Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
File: 5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa (raw, json)
Hash identifier: vofhQDVIUNhCAlxEBXlu7mMl13reG6KovusH+ZtD2i8=
Subject key identifier: BD:44:47:CE:CC:BD:A1:A9:A0:B2:A8:10:1E:BF:7D:B3:CF:10:DC:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B99BC3981E59996D0A1F82BB1D43113B15C34ED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:99:bc:39:81:e5:99:96:d0:a1:f8:2b:b1:d4:31:13:b1:5c:34:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=3292721cc715196be54d87e76d9a5db913076190c513b6fde93ce32a174524a2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:82:6d:f2:b3:00:14:fc:7e:53:64:5e:5e:f0:
9a:85:78:57:07:87:5c:f1:c5:c4:c1:24:df:86:a4:
53:15:7e:93:ab:46:00:d6:91:60:c5:9e:88:8c:d4:
27:d1:e8:d8:5e:0f:fc:fb:7e:c0:ac:2c:6e:31:7e:
06:f1:26:e4:ee:e0:5d:81:db:1c:7f:0d:ea:28:95:
5f:5b:b6:19:b6:61:b9:5d:df:fa:8c:d4:fa:33:5b:
f3:34:fd:1f:27:9e:be:ac:92:80:e9:c3:27:79:09:
00:3a:1a:61:ea:1f:5e:71:a8:be:68:67:0b:cb:66:
a0:92:29:a2:86:49:fd:8b:17:89:c8:ae:59:68:c9:
7f:62:b3:2d:69:b5:fb:94:6a:aa:da:c7:89:52:8f:
8c:17:62:da:71:82:73:42:1c:2b:2e:f4:a6:7a:1a:
03:e0:8d:fc:f7:d6:1c:ce:d7:34:db:08:e7:6a:7a:
e9:42:38:76:7d:0d:ab:aa:2b:a0:04:9b:77:a0:0d:
2c:52:61:c9:b6:ec:4a:ba:c3:7e:90:6d:c3:01:20:
77:2d:26:1e:c2:44:4b:cd:cf:80:9f:c9:ae:64:f3:
67:5d:e8:31:fa:0f:44:09:89:09:e3:5b:e0:0c:22:
e1:e9:26:7c:c2:17:e8:08:35:2b:60:1d:f3:c8:eb:
72:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:44:47:CE:CC:BD:A1:A9:A0:B2:A8:10:1E:BF:7D:B3:CF:10:DC:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5def5ced-6390-4a74-8bf9-cb677f0b05fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:4f:84:ed:98:d7:c4:7e:d0:df:c3:05:ff:d7:bd:b2:f2:7e:
17:3d:95:dd:e2:45:82:bb:e4:e5:ac:50:67:bf:b7:32:ac:b7:
cc:4d:ec:11:21:93:5f:88:2b:75:c3:37:aa:ec:6d:50:65:a9:
39:df:e0:37:19:14:c8:dd:96:7b:80:b9:a8:ff:16:73:09:98:
b0:3d:04:4b:41:44:2b:9b:d0:c5:ca:3a:ae:a8:de:94:ef:9f:
35:5b:15:41:aa:c9:93:8d:04:24:72:3a:79:a3:d8:a4:9a:bc:
be:c9:d8:7b:72:5d:8d:b7:a4:5d:c9:04:93:58:9c:b0:b6:de:
7f:55:d7:bf:10:60:9b:90:84:19:ba:d3:e9:35:63:4a:f4:78:
fb:8c:fb:69:b6:b9:21:0e:d6:1c:46:40:27:a4:8e:d0:e8:6a:
48:5c:b1:73:4f:3a:9a:cd:0e:14:c5:82:f3:59:48:f8:86:d0:
83:8b:00:05:26:0b:63:36:1f:10:3a:47:53:24:d7:46:dd:a0:
5b:63:a3:70:4b:12:e9:66:70:03:e8:13:9e:f8:df:47:5d:08:
1f:d3:a1:b9:cb:0c:88:10:b9:18:7e:f8:b2:47:b9:5b:a2:54:
80:b2:5a:d4:f8:53:b4:14:6f:6e:4f:96:47:87:3c:16:b3:51:
ca:80:1c:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa5m8OYHlmZbQofgrsdQxE7FcNO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyOTI3MjFjYzcxNTE5NmJlNTRkODdlNzZkOWE1ZGI5MTMwNzYxOTBjNTEz
YjZmZGU5M2NlMzJhMTc0NTI0YTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuCbfKzABT8flNkXl7wmoV4VweHXPHFxMEk34akUxV+k6tGANaRYMWeiIzU
J9Ho2F4P/Pt+wKwsbjF+BvEm5O7gXYHbHH8N6iiVX1u2GbZhuV3f+ozU+jNb8zT9
HyeevqySgOnDJ3kJADoaYeofXnGovmhnC8tmoJIpooZJ/YsXiciuWWjJf2KzLWm1
+5RqqtrHiVKPjBdi2nGCc0IcKy70pnoaA+CN/PfWHM7XNNsI52p66UI4dn0Nq6or
oASbd6ANLFJhybbsSrrDfpBtwwEgdy0mHsJES83PgJ/JrmTzZ13oMfoPRAmJCeNb
4Awi4ekmfMIX6Ag1K2Ad88jrcv0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS9REfO
zL2hqaCyqBAev32zzxDcPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWRlZjVjZWQtNjM5MC00YTc0LThiZjktY2I2NzdmMGIwNWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQA4T4TtmNfEftDfwwX/172y8n4XPZXd4kWCu+TlrFBn
v7cyrLfMTewRIZNfiCt1wzeq7G1QZak53+A3GRTI3ZZ7gLmo/xZzCZiwPQRLQUQr
m9DFyjquqN6U7581WxVBqsmTjQQkcjp5o9ikmry+ydh7cl2Nt6RdyQSTWJywtt5/
Vde/EGCbkIQZutPpNWNK9Hj7jPtptrkhDtYcRkAnpI7Q6GpIXLFzTzqazQ4UxYLz
WUj4htCDiwAFJgtjNh8QOkdTJNdG3aBbY6NwSxLpZnAD6BOe+N9HXQgf06G5ywyI
ELkYfviyR7lbolSAslrU+FO0FG9uT5ZHhzwWs1HKgByP
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org