Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
File: 5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa (raw, json)
Hash identifier: xyf+2/LXNjpaHuAPyVe6wW5Q0o8IGtqSLmMYZCpuRcw=
Subject key identifier: 1E:08:96:A8:A7:7E:D3:8D:D5:11:D9:B9:A7:4A:F9:2F:A4:6A:81:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47E4F36E415C12B4C10E79FBEAC2393BB996DF7A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e4:f3:6e:41:5c:12:b4:c1:0e:79:fb:ea:c2:39:3b:b9:96:df:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=6c52c8fdbfbf2df8924a81be477913a148dc8b46bc78896f2120c221a2f738e0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:51:eb:9f:11:9c:08:1d:54:fa:d3:49:49:
57:14:18:c9:ae:19:2c:99:8f:08:ec:18:16:e5:7e:
a9:e6:54:c4:f0:3c:17:d9:86:f1:98:f3:b5:6f:81:
4c:19:5d:b5:ce:39:8e:47:3e:2a:af:4a:f6:d9:02:
df:69:00:ff:ea:d1:6c:43:3e:0c:37:89:20:eb:0f:
14:22:63:cb:60:24:40:d4:8e:d4:15:84:13:82:dc:
cf:a4:d8:65:23:17:c3:80:95:d2:49:e4:78:54:ab:
9e:15:bb:89:1d:d3:08:e9:fc:76:2d:e4:49:7a:dd:
b2:8b:de:31:cd:d0:e3:48:22:72:a3:1d:b2:63:f3:
e1:57:ff:17:76:b5:07:71:ff:b6:22:20:f7:ce:4e:
b7:9f:4b:c4:ca:e1:7d:42:71:33:ac:be:01:f9:00:
49:fd:ac:1f:73:ef:af:d7:e6:97:96:30:3b:25:54:
8a:2b:8b:a3:68:2a:a4:1c:d8:53:34:23:ae:ed:d0:
ef:c7:80:01:12:6f:57:6b:6d:c2:18:6e:1f:e6:5a:
b4:bf:c7:03:bb:f6:6b:2d:65:e4:82:7e:5a:37:eb:
1c:f8:83:fb:47:1d:07:26:fa:b7:dd:86:de:18:6e:
5d:2c:23:b7:87:70:f7:76:0b:53:64:52:cf:50:ce:
e2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:08:96:A8:A7:7E:D3:8D:D5:11:D9:B9:A7:4A:F9:2F:A4:6A:81:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.0.0/15
Signature Algorithm: sha256WithRSAEncryption
71:4d:10:3a:7c:5f:98:e7:d5:72:bb:e3:18:10:21:38:d2:ba:
38:eb:f0:71:ce:a3:79:30:1f:0c:13:54:6d:69:96:69:88:8e:
f4:a7:c5:7a:95:35:86:d5:c4:63:b2:43:8a:c3:f6:79:cc:4f:
09:96:26:7d:f7:d1:f6:ee:f9:48:a5:b1:4f:73:44:70:c7:26:
06:6c:6b:43:a5:48:0c:83:53:ef:1b:ab:d0:15:4a:2e:1f:87:
ad:c7:8e:4d:ff:af:90:16:6f:cb:5e:40:f8:c5:c4:37:02:08:
8b:86:83:e6:7e:ad:07:eb:23:a1:7f:78:e9:68:a5:46:e3:5a:
8e:8f:33:fc:12:18:f7:82:57:e8:88:ae:37:eb:7b:a5:df:91:
f5:8a:28:9f:bb:53:50:81:90:db:ec:b8:eb:d5:70:f4:cf:bb:
90:c8:6e:f9:e3:03:f3:34:2e:9c:f3:be:df:19:e0:82:f0:57:
0e:51:e9:f2:00:de:49:df:75:60:28:d2:1e:6a:d7:84:27:fa:
c9:ae:88:e5:57:38:3c:73:d3:5f:5c:27:f1:20:f7:27:f4:c4:
ca:26:12:23:f8:dc:9b:dc:30:6d:f5:93:88:05:2b:45:16:1e:
37:b7:33:60:03:c4:26:ec:9e:e9:5a:f1:99:6d:47:59:12:36:
de:be:b5:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR+TzbkFcErTBDnn76sI5O7mW33owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjNTJjOGZkYmZiZjJkZjg5MjRhODFiZTQ3NzkxM2ExNDhkYzhiNDZiYzc4
ODk2ZjIxMjBjMjIxYTJmNzM4ZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5gUeufEZwIHVT600lJVxQYya4ZLJmPCOwYFuV+qeZUxPA8F9mG8ZjztW+B
TBldtc45jkc+Kq9K9tkC32kA/+rRbEM+DDeJIOsPFCJjy2AkQNSO1BWEE4Lcz6TY
ZSMXw4CV0knkeFSrnhW7iR3TCOn8di3kSXrdsoveMc3Q40gicqMdsmPz4Vf/F3a1
B3H/tiIg985Ot59LxMrhfUJxM6y+AfkASf2sH3Pvr9fml5YwOyVUiiuLo2gqpBzY
UzQjru3Q78eAARJvV2ttwhhuH+ZatL/HA7v2ay1l5IJ+WjfrHPiD+0cdByb6t92G
3hhuXSwjt4dw93YLU2RSz1DO4tsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeCJao
p37TjdUR2bmnSvkvpGqB/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNjZjA1YTgtYjRmZS00ZTJjLTlhZDItNzMzYTMzMDI5ZTIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G
CSqGSIb3DQEBCwUAA4IBAQBxTRA6fF+Y59Vyu+MYECE40ro46/BxzqN5MB8ME1Rt
aZZpiI70p8V6lTWG1cRjskOKw/Z5zE8JliZ999H27vlIpbFPc0RwxyYGbGtDpUgM
g1PvG6vQFUouH4etx45N/6+QFm/LXkD4xcQ3AgiLhoPmfq0H6yOhf3jpaKVG41qO
jzP8Ehj3glfoiK4363ul35H1iiifu1NQgZDb7Ljr1XD0z7uQyG754wPzNC6c877f
GeCC8FcOUenyAN5J33VgKNIeateEJ/rJrojlVzg8c9NfXCfxIPcn9MTKJhIj+Nyb
3DBt9ZOIBStFFh43tzNgA8Qm7J7pWvGZbUdZEjbevrXG
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org