Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
File: 1d0fc19c-dd37-4056-b427-b389226e4122.roa (raw, json)
Hash identifier: UQQhePBKfHXmUFLssdke+cf8XaMpHncK0hQ2NteZa8c=
Subject key identifier: 9E:31:53:13:A8:8F:47:45:64:9A:DF:6E:27:26:05:1B:D7:DD:13:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27ED10E18093E4C0804A972EE954389D415CB417
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:ed:10:e1:80:93:e4:c0:80:4a:97:2e:e9:54:38:9d:41:5c:b4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=3a01121a9715c22cd3188ac7f466606fffad081e13b6a62adf0e443d45dd35ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c9:e0:ca:df:78:66:ee:82:00:25:c5:29:bb:
e6:59:10:73:04:7f:f5:50:90:02:33:2f:0d:28:30:
56:0f:ae:2b:ea:e9:e2:43:0f:23:da:ce:14:96:4b:
eb:d8:ce:09:5a:78:13:b0:83:85:42:94:b3:a8:b0:
2f:c5:b2:88:b1:e0:68:d4:ee:ce:11:ad:dd:9a:ae:
6f:78:65:90:9a:40:b2:4b:47:b0:0c:44:2a:a6:46:
00:9f:98:2a:f7:fa:a6:3f:86:22:bf:e6:65:ac:51:
26:b5:81:29:f2:12:fc:ba:0e:1a:8f:9e:12:ff:e8:
05:1b:54:30:3d:62:fb:d5:93:2b:2d:0a:19:e5:20:
54:83:60:5a:5f:9f:77:84:15:99:6a:3a:ff:08:86:
2c:97:46:0c:00:83:40:72:8f:30:41:c0:af:e6:de:
7a:36:01:13:46:2a:e5:0d:09:89:bc:78:fa:db:02:
0b:95:6b:7f:fa:2d:cc:8a:e2:f8:29:e6:90:bc:63:
6f:dd:96:31:0d:a9:a4:45:d6:af:d0:75:37:b8:6f:
9f:a3:2e:9a:12:95:b4:a2:ee:8a:f7:27:73:19:1b:
a9:f1:a7:1c:88:41:c3:ce:7b:c9:c4:93:f0:40:54:
0f:3d:c9:a1:f5:2c:ff:c0:46:ad:08:1b:e2:21:9d:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:31:53:13:A8:8F:47:45:64:9A:DF:6E:27:26:05:1B:D7:DD:13:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2f:e9:20:1b:b2:50:cd:62:c7:2b:d9:35:f6:05:83:f0:a7:99:
11:3e:2f:cf:5b:d4:16:49:fe:1d:63:49:b0:2b:8e:ab:32:48:
d7:bb:58:80:d7:42:3c:47:54:c5:86:f4:47:d0:f8:c8:20:fb:
36:0c:82:93:cd:d1:9a:d9:33:ed:51:9b:85:f8:15:72:aa:47:
90:a7:6b:64:66:75:c1:f3:27:45:2a:d6:ba:bf:c1:78:3c:d5:
b4:98:8f:21:19:d3:e7:dc:6d:bb:7b:3e:0a:aa:be:68:12:35:
91:10:51:04:4e:2f:6f:41:60:db:c8:3f:ee:12:74:0a:21:38:
17:41:e7:57:fc:86:71:46:df:b8:7b:e6:0b:2c:52:72:db:bf:
4f:8f:de:98:fd:b7:30:64:8f:e7:6d:74:65:a6:53:90:7f:5d:
52:94:4e:03:d4:80:de:47:17:d7:47:7a:cd:b5:55:45:7a:cd:
17:63:62:33:60:5c:30:ae:5f:7e:6b:15:6e:c8:e9:80:1c:a0:
74:e6:cb:6a:c3:12:ab:7c:d7:4d:67:d9:24:70:98:39:aa:2c:
e1:ce:78:d3:21:3e:c7:9c:83:ae:63:f0:17:a8:21:c4:46:59:
c1:a9:c0:e5:c8:33:81:31:ac:2b:0f:f1:09:8d:5b:cf:90:b3:
b3:2c:65:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ+0Q4YCT5MCASpcu6VQ4nUFctBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhMDExMjFhOTcxNWMyMmNkMzE4OGFjN2Y0NjY2MDZmZmZhZDA4MWUxM2I2
YTYyYWRmMGU0NDNkNDVkZDM1ZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/J4MrfeGbuggAlxSm75lkQcwR/9VCQAjMvDSgwVg+uK+rp4kMPI9rOFJZL
69jOCVp4E7CDhUKUs6iwL8WyiLHgaNTuzhGt3Zqub3hlkJpAsktHsAxEKqZGAJ+Y
Kvf6pj+GIr/mZaxRJrWBKfIS/LoOGo+eEv/oBRtUMD1i+9WTKy0KGeUgVINgWl+f
d4QVmWo6/wiGLJdGDACDQHKPMEHAr+beejYBE0Yq5Q0Jibx4+tsCC5Vrf/otzIri
+CnmkLxjb92WMQ2ppEXWr9B1N7hvn6MumhKVtKLuivcncxkbqfGnHIhBw857ycST
8EBUDz3JofUs/8BGrQgb4iGdW4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSeMVMT
qI9HRWSa324nJgUb190TjjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWQwZmMxOWMtZGQzNy00MDU2LWI0MjctYjM4OTIyNmU0MTIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQAv6SAbslDNYscr2TX2BYPwp5kRPi/PW9QWSf4dY0mw
K46rMkjXu1iA10I8R1TFhvRH0PjIIPs2DIKTzdGa2TPtUZuF+BVyqkeQp2tkZnXB
8ydFKta6v8F4PNW0mI8hGdPn3G27ez4Kqr5oEjWREFEETi9vQWDbyD/uEnQKITgX
QedX/IZxRt+4e+YLLFJy279Pj96Y/bcwZI/nbXRlplOQf11SlE4D1IDeRxfXR3rN
tVVFes0XY2IzYFwwrl9+axVuyOmAHKB05stqwxKrfNdNZ9kkcJg5qizhznjTIT7H
nIOuY/AXqCHERlnBqcDlyDOBMawrD/EJjVvPkLOzLGWi
-----END CERTIFICATE-----
Generated at Sun May 5 00:12:17 2024 by rpki-client on console-fra.rpki-client.org