRJPY0RiNoN+Ifm5OUOJVShTfJxnKLTgx
SIPAlOO6Se1mq6y7gvHQb4lHqvhQNOWtGkrxoka3yo6XEDC0bGiLZSgfX3lPRf+j
WNFbRzVpnah2Fmhx4LPz0UqV60sEYg7hDi4Uypj3jE3uR78QHT2/9juBA6otITpg
qYtLzhs0c9paQGlzCaB0afuY6wECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFQXll
+SzD+gzxr/P7QjN8Ow9kkTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTViZTg0Y2EtYTllZS00NGM4LTliYWMtZmNiZTM0MTVhZTIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQB75JLKbkTHPsp003dxDhH/d8oAjmyqJff7BevxOKjv
1d5ZqNAo+6iQd5zy0YnRTBoi8F+mavX1rerZw6WnGenDt4dOlYilz0uJE2rZxZ19
vrtPivJimICD4V5FQ52FSk/2Fv9/v1nteGiz46BEC5lS/wPNG0pmgUvMVOUZZpDD
EWyH126L1insKRvhGrLgnx+m2Uz99Qsx2mfTEvQdDs/snCf/Dhej0qzg4JNgGXCN
5yB24fTtj6MJEkY7yY66+mG858UYVbHP3CABfMHk1/1GNLuDJultln7zyK2DJgmM
X6ygu56RAS22FZg0+7+xmJrC6Xgf2nAPFQ5qVFkliWOG
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org