Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
File: 5e32ec83-e02b-4454-b463-f3fd39e9df64.roa (raw, json)
Hash identifier: oeXGQzY9PoFApoeS4WBZDVs/AD2eF9jdiBWMptGTLw0=
Subject key identifier: BC:81:52:89:5C:59:04:53:1A:5D:C3:53:30:88:C6:A8:6E:F6:E5:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12765E5747C04DC3EEA1C65E5CF30620A1765881
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:76:5e:57:47:c0:4d:c3:ee:a1:c6:5e:5c:f3:06:20:a1:76:58:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=5568f60eb20adc2e3d8ccf7770706f7e0cf91e3beb9780c2c68f12c250ec5c84, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:fe:70:b8:91:0b:ef:05:7c:34:84:c3:97:
8d:46:09:79:55:16:03:84:72:29:52:5b:00:f0:8e:
cc:71:96:1d:90:d3:d2:6e:2e:95:d6:ed:45:8d:d0:
1b:2d:8a:5a:ca:e4:0f:be:19:76:a1:7a:85:f4:30:
11:d8:4f:97:c0:99:84:a9:4f:06:7a:90:bb:89:42:
df:ed:54:e7:71:35:34:ef:31:3f:32:d0:b6:38:00:
05:8d:de:78:aa:dc:c7:01:d6:f0:d2:49:07:e8:fb:
20:65:5c:e4:0f:92:90:26:45:ea:81:32:02:0e:e3:
43:fd:72:35:87:1f:be:eb:79:19:49:a7:e2:2f:7f:
42:b5:0c:d2:0d:3c:61:15:fe:8c:cf:3b:60:8c:1b:
dc:ff:5a:1a:75:d6:c1:d9:90:6e:e0:80:4d:50:2b:
f9:76:90:ce:9a:2b:61:0f:76:12:53:f7:d0:57:39:
96:11:a2:db:80:64:67:03:e7:ee:17:9d:cb:d1:30:
21:fe:d4:31:3e:16:c2:7a:63:4e:10:be:2b:14:77:
8c:08:98:74:53:af:49:90:57:08:47:0e:06:8a:4d:
39:d6:03:f0:e2:29:7d:cc:a4:26:af:1f:65:07:b9:
d3:bb:85:bd:7c:66:ab:a1:3b:cc:9f:c4:52:12:6f:
63:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:81:52:89:5C:59:04:53:1A:5D:C3:53:30:88:C6:A8:6E:F6:E5:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
11:0e:7b:bb:1b:de:2c:1b:d5:ec:db:79:39:18:69:5f:af:5d:
2b:bb:8c:91:05:36:f4:c9:d5:99:fa:10:9f:d7:3d:42:9f:a3:
6a:bf:02:4f:cb:83:2f:e1:d4:fb:a4:be:6a:ac:3d:7a:af:d7:
6b:b8:2e:d4:16:a0:2b:40:c7:63:a4:ab:7c:77:de:1a:68:ca:
c9:d3:0c:49:aa:44:f7:34:06:35:f2:99:50:1a:aa:8c:0c:39:
60:7d:d8:de:87:ca:d9:f1:e4:c7:41:a4:f8:86:5e:17:93:c9:
21:07:86:cc:df:b3:ee:82:2b:b3:df:e9:39:95:50:51:5f:eb:
07:eb:cf:5d:53:a6:bf:a6:88:38:56:f9:29:42:7e:dd:85:fd:
ad:eb:4c:f9:7a:9b:2c:d1:cd:53:4d:39:0c:ca:04:76:b8:c8:
e9:52:79:7a:9a:c1:50:6e:50:11:d1:a7:f1:ea:bd:de:f0:2e:
db:6a:87:4b:dd:42:cd:07:7f:66:c8:03:3b:da:51:24:6e:3e:
05:50:e1:cf:d3:6e:9c:0b:df:6c:4f:a6:0e:18:e6:65:d1:ed:
65:b3:8b:e8:30:61:0f:97:8d:af:c6:8b:47:e3:16:49:ca:e1:
88:2d:2b:6d:cb:71:80:e4:fe:1e:bc:2e:ab:88:f7:28:54:d3:
fe:a7:34:c3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEnZeV0fATcPuocZeXPMGIKF2WIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1NjhmNjBlYjIwYWRjMmUzZDhjY2Y3NzcwNzA2ZjdlMGNmOTFlM2JlYjk3
ODBjMmM2OGYxMmMyNTBlYzVjODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwq/nC4kQvvBXw0hMOXjUYJeVUWA4RyKVJbAPCOzHGWHZDT0m4uldbtRY3Q
Gy2KWsrkD74ZdqF6hfQwEdhPl8CZhKlPBnqQu4lC3+1U53E1NO8xPzLQtjgABY3e
eKrcxwHW8NJJB+j7IGVc5A+SkCZF6oEyAg7jQ/1yNYcfvut5GUmn4i9/QrUM0g08
YRX+jM87YIwb3P9aGnXWwdmQbuCATVAr+XaQzporYQ92ElP30Fc5lhGi24BkZwPn
7hedy9EwIf7UMT4WwnpjThC+KxR3jAiYdFOvSZBXCEcOBopNOdYD8OIpfcykJq8f
ZQe507uFvXxmq6E7zJ/EUhJvYykCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS8gVKJ
XFkEUxpdw1MwiMaobvbl8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWUzMmVjODMtZTAyYi00NDU0LWI0NjMtZjNmZDM5ZTlkZjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQARDnu7G94sG9Xs23k5GGlfr10ru4yRBTb0ydWZ+hCf
1z1Cn6NqvwJPy4Mv4dT7pL5qrD16r9druC7UFqArQMdjpKt8d94aaMrJ0wxJqkT3
NAY18plQGqqMDDlgfdjeh8rZ8eTHQaT4hl4Xk8khB4bM37Pugiuz3+k5lVBRX+sH
689dU6a/pog4VvkpQn7dhf2t60z5epss0c1TTTkMygR2uMjpUnl6msFQblAR0afx
6r3e8C7baodL3ULNB39myAM72lEkbj4FUOHP026cC99sT6YOGOZl0e1ls4voMGEP
l42vxotH4xZJyuGILStty3GA5P4evC6riPcoVNP+pzTD
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org