Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
File: 4c110694-386d-49d5-9883-bd1723f43820.roa (raw, json)
Hash identifier: N5q3KGmFYWW1KleeXxnAGjTg2Yqm0DtJ6YStYjQWJUc=
Subject key identifier: 46:63:57:4E:FF:19:10:35:D5:51:94:C6:20:24:D7:A7:2E:41:67:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C1A0E2F22528E1B1B2504C45C893C637B5B3CFA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:1a:0e:2f:22:52:8e:1b:1b:25:04:c4:5c:89:3c:63:7b:5b:3c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=f7a7824dceaf6ab616a27237d42756054cd19ea835834b4147f9304cf7abfc58, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3d:2b:e2:38:40:6d:f0:cf:25:5e:50:d7:48:
f2:8c:c9:0c:30:1a:49:64:1d:0d:9c:51:29:3f:db:
9d:54:8c:2b:34:ac:db:bf:8e:9a:97:90:c8:f4:3a:
ff:c0:5f:e3:8b:19:55:63:a1:0b:f5:ce:a8:b4:d7:
3a:bb:af:37:af:3e:d1:e1:af:50:7d:8f:7f:d1:53:
9a:1e:00:22:4b:24:ed:76:3a:c6:87:1e:98:ec:93:
fc:27:b9:12:f1:10:eb:3b:bc:93:1a:1b:01:71:d4:
44:73:f7:36:51:63:19:63:c3:32:6f:2a:05:88:94:
86:18:a2:50:3e:8b:03:a9:7d:24:6b:22:4b:17:31:
ff:0c:e0:61:b6:d2:3e:bb:57:85:53:5d:e7:48:7e:
d7:60:31:0d:d3:8e:66:34:49:62:60:6d:2d:8e:6e:
3a:40:fd:1f:ea:ec:99:3d:6e:3c:5e:78:1d:ce:3d:
5a:09:1e:af:1b:a4:c5:bd:66:19:98:f7:f7:fc:cd:
ff:96:0e:0a:b7:60:93:0a:e6:2d:64:60:10:ad:61:
cc:84:ac:65:04:87:60:47:81:26:d2:d8:af:be:84:
e1:9f:32:00:61:76:0b:76:53:6a:00:30:a3:17:48:
0a:23:01:0b:1f:14:e0:01:08:32:4c:32:3d:e6:cb:
12:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:63:57:4E:FF:19:10:35:D5:51:94:C6:20:24:D7:A7:2E:41:67:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4c110694-386d-49d5-9883-bd1723f43820.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9e:1f:f5:7f:2b:89:14:db:f2:11:a0:35:dd:4a:4b:bc:0f:48:
9b:19:48:f9:ee:56:04:4d:35:2a:68:58:d9:55:bf:ca:85:13:
74:c8:01:c8:7f:d9:50:2e:b8:a1:76:41:e7:2a:aa:5b:af:9e:
d2:06:bf:77:20:f8:f5:2b:34:c8:71:98:81:4f:26:a3:1a:c4:
7e:d0:28:0a:63:0c:37:0e:b9:d0:15:72:32:2d:d9:4b:8c:7e:
ed:31:8b:7f:bf:d1:de:36:21:a4:0c:c3:a7:ca:c1:06:d9:af:
c9:78:57:f1:00:93:04:21:8b:1d:62:fb:78:70:48:9f:23:58:
86:09:40:e0:e3:78:70:fd:d1:bb:2e:8f:44:df:a1:0d:db:0a:
c0:da:bf:df:cc:6d:44:73:02:60:51:24:d5:53:47:e1:d9:21:
bf:91:70:75:fd:64:60:da:af:a4:47:5c:94:40:10:1e:68:1d:
3e:eb:0c:25:cf:a2:d8:bb:75:df:d9:46:c1:fd:20:c1:31:84:
20:b6:2b:8c:89:b8:86:76:ac:5a:47:79:74:0a:8f:51:4d:12:
20:58:ff:e9:41:04:2f:a0:0b:0a:6a:b9:68:18:44:8c:66:3e:
41:5f:10:8c:05:72:2e:6c:12:2b:9a:6a:f2:45:b9:b4:78:13:
72:25:6d:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULBoOLyJSjhsbJQTEXIk8Y3tbPPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3YTc4MjRkY2VhZjZhYjYxNmEyNzIzN2Q0Mjc1NjA1NGNkMTllYTgzNTgz
NGI0MTQ3ZjkzMDRjZjdhYmZjNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANE9K+I4QG3wzyVeUNdI8ozJDDAaSWQdDZxRKT/bnVSMKzSs27+OmpeQyPQ6
/8Bf44sZVWOhC/XOqLTXOruvN68+0eGvUH2Pf9FTmh4AIksk7XY6xocemOyT/Ce5
EvEQ6zu8kxobAXHURHP3NlFjGWPDMm8qBYiUhhiiUD6LA6l9JGsiSxcx/wzgYbbS
PrtXhVNd50h+12AxDdOOZjRJYmBtLY5uOkD9H+rsmT1uPF54Hc49Wgkerxukxb1m
GZj39/zN/5YOCrdgkwrmLWRgEK1hzISsZQSHYEeBJtLYr76E4Z8yAGF2C3ZTagAw
oxdICiMBCx8U4AEIMkwyPebLEqUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGY1dO
/xkQNdVRlMYgJNenLkFnxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGMxMTA2OTQtMzg2ZC00OWQ1LTk4ODMtYmQxNzIzZjQzODIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQCeH/V/K4kU2/IRoDXdSku8D0ibGUj57lYETTUqaFjZ
Vb/KhRN0yAHIf9lQLrihdkHnKqpbr57SBr93IPj1KzTIcZiBTyajGsR+0CgKYww3
DrnQFXIyLdlLjH7tMYt/v9HeNiGkDMOnysEG2a/JeFfxAJMEIYsdYvt4cEifI1iG
CUDg43hw/dG7Lo9E36EN2wrA2r/fzG1EcwJgUSTVU0fh2SG/kXB1/WRg2q+kR1yU
QBAeaB0+6wwlz6LYu3Xf2UbB/SDBMYQgtiuMibiGdqxaR3l0Co9RTRIgWP/pQQQv
oAsKarloGESMZj5BXxCMBXIubBIrmmryRbm0eBNyJW0K
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org