Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json)
Hash identifier: OjSpoZFF9RpJYgU4n6LRpsweuC3fDkEOukVGC6FShQ0=
Subject key identifier: FF:F2:E6:8E:DB:49:16:E0:67:55:D5:20:E4:DF:30:3A:14:66:2A:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F05CD5E65110B945C588F6E72220B8B6BAB6DBC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:05:cd:5e:65:11:0b:94:5c:58:8f:6e:72:22:0b:8b:6b:ab:6d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=21a0f73ef74ca62856fdd1008647eddf1309a0ec1d1f9dfbf91b72050ae4d43e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d9:08:f0:7d:85:23:13:d4:ca:ed:62:35:d3:
83:67:8c:cf:09:98:8c:c8:70:09:da:fc:b3:ac:6d:
40:ae:82:a2:c3:28:b6:71:55:d3:7e:13:60:b5:63:
56:43:0e:97:4a:e2:a7:bc:91:c7:04:cc:65:14:79:
ef:f6:f6:4b:de:b6:15:9a:d4:78:63:51:b0:6b:e2:
d9:52:96:e7:61:d9:12:07:bb:c9:db:c2:82:c4:dd:
fc:bc:50:4b:30:5d:15:9f:03:04:73:69:6b:8e:ea:
0e:4f:14:67:80:7f:51:18:d2:d1:ab:ef:ea:9f:c1:
52:fe:2a:23:d1:a5:b2:fa:ea:eb:cd:8a:89:16:d1:
2c:3a:0a:b2:b4:c5:bb:cf:72:79:d5:8f:45:a0:3e:
0b:b4:2b:a5:57:e2:6f:f0:04:43:32:61:a8:70:8c:
3f:29:cc:8e:64:78:a8:aa:d5:52:a9:a3:aa:f9:39:
c0:2a:02:35:ed:06:22:23:8d:5e:ec:0e:61:a4:46:
85:e3:01:15:06:8c:47:41:86:2a:8c:ce:15:dd:73:
06:b1:9b:ce:02:b1:be:a6:ab:6c:f9:88:7f:dc:6d:
b6:50:d8:7a:23:6d:df:97:6e:e7:f2:8c:d1:f5:61:
4d:c4:0b:f5:bd:4b:e0:f9:75:73:86:6e:a8:bd:81:
6c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F2:E6:8E:DB:49:16:E0:67:55:D5:20:E4:DF:30:3A:14:66:2A:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
94:4e:5c:8a:6a:0a:69:6c:c4:8c:ea:d7:99:87:ff:3b:b1:02:
72:ff:3f:34:62:98:06:0e:6d:a2:36:7f:d9:4d:db:8c:fc:2b:
bd:4b:22:ad:e4:b9:4f:fa:ba:94:6f:b7:af:a4:5f:47:21:27:
b5:a7:a5:06:53:3b:4c:5c:74:58:0e:fe:45:c3:c0:a9:10:8e:
3f:a8:ee:b6:0f:26:9f:47:d7:e9:32:14:80:c6:37:e3:48:bc:
bd:9b:5f:4c:69:e1:aa:90:ea:70:ee:03:ab:e7:8f:1f:c2:a8:
00:38:31:2f:0f:50:0b:11:64:06:ce:4f:e1:78:8b:27:9b:67:
b1:af:47:e6:22:51:5d:14:78:7e:08:65:6b:10:a7:cc:e7:f4:
8d:53:b8:40:53:62:a6:86:46:80:1d:c8:be:44:2c:e8:a6:20:
04:07:fd:27:00:b0:fc:86:39:e2:28:89:53:b9:6c:f4:5c:5d:
44:24:61:f8:19:76:d9:2d:03:aa:57:4b:81:d2:0a:3d:ff:c6:
08:0e:f2:7a:24:76:05:d9:d2:e6:3f:65:14:1f:89:77:38:96:
ff:fa:5b:3c:7c:4b:5d:fb:40:ff:bf:8b:cf:6f:0e:7c:56:4c:
b9:0f:6b:21:6b:d3:80:f8:db:84:a8:b4:6a:b6:99:e6:6b:85:
e0:1f:ff:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfwXNXmURC5RcWI9uciILi2urbbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxYTBmNzNlZjc0Y2E2Mjg1NmZkZDEwMDg2NDdlZGRmMTMwOWEwZWMxZDFm
OWRmYmY5MWI3MjA1MGFlNGQ0M2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzZCPB9hSMT1MrtYjXTg2eMzwmYjMhwCdr8s6xtQK6CosMotnFV034TYLVj
VkMOl0rip7yRxwTMZRR57/b2S962FZrUeGNRsGvi2VKW52HZEge7ydvCgsTd/LxQ
SzBdFZ8DBHNpa47qDk8UZ4B/URjS0avv6p/BUv4qI9Glsvrq682KiRbRLDoKsrTF
u89yedWPRaA+C7QrpVfib/AEQzJhqHCMPynMjmR4qKrVUqmjqvk5wCoCNe0GIiON
XuwOYaRGheMBFQaMR0GGKozOFd1zBrGbzgKxvqarbPmIf9xttlDYeiNt35du5/KM
0fVhTcQL9b1L4Pl1c4ZuqL2BbKcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/8uaO
20kW4GdV1SDk3zA6FGYqkDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQCUTlyKagppbMSM6teZh/87sQJy/z80YpgGDm2iNn/Z
TduM/Cu9SyKt5LlP+rqUb7evpF9HISe1p6UGUztMXHRYDv5Fw8CpEI4/qO62Dyaf
R9fpMhSAxjfjSLy9m19MaeGqkOpw7gOr548fwqgAODEvD1ALEWQGzk/heIsnm2ex
r0fmIlFdFHh+CGVrEKfM5/SNU7hAU2KmhkaAHci+RCzopiAEB/0nALD8hjniKIlT
uWz0XF1EJGH4GXbZLQOqV0uB0go9/8YIDvJ6JHYF2dLmP2UUH4l3OJb/+ls8fEtd
+0D/v4vPbw58Vky5D2sha9OA+NuEqLRqtpnma4XgH//j
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org