Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
File: 1e6895c8-ee33-4049-8388-c6ac073195e9.roa (raw, json)
Hash identifier: 252AqYN1icWCSaT+Xe+B0bWO4ZOKO5Srzzzcb7o9Slg=
Subject key identifier: 50:FA:5F:E3:AF:DE:4B:DE:D4:E3:65:35:5B:A0:B8:53:21:7B:CA:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DF3EB82EEC595375E832FAE3F1087B64615E3BB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
Signing time: Tue 04 Jun 2024 00:00:00 +0000
ROA not before: Tue 04 Jun 2024 00:00:00 +0000
ROA not after: Tue 09 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:f3:eb:82:ee:c5:95:37:5e:83:2f:ae:3f:10:87:b6:46:15:e3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 4 00:00:00 2024 GMT
Not After : Jul 9 23:59:59 2024 GMT
Subject: serialNumber=c4cf1ad933131259534fed8f73fe5d3bb7cab93b720f16e6684dd8e8e6c9dd73, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:89:79:8b:c5:e9:c3:b6:39:bc:86:74:56:
cc:09:85:6b:96:9d:e7:5f:3e:06:3f:d8:7a:3c:e1:
9b:6e:60:ee:f6:7f:b0:d3:8b:ce:29:a4:3c:6a:f0:
fa:9c:0d:a6:f7:c9:5e:db:9a:61:67:2f:42:4d:2c:
c7:33:a2:20:ce:b8:0e:5f:ed:3d:45:88:24:76:b0:
72:21:f2:ea:39:08:32:03:1a:a9:24:a7:38:98:3a:
04:67:28:c9:2e:16:41:43:5c:18:84:3c:21:8b:8e:
3f:44:24:38:b2:ab:f3:64:5d:d3:e5:00:3c:4c:51:
57:11:2f:cb:8d:e2:17:4c:d3:42:b0:00:b1:c5:7b:
a1:16:24:80:da:ec:64:6a:5b:41:31:b6:ef:f9:95:
34:f1:8b:49:ad:00:8c:eb:78:5a:76:1f:76:ae:6f:
e3:71:f3:b8:d2:d9:9b:47:ea:e7:3e:1b:bd:fa:c0:
d7:24:18:72:d5:b0:d4:61:fd:19:28:c7:0e:ef:54:
b8:b2:e6:35:f8:a6:84:6c:65:69:db:60:29:6e:ec:
31:e7:78:29:03:0b:e0:d4:ed:e7:cd:16:d0:2c:f5:
e4:ec:fd:33:8c:4e:d4:ef:be:98:80:ed:fc:04:98:
22:f6:d1:93:76:9f:9d:38:29:be:31:fa:73:61:18:
6f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FA:5F:E3:AF:DE:4B:DE:D4:E3:65:35:5B:A0:B8:53:21:7B:CA:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e6895c8-ee33-4049-8388-c6ac073195e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:67:f3:3e:04:d0:de:1f:31:6a:fa:bf:81:1c:2a:b5:a9:be:
f2:90:db:42:43:f6:94:6b:0e:b8:8b:33:85:10:f5:94:76:3b:
1a:e3:90:92:d8:90:cf:ae:b9:98:7d:01:f7:e9:f7:41:75:6a:
f1:63:43:e1:d9:86:19:39:11:d1:5a:84:e3:64:62:0c:a2:c5:
8e:d9:50:ab:07:90:5d:7d:5e:64:61:56:ad:19:05:a5:8c:dc:
12:db:31:58:fe:5c:17:31:96:7a:ae:7e:a8:a1:7e:07:a5:90:
03:83:a9:80:17:57:4a:db:a2:82:10:a2:c9:9a:5c:65:bb:46:
3b:fb:6b:24:3b:15:43:b9:2a:5e:5f:43:25:a9:17:c8:13:82:
c0:27:7b:c5:25:cf:48:b1:44:5e:2a:10:23:88:0c:50:21:8f:
47:d0:fc:76:87:01:c0:97:c8:ab:66:14:16:39:c5:65:6d:86:
a8:9b:82:77:7e:18:26:09:62:42:dd:f7:96:48:ca:4a:44:fa:
bd:3a:44:44:b7:50:8c:db:bd:ff:5e:0e:0b:79:ff:e9:5d:ec:
20:87:c8:17:e2:c6:2a:ad:94:d2:80:97:40:12:85:99:a0:f3:
72:f8:59:ad:90:e6:2b:54:de:63:4d:d1:dc:eb:32:86:72:ff:
c2:57:58:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUffPrgu7FlTdegy+uPxCHtkYV47swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MDQwMDAwMDBaFw0yNDA3MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0Y2YxYWQ5MzMxMzEyNTk1MzRmZWQ4ZjczZmU1ZDNiYjdjYWI5M2I3MjBm
MTZlNjY4NGRkOGU4ZTZjOWRkNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMJiXmLxenDtjm8hnRWzAmFa5ad518+Bj/Yejzhm25g7vZ/sNOLzimkPGrw
+pwNpvfJXtuaYWcvQk0sxzOiIM64Dl/tPUWIJHawciHy6jkIMgMaqSSnOJg6BGco
yS4WQUNcGIQ8IYuOP0QkOLKr82Rd0+UAPExRVxEvy43iF0zTQrAAscV7oRYkgNrs
ZGpbQTG27/mVNPGLSa0AjOt4WnYfdq5v43HzuNLZm0fq5z4bvfrA1yQYctWw1GH9
GSjHDu9UuLLmNfimhGxladtgKW7sMed4KQML4NTt580W0Cz15Oz9M4xO1O++mIDt
/ASYIvbRk3afnTgpvjH6c2EYbykCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRQ+l/j
r95L3tTjZTVboLhTIXvKvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU2ODk1YzgtZWUzMy00MDQ5LTgzODgtYzZhYzA3MzE5NWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQBLZ/M+BNDeHzFq+r+BHCq1qb7ykNtCQ/aUaw64izOF
EPWUdjsa45CS2JDPrrmYfQH36fdBdWrxY0Ph2YYZORHRWoTjZGIMosWO2VCrB5Bd
fV5kYVatGQWljNwS2zFY/lwXMZZ6rn6ooX4HpZADg6mAF1dK26KCEKLJmlxlu0Y7
+2skOxVDuSpeX0MlqRfIE4LAJ3vFJc9IsUReKhAjiAxQIY9H0Px2hwHAl8irZhQW
OcVlbYaom4J3fhgmCWJC3feWSMpKRPq9OkREt1CM273/Xg4Lef/pXewgh8gX4sYq
rZTSgJdAEoWZoPNy+FmtkOYrVN5jTdHc6zKGcv/CV1hg
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org