Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5d4ea5a5-410b-4fae-80ca-93590f67d426.roa
File: 5d4ea5a5-410b-4fae-80ca-93590f67d426.roa (raw, json)
Hash identifier: A4iAd95Sd0zI0sgnmV6lhKSXFpbEPryLJxL1ADVqA48=
Subject key identifier: 58:41:42:BA:50:73:3E:8F:F4:74:DC:4A:74:8D:63:5D:0D:53:C8:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3505EAB6E69184DD03D23827354D973801896A07
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5d4ea5a5-410b-4fae-80ca-93590f67d426.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:05:ea:b6:e6:91:84:dd:03:d2:38:27:35:4d:97:38:01:89:6a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=fc9705a284c95a0f56333e9d120df62f6e7b9ac5e2ba415b32115c4475277d3e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cd:e4:60:ad:3f:bf:72:e8:1a:a0:05:b5:8a:
55:c7:d1:37:c1:6b:67:96:d7:41:f6:93:56:3f:d1:
a1:4d:e3:71:bf:f5:41:20:b5:2f:da:7a:a4:eb:f6:
de:e5:26:4d:c7:6c:34:02:cd:ec:70:17:2d:ba:32:
c5:4b:df:87:94:80:2f:03:73:d3:97:a0:88:41:fc:
47:f6:c2:9b:81:92:53:6f:a0:4d:21:7c:db:51:8f:
f6:d1:67:56:13:82:78:29:98:b9:1f:49:7b:6a:e8:
ff:9b:07:52:a7:e9:e6:c9:99:51:58:87:73:6b:7e:
f3:ab:12:5f:c0:83:3e:fc:03:68:aa:2b:dc:a1:d8:
e5:98:81:65:a8:08:e5:30:4e:72:c4:b8:ea:49:48:
4d:40:dc:00:b6:94:81:a3:fb:ec:56:83:2d:ee:ae:
9f:a0:21:0e:be:f8:d9:a3:1a:9e:6f:82:f1:a2:c8:
84:a3:31:45:a0:53:91:24:ee:e3:4d:31:25:dd:92:
7b:1b:ab:5e:21:4c:c1:da:60:a2:a7:97:1e:f4:3c:
54:9e:9f:04:4c:75:57:df:d1:5f:ba:ae:2c:95:27:
c0:16:66:d3:fc:99:e1:a2:49:4f:20:04:0d:8a:99:
14:28:ee:58:70:e4:a6:8a:ad:79:3f:38:b2:05:5a:
ac:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:41:42:BA:50:73:3E:8F:F4:74:DC:4A:74:8D:63:5D:0D:53:C8:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5d4ea5a5-410b-4fae-80ca-93590f67d426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
59:85:6a:d4:cb:fb:af:fd:ef:6d:d8:6e:7f:27:76:21:ef:f0:
3f:17:5d:3a:22:b4:52:1f:f2:7a:a2:2f:a7:76:fb:52:ec:8a:
f8:f0:b2:84:b0:78:ca:2c:64:1c:d0:8e:a4:5b:f4:58:a3:58:
c9:3d:b6:95:39:80:dd:b8:c2:d3:92:bb:29:4d:82:ca:7b:b7:
87:c6:01:14:68:c7:a2:fa:7a:d4:43:f2:42:ff:89:5e:3d:83:
b6:7d:7c:4d:7b:57:c2:ae:cc:ea:6b:6b:c4:51:25:43:8d:b6:
43:db:d9:53:39:52:99:40:bf:60:58:b0:d5:a1:ee:66:ef:4b:
b1:70:2e:48:95:98:8e:99:4d:46:2e:75:b9:ae:61:b2:06:71:
dd:19:1c:b4:e1:3f:9d:46:df:4d:c7:a1:bd:f0:11:7f:42:49:
4b:a8:56:d8:cf:f0:1b:06:50:1a:b1:e1:31:95:97:a6:2c:61:
c1:51:74:c6:f2:62:71:e2:ff:49:89:02:b8:dc:3e:22:40:ef:
17:c6:b2:05:49:46:7b:b3:1a:7c:05:f4:5d:9f:3f:e9:60:4b:
27:29:a0:05:7f:ad:27:08:09:09:42:7e:76:8a:48:aa:20:12:
d2:c1:3a:ec:3a:ac:21:d9:f1:0f:18:4e:d0:c3:c9:72:2c:9d:
c9:33:5a:1c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNQXqtuaRhN0D0jgnNU2XOAGJagcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjOTcwNWEyODRjOTVhMGY1NjMzM2U5ZDEyMGRmNjJmNmU3YjlhYzVlMmJh
NDE1YjMyMTE1YzQ0NzUyNzdkM2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnN5GCtP79y6BqgBbWKVcfRN8FrZ5bXQfaTVj/RoU3jcb/1QSC1L9p6pOv2
3uUmTcdsNALN7HAXLboyxUvfh5SALwNz05egiEH8R/bCm4GSU2+gTSF821GP9tFn
VhOCeCmYuR9Je2ro/5sHUqfp5smZUViHc2t+86sSX8CDPvwDaKor3KHY5ZiBZagI
5TBOcsS46klITUDcALaUgaP77FaDLe6un6AhDr742aManm+C8aLIhKMxRaBTkSTu
400xJd2SexurXiFMwdpgoqeXHvQ8VJ6fBEx1V9/RX7quLJUnwBZm0/yZ4aJJTyAE
DYqZFCjuWHDkpoqteT84sgVarDkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYQUK6
UHM+j/R03Ep0jWNdDVPIJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWQ0ZWE1YTUtNDEwYi00ZmFlLTgwY2EtOTM1OTBmNjdkNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBZhWrUy/uv/e9t2G5/J3Yh7/A/F106IrRSH/J6oi+n
dvtS7Ir48LKEsHjKLGQc0I6kW/RYo1jJPbaVOYDduMLTkrspTYLKe7eHxgEUaMei
+nrUQ/JC/4lePYO2fXxNe1fCrszqa2vEUSVDjbZD29lTOVKZQL9gWLDVoe5m70ux
cC5IlZiOmU1GLnW5rmGyBnHdGRy04T+dRt9Nx6G98BF/QklLqFbYz/AbBlAaseEx
lZemLGHBUXTG8mJx4v9JiQK43D4iQO8XxrIFSUZ7sxp8BfRdnz/pYEsnKaAFf60n
CAkJQn52ikiqIBLSwTrsOqwh2fEPGE7Qw8lyLJ3JM1oc
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org