Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
File: 51640291-7474-4374-9081-81d0d3d47792.roa (raw, json)
Hash identifier: NXCGYdlkgJonrC5KjzgQPCRhrZwShmOTzj4sGMkhf/M=
Subject key identifier: 39:8E:22:42:C6:2F:5E:D8:1B:48:45:BD:AB:6A:1F:C9:6D:73:BE:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 39A6E74BF2019406A110E464715D21F0A40EA82B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:a6:e7:4b:f2:01:94:06:a1:10:e4:64:71:5d:21:f0:a4:0e:a8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=baa1fa7920161debf0e3ce61d7ab667b3086d50ce9b9f76f9ab49856ea336c67, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:7a:20:09:37:26:11:c4:98:32:95:96:21:
a8:8c:41:99:b4:33:67:02:b5:d4:13:b4:7e:26:c2:
ca:b2:e1:8e:5b:31:4c:6d:cd:97:fe:84:d7:ce:94:
92:2f:9e:2f:25:36:01:2d:9b:72:19:a0:79:4d:95:
9b:1e:2f:2a:76:94:e4:dd:15:a2:b5:42:db:5a:37:
3d:50:ed:b1:60:69:98:db:c4:82:0c:0b:2d:22:91:
f7:07:0b:81:76:e9:0b:be:e3:2d:23:cb:9b:9d:60:
c2:4b:78:0f:4d:89:36:ec:8a:cc:30:54:4e:98:f6:
34:97:89:a9:5e:e1:93:cf:d3:e6:e3:6b:f3:7f:d4:
fc:26:a6:73:d5:99:35:ef:12:20:f2:dd:15:6e:54:
2c:62:64:b6:e5:75:2b:08:b1:1d:de:9b:bb:f4:46:
7f:bc:50:90:e0:dd:ab:fe:23:ec:75:49:f6:45:a4:
15:8a:ee:94:85:e2:30:be:82:10:4c:e6:5c:64:2a:
97:42:1f:4a:5e:81:5a:13:bb:fb:60:30:9d:8a:30:
c8:3f:50:0b:32:dd:d9:d6:37:9c:44:46:8c:f4:4e:
57:f3:7b:60:1c:41:98:65:30:b7:37:63:c8:07:be:
90:21:f7:c8:04:28:ed:5f:88:f6:94:42:80:06:8f:
36:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8E:22:42:C6:2F:5E:D8:1B:48:45:BD:AB:6A:1F:C9:6D:73:BE:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51640291-7474-4374-9081-81d0d3d47792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
98:c3:c6:07:bd:51:56:83:43:42:a4:d5:5a:c6:25:d5:5e:7f:
1e:6a:4a:36:ea:04:e1:a7:fd:48:eb:e8:ad:12:01:3e:3e:e1:
44:e5:4e:d5:6a:21:7a:75:00:fb:8b:f3:c6:16:26:34:b5:15:
40:e0:dd:59:89:d4:dc:0f:aa:5d:4a:71:22:12:d0:d1:ae:3c:
85:02:fa:ff:20:cf:ff:85:f2:eb:e7:93:85:93:0f:ab:13:84:
aa:ba:90:66:ce:82:1b:cf:87:e3:db:5a:5d:1f:cf:83:9f:2d:
06:df:6d:d4:04:0e:e9:2b:3d:f7:31:d5:dd:d6:c3:17:39:51:
67:62:cf:cd:0f:2a:25:dd:fa:99:d6:f1:78:77:83:ab:d9:5b:
64:66:16:1f:38:de:43:71:75:31:ba:6c:d5:7d:ab:1c:7c:59:
5b:50:3e:82:17:32:cf:a6:44:c2:fc:dc:04:3c:6f:34:18:0c:
3b:b1:d4:a1:9a:62:97:47:b3:ea:6a:a3:4f:a6:64:58:bc:38:
88:88:12:0c:bd:7a:1d:ff:ec:d0:c2:85:ee:60:ee:0d:3e:c4:
b3:91:0a:e5:2a:90:fc:b0:d8:d9:4b:40:37:0e:d8:0c:5b:2a:
c2:21:51:b9:98:0b:3d:e9:42:f6:37:9b:c6:60:d5:64:79:5a:
f5:f4:79:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOabnS/IBlAahEORkcV0h8KQOqCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhYTFmYTc5MjAxNjFkZWJmMGUzY2U2MWQ3YWI2NjdiMzA4NmQ1MGNlOWI5
Zjc2ZjlhYjQ5ODU2ZWEzMzZjNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHJeiAJNyYRxJgylZYhqIxBmbQzZwK11BO0fibCyrLhjlsxTG3Nl/6E186U
ki+eLyU2AS2bchmgeU2Vmx4vKnaU5N0VorVC21o3PVDtsWBpmNvEggwLLSKR9wcL
gXbpC77jLSPLm51gwkt4D02JNuyKzDBUTpj2NJeJqV7hk8/T5uNr83/U/Camc9WZ
Ne8SIPLdFW5ULGJktuV1KwixHd6bu/RGf7xQkODdq/4j7HVJ9kWkFYrulIXiML6C
EEzmXGQql0IfSl6BWhO7+2AwnYowyD9QCzLd2dY3nERGjPROV/N7YBxBmGUwtzdj
yAe+kCH3yAQo7V+I9pRCgAaPNn8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5jiJC
xi9e2BtIRb2rah/JbXO+xjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE2NDAyOTEtNzQ3NC00Mzc0LTkwODEtODFkMGQzZDQ3NzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQCYw8YHvVFWg0NCpNVaxiXVXn8eako26gThp/1I6+it
EgE+PuFE5U7VaiF6dQD7i/PGFiY0tRVA4N1ZidTcD6pdSnEiEtDRrjyFAvr/IM//
hfLr55OFkw+rE4SqupBmzoIbz4fj21pdH8+Dny0G323UBA7pKz33MdXd1sMXOVFn
Ys/NDyol3fqZ1vF4d4Or2VtkZhYfON5DcXUxumzVfascfFlbUD6CFzLPpkTC/NwE
PG80GAw7sdShmmKXR7PqaqNPpmRYvDiIiBIMvXod/+zQwoXuYO4NPsSzkQrlKpD8
sNjZS0A3DtgMWyrCIVG5mAs96UL2N5vGYNVkeVr19HnG
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org