Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
File: 7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa (raw, json)
Hash identifier: n5oGhwbJemCk/wgoxeYvfNo/8+LG8mrZnBsFQNMOqW0=
Subject key identifier: 47:A8:DE:0B:1F:46:AD:6A:D9:DC:FC:67:42:58:08:5C:43:57:65:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F4C1249FE876380D1EA7340B86F0053FD570313
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:4c:12:49:fe:87:63:80:d1:ea:73:40:b8:6f:00:53:fd:57:03:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=d2cab5aac19beec7e4cc757a2e1891752e40345d54551510ba729c0e596feb0f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f4:b6:ea:f3:ad:8d:c9:57:1c:d2:33:4e:0a:
b4:97:2c:d3:b2:fd:f5:82:30:6b:fc:ea:e3:f0:4f:
dc:71:c6:3d:c9:74:5d:e0:dd:37:e8:83:fd:27:50:
1a:2e:02:77:e2:93:43:06:3a:b8:b7:b9:98:41:f4:
c8:12:6f:2a:ed:c4:47:53:9d:c6:f2:a7:db:f7:cf:
69:89:94:2b:16:36:ba:5c:eb:db:4f:4b:d4:c9:b5:
84:f3:d8:d0:56:b6:8b:eb:2d:c6:97:fa:21:5f:0a:
cd:30:1d:d0:6b:a0:77:84:49:26:cd:4c:4e:20:ab:
79:eb:6f:3c:76:23:3a:67:9d:4c:3f:5f:c2:60:d1:
a5:be:99:2b:89:ba:be:59:e7:47:3e:30:dd:14:fc:
23:aa:03:51:a4:8a:27:6e:7a:a9:5b:9e:12:24:44:
f7:4d:2a:ef:21:37:33:75:1b:89:c4:d1:59:98:c1:
ed:8d:56:a8:fb:17:94:30:5c:c9:96:72:3e:b0:b2:
22:da:36:40:70:8f:3b:38:bc:72:37:d7:a3:ea:c4:
8d:1e:9e:02:6e:cb:e6:b9:dc:fb:2e:b0:ba:29:fc:
c3:75:c1:42:d2:bf:b0:e0:9f:b8:d4:b7:f4:4c:c1:
eb:0e:92:12:ce:0d:04:4a:62:bf:98:b1:3b:82:8c:
af:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A8:DE:0B:1F:46:AD:6A:D9:DC:FC:67:42:58:08:5C:43:57:65:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
89:28:f5:67:3b:53:24:4b:20:04:92:d7:f6:2d:d7:7f:95:93:
d4:04:c8:c1:39:d7:9d:40:ce:64:e7:c7:02:cc:9e:0e:85:8f:
ae:78:3e:ef:62:75:d2:0d:ad:e7:ad:20:f1:0d:3e:7e:e5:6d:
75:d9:92:1b:d0:83:f1:59:8a:ba:e0:23:bf:6d:a7:f7:18:f0:
b2:fb:70:f2:57:2e:e8:0b:f6:7e:2b:45:1b:62:58:68:4e:ef:
b6:08:a4:e7:f5:7a:21:71:25:7c:9b:5f:08:fa:c3:23:c3:f4:
3b:61:40:db:93:79:50:f3:4a:00:ef:35:be:ed:f9:e6:34:dc:
89:b4:35:05:55:31:b3:14:66:a8:5f:25:46:2f:2f:14:53:74:
24:2c:5f:3e:aa:d4:95:dc:c4:6f:5d:a8:cd:2c:7b:73:44:16:
06:9d:fd:d4:c8:36:28:2a:31:f1:ce:ae:ff:14:e3:cb:4c:4a:
11:c7:4e:99:4d:35:d3:34:3c:ab:cf:86:f8:98:da:f2:de:b4:
c2:65:fc:63:17:26:40:61:18:4b:d9:7c:e2:b1:0b:b2:ea:87:
d4:31:15:ce:5f:f5:94:08:74:7c:c2:62:ce:7b:b6:af:2b:e1:
1e:5e:5b:92:a7:b1:d0:a3:46:31:e5:16:d6:2c:b2:02:f7:1c:
e9:80:96:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP0wSSf6HY4DR6nNAuG8AU/1XAxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyY2FiNWFhYzE5YmVlYzdlNGNjNzU3YTJlMTg5MTc1MmU0MDM0NWQ1NDU1
MTUxMGJhNzI5YzBlNTk2ZmViMGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOL0turzrY3JVxzSM04KtJcs07L99YIwa/zq4/BP3HHGPcl0XeDdN+iD/SdQ
Gi4Cd+KTQwY6uLe5mEH0yBJvKu3ER1OdxvKn2/fPaYmUKxY2ulzr209L1Mm1hPPY
0Fa2i+stxpf6IV8KzTAd0Gugd4RJJs1MTiCreetvPHYjOmedTD9fwmDRpb6ZK4m6
vlnnRz4w3RT8I6oDUaSKJ256qVueEiRE900q7yE3M3UbicTRWZjB7Y1WqPsXlDBc
yZZyPrCyIto2QHCPOzi8cjfXo+rEjR6eAm7L5rnc+y6wuin8w3XBQtK/sOCfuNS3
9EzB6w6SEs4NBEpiv5ixO4KMr+cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRHqN4L
H0atatnc/GdCWAhcQ1dlTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzE5MmU3NjEtMDVhOS00YzNlLTliMjItZWIzZWQwYzM3ZDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCJKPVnO1MkSyAEktf2Ldd/lZPUBMjBOdedQM5k58cC
zJ4OhY+ueD7vYnXSDa3nrSDxDT5+5W112ZIb0IPxWYq64CO/baf3GPCy+3DyVy7o
C/Z+K0UbYlhoTu+2CKTn9XohcSV8m18I+sMjw/Q7YUDbk3lQ80oA7zW+7fnmNNyJ
tDUFVTGzFGaoXyVGLy8UU3QkLF8+qtSV3MRvXajNLHtzRBYGnf3UyDYoKjHxzq7/
FOPLTEoRx06ZTTXTNDyrz4b4mNry3rTCZfxjFyZAYRhL2XzisQuy6ofUMRXOX/WU
CHR8wmLOe7avK+EeXluSp7HQo0Yx5RbWLLIC9xzpgJZg
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org