Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18b361ec-783e-4c7a-b676-630b9f1d1c6a.roa
File: 18b361ec-783e-4c7a-b676-630b9f1d1c6a.roa (raw, json)
Hash identifier: V5hJ52246PSIykfkZ5Mgtz936fXvuWwNr6+WJ7k42MU=
Subject key identifier: 6C:7E:C7:49:74:6B:89:1F:14:12:A8:08:E2:44:F1:62:05:56:11:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26E2A9178849B1F7F35B3F398CBFCAC60F8A3EEC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18b361ec-783e-4c7a-b676-630b9f1d1c6a.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:e2:a9:17:88:49:b1:f7:f3:5b:3f:39:8c:bf:ca:c6:0f:8a:3e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=9f2d123418e1fdd49f22cbf18b8eaaa1a0d07aa2ad633d22c0dc13899d3176e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f7:ae:49:e3:c4:92:c7:ac:79:82:df:2b:3e:
52:66:90:99:c6:4b:08:e8:88:e6:16:2b:4c:e2:06:
8b:da:97:0a:f0:4f:fd:06:e1:31:cc:74:03:d6:1a:
50:42:e3:a6:ac:18:41:f7:67:1d:93:7d:8e:9b:55:
24:07:25:41:f8:3e:d7:cf:8f:09:b9:59:d9:94:18:
4a:b4:15:6b:e1:c4:47:12:c2:b0:58:29:5d:1e:ea:
9d:3d:66:5e:2f:9e:e9:9e:92:cf:de:0d:cf:50:11:
6a:66:67:fe:e4:11:b4:6b:10:6b:46:78:f5:74:fe:
9f:e2:6f:19:30:f9:dd:b3:ca:5c:f4:e3:8f:be:5b:
d3:0b:d9:51:64:cc:5a:1e:d6:1a:08:d2:48:94:46:
e2:d3:0a:4f:12:ab:60:52:6a:34:2d:cc:3c:f2:49:
d5:c5:4b:ed:7f:9c:dc:d6:10:61:84:22:12:5d:b4:
c1:fb:a3:6d:eb:7b:d6:f4:e9:38:bb:57:ef:38:23:
7c:33:4a:c6:74:58:c8:ab:5f:81:da:2a:8f:03:e2:
1a:88:31:0b:c2:25:2b:22:cb:00:5a:e8:1f:d0:b9:
63:bc:8b:09:d2:97:23:4d:43:d8:1e:d7:55:a9:c7:
93:7a:30:e1:4e:8a:b0:4c:72:25:07:40:f3:d5:aa:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7E:C7:49:74:6B:89:1F:14:12:A8:08:E2:44:F1:62:05:56:11:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18b361ec-783e-4c7a-b676-630b9f1d1c6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cd:7b:70:b9:ec:7d:e2:a9:17:ac:5f:b2:38:73:28:44:47:3f:
03:e8:7f:d1:23:4f:94:aa:b4:5b:8c:38:cd:e0:04:d1:4d:0d:
be:7a:7f:77:aa:63:23:97:fd:6a:52:1f:73:e2:30:ac:4c:77:
c6:79:b5:17:9b:bb:b0:14:ea:03:03:52:64:c1:72:fb:0b:a6:
17:71:21:4e:75:92:b9:5c:82:53:0e:45:6f:43:dc:08:08:7e:
56:e5:03:63:f8:b9:2c:a3:ff:a7:4a:45:37:ea:c3:12:40:45:
97:c6:ae:a3:0f:a6:04:e6:bd:07:85:83:dd:38:75:b3:d4:75:
ad:6d:64:86:56:c3:16:a9:36:cb:2b:01:66:ae:11:64:30:9f:
2f:c6:e5:5b:0b:dc:66:b5:69:26:33:cd:69:38:cb:ac:6f:79:
0a:a0:f5:d6:7f:b1:66:a6:b7:57:ce:0d:2a:df:94:27:5e:ee:
26:50:2b:76:e6:17:24:90:b9:29:97:4b:c4:c9:b5:9c:af:43:
25:73:f9:dc:64:60:3a:5e:0c:e1:ca:2e:70:3f:c8:a4:50:53:
53:0a:94:00:b3:b5:24:30:a0:76:12:b1:65:77:25:2c:29:fb:
1e:73:23:f0:7d:c4:bf:b9:a0:83:c8:e0:2b:79:69:1b:9f:67:
1b:8c:33:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJuKpF4hJsffzWz85jL/Kxg+KPuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMmQxMjM0MThlMWZkZDQ5ZjIyY2JmMThiOGVhYWExYTBkMDdhYTJhZDYz
M2QyMmMwZGMxMzg5OWQzMTc2ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALn3rknjxJLHrHmC3ys+UmaQmcZLCOiI5hYrTOIGi9qXCvBP/QbhMcx0A9Ya
UELjpqwYQfdnHZN9jptVJAclQfg+18+PCblZ2ZQYSrQVa+HERxLCsFgpXR7qnT1m
Xi+e6Z6Sz94Nz1ARamZn/uQRtGsQa0Z49XT+n+JvGTD53bPKXPTjj75b0wvZUWTM
Wh7WGgjSSJRG4tMKTxKrYFJqNC3MPPJJ1cVL7X+c3NYQYYQiEl20wfujbet71vTp
OLtX7zgjfDNKxnRYyKtfgdoqjwPiGogxC8IlKyLLAFroH9C5Y7yLCdKXI01D2B7X
VanHk3ow4U6KsExyJQdA89Wqb1kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsfsdJ
dGuJHxQSqAjiRPFiBVYRhzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThiMzYxZWMtNzgzZS00YzdhLWI2NzYtNjMwYjlmMWQxYzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMAMA0G
CSqGSIb3DQEBCwUAA4IBAQDNe3C57H3iqResX7I4cyhERz8D6H/RI0+UqrRbjDjN
4ATRTQ2+en93qmMjl/1qUh9z4jCsTHfGebUXm7uwFOoDA1JkwXL7C6YXcSFOdZK5
XIJTDkVvQ9wICH5W5QNj+Lkso/+nSkU36sMSQEWXxq6jD6YE5r0HhYPdOHWz1HWt
bWSGVsMWqTbLKwFmrhFkMJ8vxuVbC9xmtWkmM81pOMusb3kKoPXWf7FmprdXzg0q
35QnXu4mUCt25hckkLkpl0vEybWcr0Mlc/ncZGA6Xgzhyi5wP8ikUFNTCpQAs7Uk
MKB2ErFldyUsKfsecyPwfcS/uaCDyOAreWkbn2cbjDM1
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org