Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
File: 7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa (raw, json)
Hash identifier: 899nVtVcqBQx6c82Hlr49QGxW4kQVgc2D8QmHiMdUdQ=
Subject key identifier: 7B:C5:8C:87:80:36:DE:B7:C7:96:02:66:29:18:36:EB:31:61:0C:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CDFFA5B47A45AD4BBCA771E91A3ECFD1A3AAC3D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:df:fa:5b:47:a4:5a:d4:bb:ca:77:1e:91:a3:ec:fd:1a:3a:ac:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=76d32b7ab5f3cf128aa2c84e356fd02c55bce4d3382b1c607d159cf9bade1a2a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b3:44:ad:63:5b:e2:d3:f9:16:0c:08:13:f9:
a1:a7:0e:28:19:59:cc:43:2c:ed:64:3c:32:7f:df:
d8:b3:21:d3:ff:20:70:28:22:27:d5:82:fd:eb:ad:
b5:f9:89:c3:cc:f6:06:7f:b1:91:b7:07:d7:5b:e7:
3e:67:b1:f3:74:5f:28:4a:4c:34:5b:d8:fb:76:a7:
71:84:a3:7c:2d:59:62:42:fa:63:15:17:ae:05:e6:
46:f7:9f:85:cc:f6:2f:87:ae:ec:9c:c5:29:27:1a:
96:9c:df:ce:72:61:b6:2c:fd:dc:cf:03:f9:8b:3c:
af:04:ec:23:90:39:ef:b3:3d:12:26:7c:30:04:df:
95:e2:29:ba:10:a6:b7:92:f4:9a:03:46:4c:11:dd:
c7:1a:7f:0e:83:ff:6e:a5:0c:42:3d:99:47:11:d1:
44:52:d3:54:f9:35:a7:6e:e0:8d:2a:4c:6b:ec:e8:
01:d2:66:49:48:1d:41:c6:82:df:8b:5b:96:f0:c7:
03:27:ce:2b:8a:a5:81:b5:61:db:6d:19:74:3a:31:
6d:d1:cb:41:a6:76:5a:a4:fc:7c:6e:0d:9b:e6:c9:
d2:f0:66:a6:22:da:10:3f:10:1e:6a:0d:46:2c:d1:
7e:0e:5e:49:99:ef:89:af:48:c5:5c:03:15:1b:8e:
08:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C5:8C:87:80:36:DE:B7:C7:96:02:66:29:18:36:EB:31:61:0C:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:7b:80:9d:b9:ff:c9:8b:ff:29:76:ef:90:3a:e5:86:11:28:
aa:d0:cc:e7:27:1b:c1:bf:03:78:82:2b:e7:33:d2:05:c5:50:
9c:c4:1b:b2:fe:91:f2:b2:a4:cf:f3:d6:39:85:dd:d8:32:57:
ad:f2:0c:4d:b7:14:53:92:f5:20:b2:e8:19:b5:ad:5f:4f:49:
84:57:66:15:70:3d:07:9d:c1:7c:40:6d:98:2b:8c:45:c7:40:
7f:4a:3f:3a:90:d4:03:ca:01:1d:85:65:95:32:f6:60:7c:65:
b4:44:d2:71:36:81:d5:b6:c9:d6:db:0d:64:50:bc:5b:bd:dc:
0f:b9:41:47:c6:d1:de:bb:bb:a4:b0:47:21:71:d3:6b:06:68:
31:a9:d7:2c:34:91:02:78:fe:c7:63:d4:89:00:b0:78:66:81:
38:bb:ed:bb:b6:4c:a8:48:e5:c0:a0:bc:fc:78:bb:d6:67:a2:
08:78:4e:73:4a:6e:97:ad:a8:6f:f2:c5:d9:2e:39:d5:9b:aa:
ea:df:2c:21:a5:96:96:35:7a:92:b7:05:24:5d:82:dc:23:50:
f1:5d:c2:fe:45:b5:cb:ca:fb:f4:50:76:2b:d2:79:24:53:de:
cd:ba:75:00:f7:a1:97:e4:84:4d:ee:14:bc:e3:6a:04:f6:5f:
d4:97:b2:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfN/6W0ekWtS7yncekaPs/Ro6rD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ZDMyYjdhYjVmM2NmMTI4YWEyYzg0ZTM1NmZkMDJjNTViY2U0ZDMzODJi
MWM2MDdkMTU5Y2Y5YmFkZTFhMmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyzRK1jW+LT+RYMCBP5oacOKBlZzEMs7WQ8Mn/f2LMh0/8gcCgiJ9WC/eut
tfmJw8z2Bn+xkbcH11vnPmex83RfKEpMNFvY+3ancYSjfC1ZYkL6YxUXrgXmRvef
hcz2L4eu7JzFKScalpzfznJhtiz93M8D+Ys8rwTsI5A577M9EiZ8MATfleIpuhCm
t5L0mgNGTBHdxxp/DoP/bqUMQj2ZRxHRRFLTVPk1p27gjSpMa+zoAdJmSUgdQcaC
34tblvDHAyfOK4qlgbVh220ZdDoxbdHLQaZ2WqT8fG4Nm+bJ0vBmpiLaED8QHmoN
RizRfg5eSZnvia9IxVwDFRuOCBMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7xYyH
gDbet8eWAmYpGDbrMWEMgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Q2OWRjYTctYWFiZC00YWEwLThhZTctYTBhYmQ0MDUwZWNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQCre4Cduf/Ji/8pdu+QOuWGESiq0MznJxvBvwN4givn
M9IFxVCcxBuy/pHysqTP89Y5hd3YMlet8gxNtxRTkvUgsugZta1fT0mEV2YVcD0H
ncF8QG2YK4xFx0B/Sj86kNQDygEdhWWVMvZgfGW0RNJxNoHVtsnW2w1kULxbvdwP
uUFHxtHeu7uksEchcdNrBmgxqdcsNJECeP7HY9SJALB4ZoE4u+27tkyoSOXAoLz8
eLvWZ6IIeE5zSm6Xrahv8sXZLjnVm6rq3ywhpZaWNXqStwUkXYLcI1DxXcL+RbXL
yvv0UHYr0nkkU97NunUA96GX5IRN7hS842oE9l/Ul7I4
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org