Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
File: 19ed8e91-54d7-4564-8b59-b6260df59d4d.roa (raw, json)
Hash identifier: 0a5HS1QCEI73ta4u1BUfjFrSpAb/3JUZ7BCrBws9Myk=
Subject key identifier: FB:CD:9C:D8:CD:12:67:F1:44:04:5B:F9:8E:44:3A:7D:55:D8:24:49
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53EDF148446DB6FB871D51D4893ABD985148F0AC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:ed:f1:48:44:6d:b6:fb:87:1d:51:d4:89:3a:bd:98:51:48:f0:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=e8efa22f476e635c42f741bf607201c5aaef86769e20530e37b68593bb6c0e99, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:25:e0:f4:ba:07:e2:c8:74:72:65:b1:ba:08:
1d:78:24:29:11:25:22:f6:bb:03:db:42:82:1c:12:
5a:b0:8d:38:7f:07:c7:cd:4f:d5:60:49:f8:67:77:
f1:de:58:ec:3f:e4:f5:82:74:13:68:d0:d2:a8:03:
07:fb:cb:d1:d1:7a:d6:d6:82:07:80:fb:20:e9:ff:
52:c6:1b:26:56:b3:60:3a:d4:3d:bb:ba:c7:ba:b0:
24:68:ce:9e:38:b8:ef:14:80:5a:8b:b4:61:71:fe:
c3:1b:39:1e:6b:e8:3f:41:c2:fb:2a:cf:59:81:d4:
f0:9c:4b:2f:92:99:13:9c:37:a6:de:d9:83:58:59:
2f:ff:1c:c3:e2:4c:eb:d0:93:7f:f6:b6:11:b5:bc:
b3:e9:96:e8:9e:99:11:f9:fc:96:1a:c6:27:08:df:
d6:26:67:59:16:68:71:02:87:e7:4b:8f:24:5e:25:
e7:13:a5:a8:f9:23:8b:5c:ee:a7:9a:a2:5c:31:47:
6b:f2:cf:b2:96:f0:c5:27:63:a3:af:04:07:3a:ab:
87:d8:f8:0f:a9:89:af:fb:68:8d:53:ae:f0:e8:d4:
aa:f4:cc:f2:07:84:8b:36:11:65:67:c8:4c:cc:7a:
72:62:d6:0f:71:15:9d:9d:33:c5:79:94:d8:78:de:
7d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:CD:9C:D8:CD:12:67:F1:44:04:5B:F9:8E:44:3A:7D:55:D8:24:49
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a8:e6:a8:f6:03:e4:3b:26:dd:d5:04:78:e7:6b:b4:2c:44:ff:
8b:61:c3:e8:53:db:53:8b:30:ec:dd:f2:0b:81:b2:6e:69:31:
8c:56:97:70:30:95:34:c0:1b:2f:1a:a5:a1:0b:cb:23:db:ea:
b4:94:c0:5d:d7:45:0a:a0:f4:b1:81:d0:4b:f9:a1:66:97:36:
1d:f0:8e:89:75:0a:31:e4:41:51:b3:80:c5:cd:31:c4:89:17:
d9:29:72:f6:ac:4a:36:ea:47:1b:9e:1f:b9:f6:65:85:ae:93:
2d:52:3c:6d:ef:77:e2:83:0d:de:92:c9:be:de:85:17:58:79:
60:2d:6e:ad:60:93:c6:a5:c0:03:1e:d5:c7:1f:a1:46:d4:cf:
f3:7b:30:31:96:31:e3:11:12:48:45:42:e1:d4:f1:b2:13:5b:
27:82:f8:a5:10:7d:84:47:cf:a9:a0:8b:85:59:06:b5:a7:45:
a6:64:b8:1a:c6:d4:c6:49:33:38:16:0e:db:6f:bd:93:1f:e4:
17:06:c1:4f:6e:b1:11:a1:2a:69:df:52:2e:28:11:74:4c:07:
25:82:b9:87:15:4b:a0:18:de:85:5d:cb:92:19:fb:5b:a3:75:
ab:a3:e3:3b:b3:80:3d:11:d0:9c:b8:54:0f:4c:bd:82:0a:b8:
e6:45:d2:0c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUU+3xSERttvuHHVHUiTq9mFFI8KwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4ZWZhMjJmNDc2ZTYzNWM0MmY3NDFiZjYwNzIwMWM1YWFlZjg2NzY5ZTIw
NTMwZTM3YjY4NTkzYmI2YzBlOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIl4PS6B+LIdHJlsboIHXgkKRElIva7A9tCghwSWrCNOH8Hx81P1WBJ+Gd3
8d5Y7D/k9YJ0E2jQ0qgDB/vL0dF61taCB4D7IOn/UsYbJlazYDrUPbu6x7qwJGjO
nji47xSAWou0YXH+wxs5HmvoP0HC+yrPWYHU8JxLL5KZE5w3pt7Zg1hZL/8cw+JM
69CTf/a2EbW8s+mW6J6ZEfn8lhrGJwjf1iZnWRZocQKH50uPJF4l5xOlqPkji1zu
p5qiXDFHa/LPspbwxSdjo68EBzqrh9j4D6mJr/tojVOu8OjUqvTM8geEizYRZWfI
TMx6cmLWD3EVnZ0zxXmU2HjefR8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT7zZzY
zRJn8UQEW/mORDp9VdgkSTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTllZDhlOTEtNTRkNy00NTY0LThiNTktYjYyNjBkZjU5ZDRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCo5qj2A+Q7Jt3VBHjna7QsRP+LYcPoU9tTizDs3fIL
gbJuaTGMVpdwMJU0wBsvGqWhC8sj2+q0lMBd10UKoPSxgdBL+aFmlzYd8I6JdQox
5EFRs4DFzTHEiRfZKXL2rEo26kcbnh+59mWFrpMtUjxt73figw3eksm+3oUXWHlg
LW6tYJPGpcADHtXHH6FG1M/zezAxljHjERJIRULh1PGyE1sngvilEH2ER8+poIuF
WQa1p0WmZLgaxtTGSTM4Fg7bb72TH+QXBsFPbrERoSpp31IuKBF0TAclgrmHFUug
GN6FXcuSGftbo3Wro+M7s4A9EdCcuFQPTL2CCrjmRdIM
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org