Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3f8b75d5-ee83-4794-8d04-a4e42412f346.roa
File: 3f8b75d5-ee83-4794-8d04-a4e42412f346.roa (raw, json)
Hash identifier: XqylXit1ycmgzcV5IiQ+d0cLDH3g8mjNxUWDphwyFag=
Subject key identifier: 2E:56:42:3C:C2:A0:FF:56:3B:B8:F7:2E:92:1F:D3:64:45:6E:56:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70EC5B58F8553AC2B91E7B63FB9F47804C66CB03
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3f8b75d5-ee83-4794-8d04-a4e42412f346.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.48.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ec:5b:58:f8:55:3a:c2:b9:1e:7b:63:fb:9f:47:80:4c:66:cb:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=9beb90b9aef242e3b59fbe5f01b3549fe4104fd6f3a0fcdde01b02c3e7e179e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:be:d5:78:41:02:de:04:a1:32:1f:cf:0a:6a:
75:b0:6d:7d:96:1b:46:4d:6c:c2:c3:4d:cd:58:7f:
1c:11:77:78:e5:77:95:81:d0:95:86:0a:9e:80:14:
00:cb:90:cf:a7:2c:3f:6c:1d:1b:56:e0:43:22:14:
3c:ef:68:59:19:5a:f0:c1:33:5c:93:3c:15:82:40:
19:94:13:92:de:fa:7b:95:6e:35:c2:2a:96:d4:00:
a3:5b:e2:c5:fd:20:ba:23:c9:2a:85:da:35:32:72:
5f:d5:b8:99:2c:78:35:95:f0:0c:7f:8c:20:30:4a:
7a:15:e0:cf:83:5a:c7:12:70:95:f7:76:8c:c3:24:
c6:90:6f:a9:f0:a1:7c:c1:5c:dc:dc:68:1f:3d:a8:
c5:01:f8:60:6c:0f:a7:ec:c0:86:06:b9:e9:1e:68:
66:e2:30:6b:d7:c1:e0:9b:07:19:51:29:74:18:33:
40:27:31:bb:19:4c:b1:55:be:87:24:00:60:45:fb:
47:2b:ba:40:87:c8:5f:aa:f2:9f:e5:3d:7c:24:c5:
f7:d4:e5:b1:15:20:f4:c9:90:77:e7:c1:bf:7f:fd:
7f:fd:fc:bd:f0:e2:bc:27:f5:40:be:5a:ef:ba:bf:
0e:75:df:c0:5b:3e:40:4c:da:26:88:78:d0:7a:b4:
9e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:56:42:3C:C2:A0:FF:56:3B:B8:F7:2E:92:1F:D3:64:45:6E:56:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3f8b75d5-ee83-4794-8d04-a4e42412f346.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a1:ff:c9:b6:02:28:b7:37:ad:38:68:b1:d8:6d:bc:2e:b2:62:
56:5e:82:43:a5:06:aa:5f:7f:88:fe:90:4b:95:c2:d3:10:4b:
2e:cb:e6:0d:90:72:24:f2:2e:ff:d0:47:f4:cc:cd:69:43:d4:
bd:09:6d:f5:83:bf:f0:cb:3f:9b:94:a7:56:fb:52:77:38:11:
96:3c:50:47:68:b7:ed:58:e9:f2:8f:ea:27:12:41:a5:0b:31:
67:ba:2d:fb:0c:6e:a9:28:6a:80:60:37:d2:94:51:68:e6:23:
4e:4b:8e:af:ce:34:25:b1:44:3e:fe:08:e7:50:ef:d0:3c:81:
65:31:6f:c7:63:f5:e5:69:9d:29:22:70:29:50:22:80:7a:c3:
3f:d3:a3:76:8d:3b:e9:1a:08:69:e9:46:78:91:cf:99:c8:c0:
6b:33:05:73:69:39:9e:b7:3c:e9:56:1c:ce:cd:e7:1f:e8:ca:
65:2b:4e:ff:1e:62:cc:b3:94:34:0b:02:ef:2c:13:1f:77:77:
0a:c4:be:36:41:4b:1c:86:91:02:7f:39:f4:55:af:da:6d:a8:
ca:77:52:9d:d8:9f:35:84:0a:1b:f2:7e:1f:c3:a6:0d:34:22:
d7:0c:d4:ec:6f:0c:28:81:b7:dc:ab:8d:9f:0b:e4:ab:21:66:
9b:99:e7:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcOxbWPhVOsK5Hntj+59HgExmywMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDliZWI5MGI5YWVmMjQyZTNiNTlmYmU1ZjAxYjM1NDlmZTQxMDRmZDZmM2Ew
ZmNkZGUwMWIwMmMzZTdlMTc5ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANi+1XhBAt4EoTIfzwpqdbBtfZYbRk1swsNNzVh/HBF3eOV3lYHQlYYKnoAU
AMuQz6csP2wdG1bgQyIUPO9oWRla8MEzXJM8FYJAGZQTkt76e5VuNcIqltQAo1vi
xf0guiPJKoXaNTJyX9W4mSx4NZXwDH+MIDBKehXgz4NaxxJwlfd2jMMkxpBvqfCh
fMFc3NxoHz2oxQH4YGwPp+zAhga56R5oZuIwa9fB4JsHGVEpdBgzQCcxuxlMsVW+
hyQAYEX7Ryu6QIfIX6ryn+U9fCTF99TlsRUg9MmQd+fBv3/9f/38vfDivCf1QL5a
77q/DnXfwFs+QEzaJoh40Hq0nncCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQuVkI8
wqD/Vju49y6SH9NkRW5W8DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2Y4Yjc1ZDUtZWU4My00Nzk0LThkMDQtYTRlNDI0MTJmMzQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQCh/8m2Aii3N604aLHYbbwusmJWXoJDpQaqX3+I/pBL
lcLTEEsuy+YNkHIk8i7/0Ef0zM1pQ9S9CW31g7/wyz+blKdW+1J3OBGWPFBHaLft
WOnyj+onEkGlCzFnui37DG6pKGqAYDfSlFFo5iNOS46vzjQlsUQ+/gjnUO/QPIFl
MW/HY/XlaZ0pInApUCKAesM/06N2jTvpGghp6UZ4kc+ZyMBrMwVzaTmetzzpVhzO
zecf6MplK07/HmLMs5Q0CwLvLBMfd3cKxL42QUschpECfzn0Va/abajKd1Kd2J81
hAob8n4fw6YNNCLXDNTsbwwogbfcq42fC+SrIWabmedA
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org