Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
File: 62b77dbe-d122-43ba-a2b6-ab9120df0176.roa (raw, json)
Hash identifier: iLnpd2C1EgNAuHhc/FKsvEdCJJyUyt4oV5i3aHzukmc=
Subject key identifier: F4:76:2C:C1:BD:02:67:91:3B:E5:F5:34:0C:AD:3F:07:56:47:50:05
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0CF8172D874A5D708B19C7DA5774EB59532E0467
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:f8:17:2d:87:4a:5d:70:8b:19:c7:da:57:74:eb:59:53:2e:04:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=9f3111a2f49fabb836594bdf52ed27450a63f319e2398fb3f4527c0285531211, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:22:43:af:18:ea:be:a2:b1:d6:d7:b2:54:32:
ba:bd:31:42:07:9a:e3:90:83:5b:7c:26:f1:27:8b:
f4:7d:ed:e3:35:21:42:74:80:24:8b:8e:c3:a5:56:
6e:f0:4b:0c:fa:2e:9f:5d:5d:b1:29:3e:31:79:0a:
c2:d5:4d:f5:f8:66:bb:e9:d3:e8:cc:46:76:34:71:
f7:4e:01:2e:5d:94:73:9f:fd:7c:9b:3c:2f:aa:9b:
e9:ce:0c:a2:b6:1f:59:60:e1:17:3a:72:9a:6c:e8:
51:48:07:e2:50:21:d0:9b:6f:d7:0c:e4:e2:b4:25:
dc:d8:b8:0e:a1:c7:63:11:0f:cc:a0:6c:a2:b1:2f:
5d:4d:41:44:f9:33:7c:71:72:b8:b7:1a:60:b0:95:
26:8d:c6:eb:78:d1:b7:58:60:78:d3:41:9f:4c:73:
6f:c1:aa:3f:9a:fc:93:95:ed:9c:19:47:61:84:46:
89:8f:c5:1c:58:5a:a8:8c:b9:84:8d:ab:64:51:df:
98:83:33:fa:64:6f:e0:6b:ff:15:08:87:30:7f:78:
a4:c1:d0:ee:14:4c:54:e3:34:c9:ea:97:94:86:46:
b5:4f:5a:d4:a4:3e:cd:c6:9f:d5:5b:de:c7:d4:27:
37:60:c9:e3:d3:2d:c2:dc:e7:c6:df:3e:39:85:e4:
93:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:76:2C:C1:BD:02:67:91:3B:E5:F5:34:0C:AD:3F:07:56:47:50:05
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
1c:02:9f:27:86:12:6d:66:7b:b6:25:22:42:a3:1f:19:0b:dc:
bb:d4:4e:f7:4e:02:67:f8:cc:66:d8:87:fc:3f:df:c1:5c:90:
d6:1f:4b:58:7f:f8:22:cc:88:c2:eb:d2:aa:f5:7b:76:7c:dc:
cf:fe:6d:5d:5e:45:f4:56:92:62:80:21:ea:b2:c6:ba:b6:ad:
a2:ba:b8:61:be:59:dd:8b:8a:dc:43:9e:7f:85:19:5f:6a:0b:
44:f3:a9:74:4f:49:e2:8a:ea:75:d9:52:78:59:a5:e4:39:0c:
3a:3b:19:7a:10:f5:df:4e:f1:7b:68:6f:38:be:5f:d6:57:c0:
e8:fa:c3:fe:11:1a:96:fc:0c:b3:f8:1a:b0:b7:29:d8:fb:88:
76:74:9a:0e:d8:1e:93:a6:88:ab:29:0e:e4:23:c5:21:5d:20:
42:9b:44:ea:ef:d6:03:34:58:da:3d:96:65:68:15:a4:27:bb:
06:6d:82:a2:34:21:13:ef:83:8f:d9:f9:1f:4f:9e:e5:44:7a:
81:1c:70:76:34:62:83:c2:d4:af:c4:43:0a:f4:69:01:3b:06:
45:20:33:8b:29:c2:e4:6d:7d:11:e2:3e:ca:8a:8c:52:30:3b:
e5:46:24:a1:b9:ae:14:83:35:6e:6c:a7:30:f3:35:74:7d:93:
5a:ac:35:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDPgXLYdKXXCLGcfaV3TrWVMuBGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMzExMWEyZjQ5ZmFiYjgzNjU5NGJkZjUyZWQyNzQ1MGE2M2YzMTllMjM5
OGZiM2Y0NTI3YzAyODU1MzEyMTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgiQ68Y6r6isdbXslQyur0xQgea45CDW3wm8SeL9H3t4zUhQnSAJIuOw6VW
bvBLDPoun11dsSk+MXkKwtVN9fhmu+nT6MxGdjRx904BLl2Uc5/9fJs8L6qb6c4M
orYfWWDhFzpymmzoUUgH4lAh0Jtv1wzk4rQl3Ni4DqHHYxEPzKBsorEvXU1BRPkz
fHFyuLcaYLCVJo3G63jRt1hgeNNBn0xzb8GqP5r8k5XtnBlHYYRGiY/FHFhaqIy5
hI2rZFHfmIMz+mRv4Gv/FQiHMH94pMHQ7hRMVOM0yeqXlIZGtU9a1KQ+zcaf1Vve
x9QnN2DJ49Mtwtznxt8+OYXkk0UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT0dizB
vQJnkTvl9TQMrT8HVkdQBTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjJiNzdkYmUtZDEyMi00M2JhLWEyYjYtYWI5MTIwZGYwMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQAcAp8nhhJtZnu2JSJCox8ZC9y71E73TgJn+Mxm2If8
P9/BXJDWH0tYf/gizIjC69Kq9Xt2fNzP/m1dXkX0VpJigCHqssa6tq2iurhhvlnd
i4rcQ55/hRlfagtE86l0T0niiup12VJ4WaXkOQw6Oxl6EPXfTvF7aG84vl/WV8Do
+sP+ERqW/Ayz+BqwtynY+4h2dJoO2B6TpoirKQ7kI8UhXSBCm0Tq79YDNFjaPZZl
aBWkJ7sGbYKiNCET74OP2fkfT57lRHqBHHB2NGKDwtSvxEMK9GkBOwZFIDOLKcLk
bX0R4j7KioxSMDvlRiShua4UgzVubKcw8zV0fZNarDWo
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org