Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/469cc7d0-efb3-4887-80fe-b6b29492890f.roa
File: 469cc7d0-efb3-4887-80fe-b6b29492890f.roa (raw, json)
Hash identifier: 0Qb1JAZQob5BVkmI0oYUdh5amMqc/8WCgX9NhdbdVXw=
Subject key identifier: 8A:E0:45:40:AF:FB:FF:43:7F:30:16:F1:6F:CD:5D:98:A6:7D:AC:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1879274048E8D9F8663C0AC413CF554E212BE5F8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/469cc7d0-efb3-4887-80fe-b6b29492890f.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.168.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:79:27:40:48:e8:d9:f8:66:3c:0a:c4:13:cf:55:4e:21:2b:e5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=04851642b9e64b927663d205d3494862532e1be1be9e3af9149d2ae7f0746542, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:da:36:bb:09:9d:16:92:6a:3a:0d:b7:2e:
ad:32:42:00:26:90:b3:85:69:a3:da:8f:a6:07:7b:
56:55:00:f3:a4:9c:8a:9d:e1:f5:63:0f:59:13:39:
22:32:d1:45:6e:83:74:c5:fd:bc:7d:b5:a2:6e:fa:
07:9a:b0:43:b7:ab:11:7c:23:0a:27:99:de:f6:5c:
9d:1a:39:cf:25:83:76:11:9a:30:30:31:e3:aa:9b:
39:e6:f6:69:50:0f:49:b4:6a:4d:f5:13:0e:11:83:
f3:fe:53:f6:51:97:0c:7e:3a:ae:47:b7:98:d3:b6:
be:0e:0a:3f:60:23:2d:0a:33:d6:2a:c9:6a:6c:97:
4d:50:ca:02:0d:e8:97:19:52:5a:88:ce:03:6b:4e:
d0:9b:2a:f4:66:62:7f:5d:68:4f:85:ba:b4:e2:69:
86:89:78:b7:9a:8f:af:e9:22:e2:28:73:6b:6f:ac:
52:c7:0a:9f:04:7a:67:66:c8:ff:e2:a1:d3:a3:41:
d3:56:63:b8:15:9f:23:37:94:71:d9:48:df:ae:44:
75:5d:48:ff:22:0b:18:00:4a:63:f2:9a:38:80:ee:
52:9e:fb:cc:3b:05:14:cb:b4:d0:0a:db:2b:5b:9b:
75:8f:c8:6c:f1:8f:5c:08:0c:53:c8:c3:96:4e:66:
4d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E0:45:40:AF:FB:FF:43:7F:30:16:F1:6F:CD:5D:98:A6:7D:AC:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/469cc7d0-efb3-4887-80fe-b6b29492890f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
47:f2:70:cb:14:c5:43:22:8f:79:54:1e:07:89:9f:fc:d5:e4:
54:bc:62:7e:7d:95:7f:e0:78:83:82:45:82:76:69:f2:65:32:
ad:db:dd:35:7a:6c:99:e2:f0:d9:b9:f8:86:d5:3f:a2:d7:44:
be:92:bb:55:28:9c:dc:0d:57:ce:e8:5a:c3:02:23:bf:2a:bf:
d1:3d:9e:a9:1d:9e:87:95:04:8e:c7:26:d7:53:e7:28:61:07:
04:34:94:28:ec:2a:f6:33:93:93:cc:46:5a:30:42:3f:48:62:
12:c0:d2:d6:4f:91:d8:b7:55:ff:c9:91:cf:79:9f:58:c9:5f:
6c:c1:f0:ad:98:56:90:5b:93:c2:be:06:ac:9b:d8:7d:fc:1d:
0a:fe:74:c5:28:2f:27:3c:93:64:35:c8:d9:7d:78:91:a9:5b:
1b:46:2a:d2:04:0c:1e:ee:90:dd:da:a8:00:90:e9:71:8a:c8:
e0:10:9f:89:98:8c:9d:c2:bf:35:32:15:70:cb:fb:57:cb:2a:
df:e4:37:07:72:9e:1b:be:b1:2e:3e:58:38:c5:e3:66:60:4b:
8c:e6:53:8d:57:ba:83:89:85:c6:db:85:43:77:3a:1e:41:47:
ad:fb:ee:75:74:d9:2f:b0:ad:47:6d:f0:9b:b5:77:1c:1b:52:
d2:f5:d8:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGHknQEjo2fhmPArEE89VTiEr5fgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0ODUxNjQyYjllNjRiOTI3NjYzZDIwNWQzNDk0ODYyNTMyZTFiZTFiZTll
M2FmOTE0OWQyYWU3ZjA3NDY1NDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/E2ja7CZ0Wkmo6DbcurTJCACaQs4Vpo9qPpgd7VlUA86Scip3h9WMPWRM5
IjLRRW6DdMX9vH21om76B5qwQ7erEXwjCieZ3vZcnRo5zyWDdhGaMDAx46qbOeb2
aVAPSbRqTfUTDhGD8/5T9lGXDH46rke3mNO2vg4KP2AjLQoz1irJamyXTVDKAg3o
lxlSWojOA2tO0Jsq9GZif11oT4W6tOJphol4t5qPr+ki4ihza2+sUscKnwR6Z2bI
/+Kh06NB01ZjuBWfIzeUcdlI365EdV1I/yILGABKY/KaOIDuUp77zDsFFMu00Arb
K1ubdY/IbPGPXAgMU8jDlk5mTUMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSK4EVA
r/v/Q38wFvFvzV2Ypn2sbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDY5Y2M3ZDAtZWZiMy00ODg3LTgwZmUtYjZiMjk0OTI4OTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQBH8nDLFMVDIo95VB4HiZ/81eRUvGJ+fZV/4HiDgkWC
dmnyZTKt2901emyZ4vDZufiG1T+i10S+krtVKJzcDVfO6FrDAiO/Kr/RPZ6pHZ6H
lQSOxybXU+coYQcENJQo7Cr2M5OTzEZaMEI/SGISwNLWT5HYt1X/yZHPeZ9YyV9s
wfCtmFaQW5PCvgasm9h9/B0K/nTFKC8nPJNkNcjZfXiRqVsbRirSBAwe7pDd2qgA
kOlxisjgEJ+JmIydwr81MhVwy/tXyyrf5DcHcp4bvrEuPlg4xeNmYEuM5lONV7qD
iYXG24VDdzoeQUet++51dNkvsK1HbfCbtXccG1LS9dhg
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org