Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: PDTDCC/j5oPjUplA62xjgDAD37AqjRY0qnomOdSOWEc=
Subject key identifier: F2:56:D1:F0:52:7A:3B:8E:41:1F:8B:BC:2A:9B:3D:CB:98:9F:03:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F925274A188518B4400BD11A69A07CAB265B4DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:92:52:74:a1:88:51:8b:44:00:bd:11:a6:9a:07:ca:b2:65:b4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=f627149b84a2a595e4887a357561d4f7c0a8b84368a5999efa35bf71a4cb3d68, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:98:54:bd:9b:b9:a2:e9:2b:3c:a2:1f:e4:cf:
22:c8:c0:64:c1:bb:2d:f2:18:44:54:4d:55:dd:bb:
43:e9:c7:17:c7:7a:82:79:e6:6f:f2:b2:b4:37:fb:
15:e4:ef:03:35:01:0a:3b:87:dc:1e:8d:f9:3c:cc:
bd:9c:0b:ee:c1:62:b3:f2:9d:fe:89:44:c7:3b:9c:
ca:1b:0a:40:39:4a:80:6e:e4:46:f2:a5:4c:65:79:
9e:c7:8d:6a:0e:03:a7:83:a6:c9:81:aa:51:34:58:
eb:be:00:4b:fb:fc:a3:42:b7:f6:b4:fb:9a:86:c2:
e1:66:ca:86:fe:b8:e1:3b:b0:dd:e7:5a:d5:9a:01:
49:80:98:ba:5c:f4:d4:e2:66:9f:3b:18:5a:5c:45:
d5:a2:5d:16:5e:bf:f2:92:c2:39:25:d6:e2:3b:08:
46:81:e1:2c:2f:a0:bd:3e:6d:38:82:2b:15:ec:6d:
7f:2d:21:26:17:a3:46:8a:81:01:dc:bd:8b:74:3e:
34:bb:52:f7:27:5b:84:db:17:0d:9e:b0:82:ed:a7:
26:79:33:19:f7:28:38:f3:a5:02:ff:0a:bc:b1:51:
0c:46:24:64:c8:a5:4c:8a:39:c3:d9:70:95:eb:2c:
05:5d:25:f1:eb:30:04:c5:93:4c:88:60:c1:f0:73:
5f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:56:D1:F0:52:7A:3B:8E:41:1F:8B:BC:2A:9B:3D:CB:98:9F:03:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:56:15:17:2e:1f:e5:12:58:4b:32:4d:ec:f4:28:b6:e2:e3:
38:f4:29:58:77:2d:20:a6:21:cf:d1:23:b8:89:fb:43:3e:58:
4b:4b:c6:16:f6:20:aa:07:3a:56:82:26:a3:a4:41:38:dc:4c:
57:81:51:71:f5:09:41:2e:af:89:3b:66:86:24:e2:aa:98:b3:
93:86:0b:3c:7a:db:c9:a8:5f:72:0a:53:68:9d:7c:41:67:a9:
33:06:81:03:1c:ff:b4:41:22:ab:3e:e1:3d:30:3f:46:e1:0d:
03:8b:6d:9c:6b:8e:e8:23:b7:3b:f3:90:78:0e:a6:ad:86:5f:
11:c8:ce:3c:01:eb:ff:88:aa:d3:8b:d5:bf:65:ae:23:32:23:
fa:82:15:77:9f:1e:a4:9e:e9:45:c9:54:44:94:ab:f6:1e:31:
a8:84:44:76:8f:56:e5:e4:48:53:83:1f:62:ea:81:c0:a9:1c:
ff:ba:16:8d:05:9a:4a:4a:18:e7:f8:4c:20:51:91:c7:82:3d:
8c:7a:e4:96:45:aa:86:2b:ac:9f:54:25:ed:12:7f:d9:23:24:
a1:f4:22:c8:e5:b9:67:9e:64:42:0c:53:6d:16:35:af:34:f7:
41:1e:e8:a5:06:1c:8b:37:ad:f4:c5:da:4c:f8:0e:4a:6f:35:
dc:a0:78:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD5JSdKGIUYtEAL0RppoHyrJltN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MjcxNDliODRhMmE1OTVlNDg4N2EzNTc1NjFkNGY3YzBhOGI4NDM2OGE1
OTk5ZWZhMzViZjcxYTRjYjNkNjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeYVL2buaLpKzyiH+TPIsjAZMG7LfIYRFRNVd27Q+nHF8d6gnnmb/KytDf7
FeTvAzUBCjuH3B6N+TzMvZwL7sFis/Kd/olExzucyhsKQDlKgG7kRvKlTGV5nseN
ag4Dp4OmyYGqUTRY674AS/v8o0K39rT7mobC4WbKhv644Tuw3eda1ZoBSYCYulz0
1OJmnzsYWlxF1aJdFl6/8pLCOSXW4jsIRoHhLC+gvT5tOIIrFextfy0hJhejRoqB
Ady9i3Q+NLtS9ydbhNsXDZ6wgu2nJnkzGfcoOPOlAv8KvLFRDEYkZMilTIo5w9lw
lessBV0l8eswBMWTTIhgwfBzX8kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTyVtHw
Uno7jkEfi7wqmz3LmJ8D1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQAvVhUXLh/lElhLMk3s9Ci24uM49ClYdy0gpiHP0SO4
iftDPlhLS8YW9iCqBzpWgiajpEE43ExXgVFx9QlBLq+JO2aGJOKqmLOThgs8etvJ
qF9yClNonXxBZ6kzBoEDHP+0QSKrPuE9MD9G4Q0Di22ca47oI7c785B4Dqathl8R
yM48Aev/iKrTi9W/Za4jMiP6ghV3nx6knulFyVRElKv2HjGohER2j1bl5EhTgx9i
6oHAqRz/uhaNBZpKShjn+EwgUZHHgj2MeuSWRaqGK6yfVCXtEn/ZIySh9CLI5bln
nmRCDFNtFjWvNPdBHuilBhyLN630xdpM+A5KbzXcoHgL
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org