Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: CqXVanuowqKjFrX8APcBOCMldUVdxIIhaeGPDtTiL2U=
Subject key identifier: BB:76:8A:21:FC:8B:F6:C7:D2:51:FD:0D:56:CC:ED:E1:72:20:EB:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20230F2838765E340BA7A21FDEE747385DEE34A6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Fri 14 Jun 2024 00:00:00 +0000
ROA not before: Fri 14 Jun 2024 00:00:00 +0000
ROA not after: Fri 19 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:23:0f:28:38:76:5e:34:0b:a7:a2:1f:de:e7:47:38:5d:ee:34:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 14 00:00:00 2024 GMT
Not After : Jul 19 23:59:59 2024 GMT
Subject: serialNumber=4ad94e0acf74a95c28d6e745be725d6ea5ed3bdf65359f1b5776e6a114e57e75, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ae:fb:ad:64:c6:be:d6:3b:22:1e:b4:8b:e0:
c5:ac:59:90:70:a4:f6:a6:9a:22:1c:fb:b4:93:fd:
4e:96:fc:d3:38:0b:ce:0b:10:4b:d2:ca:18:d4:6f:
01:c0:53:7d:73:4a:cf:8a:30:b1:49:60:1e:56:88:
1f:8e:e1:f7:63:02:04:e0:be:b3:c5:81:2e:5b:96:
62:5a:c9:51:6f:1f:d7:5a:8c:1f:59:05:ac:4b:ca:
e1:f1:1a:bc:40:a1:e1:88:2f:53:0d:34:9c:41:3f:
5e:01:33:e9:84:b0:68:64:cf:dc:90:6e:8e:01:9c:
78:d1:2e:26:3e:7a:7f:9b:c9:a6:b7:b5:63:cd:87:
8b:60:5f:92:34:55:cc:ae:73:35:b2:91:43:49:95:
04:a2:18:73:ad:c1:19:ef:9e:a4:c1:e3:15:ba:31:
39:7d:b4:3f:74:01:ba:ca:29:90:f7:6b:bb:0c:ca:
cf:68:57:39:89:df:a9:28:59:9e:ca:1e:1e:85:55:
d0:d2:87:c5:6c:b3:fc:79:74:a9:8e:2b:54:70:95:
08:8d:af:89:27:15:3a:63:18:34:f4:6d:ae:1d:db:
ba:0b:dc:86:3b:68:92:cc:77:f4:5d:39:40:75:5f:
45:c1:07:df:22:f8:f5:b0:40:34:40:dc:83:2b:f7:
ad:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:76:8A:21:FC:8B:F6:C7:D2:51:FD:0D:56:CC:ED:E1:72:20:EB:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:b9:9e:d9:fa:9b:e2:01:1d:b2:f1:d7:91:d2:8c:bf:70:ca:
7a:c2:72:39:c6:8c:68:10:a6:43:e9:f2:fc:f2:c9:9a:99:2a:
e5:05:d3:81:cb:fa:58:66:58:1d:4d:c9:5a:28:46:d8:70:3e:
a9:4a:6f:c9:7f:9c:07:df:66:65:7b:1e:0c:01:79:d0:2a:f6:
f1:04:7d:9d:d4:29:c6:d1:09:f1:d6:46:b1:65:a9:13:3d:75:
ae:60:4b:ba:57:dd:7a:c9:b9:a9:65:f0:26:60:56:74:e9:5b:
12:f0:69:95:0f:67:35:3e:fa:bb:59:74:df:f3:ca:ba:13:87:
1d:e6:f2:5c:2f:a6:49:bf:96:dd:0e:af:2d:7e:8e:a4:87:c6:
20:b1:c6:d4:a8:eb:be:21:48:4b:b7:ee:49:a0:6d:42:0a:3d:
1b:d2:64:af:25:9f:29:3e:71:54:a7:2d:eb:f9:9f:9a:68:3d:
e6:50:2e:fb:9d:2e:2b:11:64:eb:87:9b:2a:89:7a:40:8b:94:
0c:b5:ac:98:90:39:04:3f:87:95:28:e3:73:c3:7b:40:99:b8:
36:7b:a3:3c:ef:83:79:3b:85:4b:20:6d:f8:73:53:4b:d3:3b:
a2:25:49:05:e0:eb:74:fa:67:df:65:ba:e9:61:e2:3d:7b:fd:
f9:6a:2b:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUICMPKDh2XjQLp6If3udHOF3uNKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTQwMDAwMDBaFw0yNDA3MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZDk0ZTBhY2Y3NGE5NWMyOGQ2ZTc0NWJlNzI1ZDZlYTVlZDNiZGY2NTM1
OWYxYjU3NzZlNmExMTRlNTdlNzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWu+61kxr7WOyIetIvgxaxZkHCk9qaaIhz7tJP9Tpb80zgLzgsQS9LKGNRv
AcBTfXNKz4owsUlgHlaIH47h92MCBOC+s8WBLluWYlrJUW8f11qMH1kFrEvK4fEa
vECh4YgvUw00nEE/XgEz6YSwaGTP3JBujgGceNEuJj56f5vJpre1Y82Hi2BfkjRV
zK5zNbKRQ0mVBKIYc63BGe+epMHjFboxOX20P3QBusopkPdruwzKz2hXOYnfqShZ
nsoeHoVV0NKHxWyz/Hl0qY4rVHCVCI2viScVOmMYNPRtrh3bugvchjtoksx39F05
QHVfRcEH3yL49bBANEDcgyv3rXUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7dooh
/Iv2x9JR/Q1WzO3hciDrxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCkuZ7Z+pviAR2y8deR0oy/cMp6wnI5xoxoEKZD6fL8
8smamSrlBdOBy/pYZlgdTclaKEbYcD6pSm/Jf5wH32Zlex4MAXnQKvbxBH2d1CnG
0Qnx1kaxZakTPXWuYEu6V916ybmpZfAmYFZ06VsS8GmVD2c1Pvq7WXTf88q6E4cd
5vJcL6ZJv5bdDq8tfo6kh8YgscbUqOu+IUhLt+5JoG1CCj0b0mSvJZ8pPnFUpy3r
+Z+aaD3mUC77nS4rEWTrh5sqiXpAi5QMtayYkDkEP4eVKONzw3tAmbg2e6M874N5
O4VLIG34c1NL0zuiJUkF4Ot0+mffZbrpYeI9e/35ais4
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org