Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: vk0M1TZaGUzMWgY2Y/t1C1vov7Hw6KRKfdSSksCBPqI=
Subject key identifier: 9F:1F:05:74:F1:30:ED:17:19:33:93:BA:5F:3D:07:22:64:EE:00:AB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B3E223524B629D905B51184A259D0194D42A338
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:3e:22:35:24:b6:29:d9:05:b5:11:84:a2:59:d0:19:4d:42:a3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=275e994dd7416fe050a0d74026983c9a73db69033ab9c3a78230c729524c4fdf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3c:40:3d:3c:09:49:de:df:9a:ba:50:fe:10:
de:f2:28:20:f8:9b:33:aa:c1:ef:1f:04:fd:80:35:
51:8a:c5:16:8e:2f:e8:9f:d2:f1:2f:09:72:50:58:
12:92:c7:33:58:4d:c6:7d:f9:d9:e0:17:1e:e2:8d:
42:a7:ff:08:b2:9b:61:ce:12:1f:41:26:9d:44:1a:
e6:c1:f6:45:69:c8:f8:43:72:6d:cb:f1:10:d6:35:
01:cb:2b:d1:d8:6a:50:b5:ca:2f:06:39:c9:d8:b1:
87:44:03:57:73:87:9e:c3:1e:97:a3:8e:94:56:d8:
3e:8d:98:d4:cd:1e:3e:33:a4:66:83:1d:20:c8:43:
cd:60:3f:f3:f7:5e:96:9a:f3:52:9e:0f:41:fb:1d:
77:be:e1:e9:3b:b2:1b:3c:1a:c9:41:54:cf:a0:0c:
7d:71:ee:2c:b0:89:3f:41:9f:d7:b1:c0:00:c1:c8:
46:bd:27:49:6d:c2:2c:03:53:04:04:b4:c0:15:8d:
8a:3b:a8:41:36:be:9c:52:f1:76:57:d0:39:0e:ff:
c7:98:47:6c:2b:61:09:0c:68:e5:ad:38:b9:33:44:
7d:97:12:87:8e:64:59:1b:ff:c4:40:45:39:b7:66:
db:e6:ba:0a:0e:98:b9:13:fb:ff:7f:ae:d6:9e:59:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1F:05:74:F1:30:ED:17:19:33:93:BA:5F:3D:07:22:64:EE:00:AB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2e:07:e2:6d:02:47:cd:1c:38:11:59:e6:eb:b3:39:5b:2a:3b:
57:72:70:b3:11:d7:d6:84:cd:e8:2b:8c:b2:f5:4b:d1:8c:64:
fc:ee:e1:82:fb:e6:6a:61:26:2b:50:8f:96:87:e5:b4:ee:54:
26:04:34:05:f0:61:57:94:7a:8f:04:19:f4:93:8a:17:16:b6:
aa:bb:86:f7:a5:21:4e:ea:3d:d9:8d:79:c4:a4:e6:31:75:d2:
6c:ac:ab:d9:de:a3:89:a9:49:19:92:ce:fe:19:81:2f:91:ba:
b2:c4:00:67:7b:52:1c:34:00:18:a9:48:8d:91:56:c9:ff:f0:
bf:8c:c0:a7:37:02:63:97:9c:e4:90:a1:c0:fe:d3:ff:cf:6a:
c0:f1:ee:45:84:c0:30:e1:d0:07:c9:49:09:d3:c4:e6:d7:66:
fd:1c:91:9e:61:61:aa:a3:ba:45:a6:54:23:e0:58:09:ee:0e:
bf:f7:be:c2:1f:b8:25:e1:d7:e9:e9:77:4b:ab:50:a3:62:9e:
5c:40:fd:c9:6c:d4:ce:e9:40:1f:5f:c2:a0:99:2e:60:f3:06:
bd:65:f5:d0:84:87:53:3e:33:0a:58:e3:35:2a:9c:bc:12:58:
57:af:c0:a9:96:ea:57:04:7a:a9:86:a4:87:a3:18:d0:90:d5:
44:dc:c9:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKz4iNSS2KdkFtRGEolnQGU1CozgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3NWU5OTRkZDc0MTZmZTA1MGEwZDc0MDI2OTgzYzlhNzNkYjY5MDMzYWI5
YzNhNzgyMzBjNzI5NTI0YzRmZGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMM8QD08CUne35q6UP4Q3vIoIPibM6rB7x8E/YA1UYrFFo4v6J/S8S8JclBY
EpLHM1hNxn352eAXHuKNQqf/CLKbYc4SH0EmnUQa5sH2RWnI+ENybcvxENY1Acsr
0dhqULXKLwY5ydixh0QDV3OHnsMel6OOlFbYPo2Y1M0ePjOkZoMdIMhDzWA/8/de
lprzUp4PQfsdd77h6TuyGzwayUFUz6AMfXHuLLCJP0Gf17HAAMHIRr0nSW3CLANT
BAS0wBWNijuoQTa+nFLxdlfQOQ7/x5hHbCthCQxo5a04uTNEfZcSh45kWRv/xEBF
Obdm2+a6Cg6YuRP7/3+u1p5ZQpcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSfHwV0
8TDtFxkzk7pfPQciZO4AqzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQAuB+JtAkfNHDgRWebrszlbKjtXcnCzEdfWhM3oK4yy
9UvRjGT87uGC++ZqYSYrUI+Wh+W07lQmBDQF8GFXlHqPBBn0k4oXFraqu4b3pSFO
6j3ZjXnEpOYxddJsrKvZ3qOJqUkZks7+GYEvkbqyxABne1IcNAAYqUiNkVbJ//C/
jMCnNwJjl5zkkKHA/tP/z2rA8e5FhMAw4dAHyUkJ08Tm12b9HJGeYWGqo7pFplQj
4FgJ7g6/977CH7gl4dfp6XdLq1CjYp5cQP3JbNTO6UAfX8KgmS5g8wa9ZfXQhIdT
PjMKWOM1Kpy8ElhXr8CplupXBHqphqSHoxjQkNVE3MmF
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org