Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ab6975-6f0b-4ac3-882f-29a8794b713d.roa
File: 88ab6975-6f0b-4ac3-882f-29a8794b713d.roa (raw, json)
Hash identifier: Co+F69AQCWwgNw5prhMIAd3w0b5vM6/QMmdSnEKwWds=
Subject key identifier: F7:F0:13:F7:86:FF:DF:07:11:54:76:F9:C4:F9:E6:8F:B5:B9:98:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A29883112BD1D9418F04E2188B7D8BE7D1193EC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ab6975-6f0b-4ac3-882f-29a8794b713d.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.24.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:29:88:31:12:bd:1d:94:18:f0:4e:21:88:b7:d8:be:7d:11:93:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=2b23f9dadbb927fcb2cf242843f64448c5c46309bbd15b9d4f37b48089e2115e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:26:14:74:a0:4a:6f:20:8a:e8:be:4a:d1:0a:
5d:77:cb:a1:97:a5:4d:54:e6:a0:44:dd:27:03:04:
5e:cd:78:c0:b8:45:98:18:b0:40:06:4d:6c:f0:f8:
a2:af:8d:cb:57:5b:f2:28:45:c1:5a:d6:5c:0c:f3:
71:82:d9:90:40:4c:49:0e:f2:d8:e1:58:20:1f:8d:
46:41:30:e1:ea:5e:2d:67:df:f7:62:64:c2:59:b1:
53:42:0e:9e:89:a1:dd:44:ce:7b:72:e5:e8:75:86:
b3:d8:be:29:8a:ad:68:8d:1e:26:07:74:5a:42:a4:
2b:4a:81:03:60:3a:ea:ae:b6:1c:f7:0e:4f:f5:b5:
f4:31:bf:b7:a9:10:78:2a:96:d7:1c:11:70:e4:b4:
37:68:d5:9e:c7:b4:ac:86:0b:f0:2f:4f:10:b9:39:
b3:b3:2c:6f:8c:a6:be:e9:ec:45:a7:96:86:f6:bb:
46:e9:02:82:40:06:dc:4c:80:e5:61:3c:ac:60:4d:
9e:9d:d3:37:be:cc:62:a4:65:c9:83:5b:43:8e:3a:
ca:df:32:92:a1:2e:a5:f4:2e:a1:a2:8d:3a:1b:89:
e4:f3:c3:31:43:00:f1:96:d2:42:e0:59:f6:66:e2:
02:bc:f4:3f:7e:db:d6:22:5b:05:5b:99:a9:61:76:
17:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F0:13:F7:86:FF:DF:07:11:54:76:F9:C4:F9:E6:8F:B5:B9:98:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ab6975-6f0b-4ac3-882f-29a8794b713d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
a5:82:42:85:63:6e:c5:bc:d3:28:be:24:de:93:e6:aa:38:53:
c4:06:cc:81:03:4d:c2:18:fa:c3:e7:20:98:16:67:63:13:90:
d3:dd:1c:cb:07:b7:9d:e2:d8:08:18:7f:c3:95:49:1d:ef:14:
56:e5:90:dd:5f:01:82:af:c7:ce:35:ba:8b:b9:7f:d6:48:27:
2a:99:06:9c:26:7c:81:c1:3b:7f:a1:f2:a6:af:dc:b4:a6:1f:
a4:36:73:b4:4c:b6:1a:83:ce:05:6b:70:4a:b5:7a:23:84:a7:
84:19:2b:6c:74:18:8e:f6:3d:d8:66:e3:2c:69:c5:02:2b:e5:
24:e2:ab:1b:8a:4d:88:36:93:3e:ef:f8:cc:8b:30:a8:00:af:
60:6a:91:5f:db:51:bf:f4:1e:cb:4a:c0:e6:41:f4:ea:62:65:
67:43:46:f8:3d:78:45:1e:95:9d:35:70:f5:e1:28:3c:a0:fe:
7a:0e:02:d8:99:5e:c6:97:69:0b:ec:86:5e:69:09:87:40:11:
ad:79:82:8c:88:bc:eb:7c:52:da:e0:f0:b1:c4:ec:8d:75:ad:
56:5d:1a:4d:54:30:5c:43:3c:a4:7d:28:b5:b2:7c:84:c7:2c:
c5:d4:bc:b5:63:32:11:35:3b:bb:f6:15:46:58:4e:32:8b:96:
0f:b4:6c:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKimIMRK9HZQY8E4hiLfYvn0Rk+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiMjNmOWRhZGJiOTI3ZmNiMmNmMjQyODQzZjY0NDQ4YzVjNDYzMDliYmQx
NWI5ZDRmMzdiNDgwODllMjExNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkmFHSgSm8giui+StEKXXfLoZelTVTmoETdJwMEXs14wLhFmBiwQAZNbPD4
oq+Ny1db8ihFwVrWXAzzcYLZkEBMSQ7y2OFYIB+NRkEw4epeLWff92JkwlmxU0IO
nomh3UTOe3Ll6HWGs9i+KYqtaI0eJgd0WkKkK0qBA2A66q62HPcOT/W19DG/t6kQ
eCqW1xwRcOS0N2jVnse0rIYL8C9PELk5s7Msb4ymvunsRaeWhva7RukCgkAG3EyA
5WE8rGBNnp3TN77MYqRlyYNbQ446yt8ykqEupfQuoaKNOhuJ5PPDMUMA8ZbSQuBZ
9mbiArz0P37b1iJbBVuZqWF2F28CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT38BP3
hv/fBxFUdvnE+eaPtbmY5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhhYjY5NzUtNmYwYi00YWMzLTg4MmYtMjlhODc5NGI3MTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQClgkKFY27FvNMoviTek+aqOFPEBsyBA03CGPrD5yCY
FmdjE5DT3RzLB7ed4tgIGH/DlUkd7xRW5ZDdXwGCr8fONbqLuX/WSCcqmQacJnyB
wTt/ofKmr9y0ph+kNnO0TLYag84Fa3BKtXojhKeEGStsdBiO9j3YZuMsacUCK+Uk
4qsbik2INpM+7/jMizCoAK9gapFf21G/9B7LSsDmQfTqYmVnQ0b4PXhFHpWdNXD1
4Sg8oP56DgLYmV7Gl2kL7IZeaQmHQBGteYKMiLzrfFLa4PCxxOyNda1WXRpNVDBc
QzykfSi1snyExyzF1Ly1YzIRNTu79hVGWE4yi5YPtGyZ
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org