Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
File: 93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa (raw, json)
Hash identifier: ARbU6CXWltnbFS3smtyDA2vSp0CGmA7daFc4EI3eojk=
Subject key identifier: CC:B3:41:D5:BC:3E:6D:36:AA:E6:7B:9E:A3:20:10:DB:97:02:D0:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E506DCA607EFC9E1C541898A1C56285B6A5B663
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:50:6d:ca:60:7e:fc:9e:1c:54:18:98:a1:c5:62:85:b6:a5:b6:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=26c5119e94c153983367a8a45dc55f9e119c121fb0dfd7689d1bb432de680da2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:41:ea:06:1c:a6:ab:d8:14:80:f3:3a:02:b6:
98:a4:88:34:5a:56:7d:dd:b7:22:83:9d:1c:c0:92:
53:75:0a:6f:06:6f:33:aa:81:6d:e3:df:75:23:51:
34:ad:ed:7e:a8:9c:49:d0:08:41:6b:2b:a3:c4:8b:
5b:33:93:0b:82:6a:3d:f3:b6:8a:15:bc:68:95:67:
0c:67:dd:e3:ff:fb:94:11:e3:05:b6:e0:14:eb:b8:
36:e8:f9:6f:06:16:81:2f:1d:98:30:3d:dd:3e:4b:
b2:9b:74:cb:9d:59:a2:cb:d1:e3:be:f5:f2:a1:7e:
38:62:15:6d:c2:62:4d:b8:f6:cc:6d:99:a5:9d:15:
dc:c1:42:be:60:1d:6d:8d:5f:5d:c7:97:4a:e0:53:
11:b7:d1:6e:47:a8:b4:e3:4c:b9:16:37:7c:6e:d6:
36:f4:19:f2:58:46:14:8e:39:d9:a3:5a:92:22:0a:
3b:86:09:24:82:77:51:c8:9e:ab:e3:23:b6:16:a0:
79:ef:c8:92:2d:8c:cf:c7:5d:ba:24:c2:8f:34:f3:
49:b0:fb:13:30:50:9a:f3:27:f6:66:aa:c5:38:27:
64:a7:50:df:66:34:e8:e1:29:67:c0:06:11:44:4a:
45:3c:22:f5:ce:41:92:d0:6a:33:5d:7f:fb:39:c4:
69:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B3:41:D5:BC:3E:6D:36:AA:E6:7B:9E:A3:20:10:DB:97:02:D0:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:bb:63:1b:f5:99:ea:71:65:f3:61:44:f2:44:63:7f:29:a9:
e0:1b:2a:04:dc:ad:13:28:8a:be:61:e0:52:40:28:10:3e:83:
c0:97:df:d0:d1:12:39:a6:e1:53:99:d1:f1:e0:16:76:f8:7e:
14:0f:5f:d8:0f:71:5f:af:f6:41:3c:47:03:4a:81:98:57:2e:
5a:3f:bc:44:9b:a7:fb:07:86:36:0c:2e:95:cc:b5:17:8c:47:
b4:3c:fc:93:f4:2d:c9:ad:14:97:3b:56:9f:de:38:77:0d:3f:
24:3c:d9:c1:7b:b0:63:38:0b:36:f3:56:61:6e:42:26:f2:3b:
63:de:42:24:c3:89:64:9f:67:46:9d:53:31:89:9c:8f:04:d9:
7f:9b:58:9a:ec:5a:b6:22:b4:4b:4d:16:bd:17:9f:6b:37:1d:
85:3c:6d:5b:99:2f:06:c1:81:69:2e:b8:7b:d7:b5:92:9a:f6:
09:08:dd:b4:3e:ef:56:41:41:11:19:47:4d:04:c0:c6:bf:45:
42:f0:c5:6d:26:c2:b3:ce:c7:cd:db:52:38:2e:41:5b:8d:37:
22:90:67:cf:62:1f:1c:08:ac:11:48:84:fb:d8:00:46:bd:61:
ca:43:17:0e:03:b2:3f:7a:fc:2e:88:ac:28:6e:0f:eb:34:aa:
d2:e1:e5:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUflBtymB+/J4cVBiYocVihbaltmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2YzUxMTllOTRjMTUzOTgzMzY3YThhNDVkYzU1ZjllMTE5YzEyMWZiMGRm
ZDc2ODlkMWJiNDMyZGU2ODBkYTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNB6gYcpqvYFIDzOgK2mKSINFpWfd23IoOdHMCSU3UKbwZvM6qBbePfdSNR
NK3tfqicSdAIQWsro8SLWzOTC4JqPfO2ihW8aJVnDGfd4//7lBHjBbbgFOu4Nuj5
bwYWgS8dmDA93T5Lspt0y51ZosvR47718qF+OGIVbcJiTbj2zG2ZpZ0V3MFCvmAd
bY1fXceXSuBTEbfRbkeotONMuRY3fG7WNvQZ8lhGFI452aNakiIKO4YJJIJ3Ucie
q+Mjthagee/Iki2Mz8dduiTCjzTzSbD7EzBQmvMn9maqxTgnZKdQ32Y06OEpZ8AG
EURKRTwi9c5BktBqM11/+znEaYECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMs0HV
vD5tNqrme56jIBDblwLQgDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTNmYjhjZjctZWI1Yy00YzIyLTg5YWItMWNhYmY5YzlkNTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQCeu2Mb9ZnqcWXzYUTyRGN/KangGyoE3K0TKIq+YeBS
QCgQPoPAl9/Q0RI5puFTmdHx4BZ2+H4UD1/YD3Ffr/ZBPEcDSoGYVy5aP7xEm6f7
B4Y2DC6VzLUXjEe0PPyT9C3JrRSXO1af3jh3DT8kPNnBe7BjOAs281ZhbkIm8jtj
3kIkw4lkn2dGnVMxiZyPBNl/m1ia7Fq2IrRLTRa9F59rNx2FPG1bmS8GwYFpLrh7
17WSmvYJCN20Pu9WQUERGUdNBMDGv0VC8MVtJsKzzsfN21I4LkFbjTcikGfPYh8c
CKwRSIT72ABGvWHKQxcOA7I/evwuiKwobg/rNKrS4eX2
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org