Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: rNv+ynZwNZ2zimFoovfnv5TxK9++RBcX9J9wqbZosd8=
Subject key identifier: A3:97:C6:78:48:FB:5E:CE:80:79:C5:28:D8:9E:F1:52:FB:50:79:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60B852B927AD072468708ECFF802A55DABA776CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:b8:52:b9:27:ad:07:24:68:70:8e:cf:f8:02:a5:5d:ab:a7:76:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=f8c9fa467f11b2b4990d2e344ed409785933e6c33d50b8067813632ea5118687, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c8:22:8b:91:bd:c7:a8:45:74:2c:db:fe:69:
54:9d:0d:b7:83:b3:19:cf:31:35:07:41:a6:33:50:
f5:2a:9c:f0:01:c0:6a:73:55:a8:db:55:a7:ec:61:
c5:87:20:36:e7:29:63:b8:47:64:f9:d0:e3:c5:b8:
f5:58:42:cc:06:e9:a8:0e:6f:19:d2:dc:9f:07:2c:
3e:30:4d:45:de:a4:e0:1f:41:ba:9c:aa:5e:04:44:
fe:8c:bb:82:7b:96:0e:3d:ae:52:29:a4:6e:14:f9:
4c:a0:57:c2:06:2f:5e:92:68:fc:a0:bf:ca:dd:22:
8d:56:55:aa:b4:da:cd:e9:32:43:57:4f:03:d7:42:
76:a0:c3:2c:1b:f0:a2:d6:23:68:3c:db:44:a2:6a:
7b:89:64:a3:54:79:3f:03:90:46:cb:22:c0:e3:8b:
97:bd:99:16:a2:e0:f1:7d:cc:49:24:19:27:4e:41:
6d:8a:d7:54:10:d2:d8:27:08:3e:50:96:a5:39:06:
ac:a6:1e:65:cb:ab:e7:13:b8:71:ff:bc:58:01:00:
fa:73:e8:8a:95:ab:5d:cb:a0:7e:f2:01:89:c8:18:
2a:f1:41:57:46:80:99:d6:4d:ac:49:a4:7b:f4:63:
fc:c6:b1:79:a8:20:ee:8e:21:44:4d:1c:33:09:0e:
9c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:97:C6:78:48:FB:5E:CE:80:79:C5:28:D8:9E:F1:52:FB:50:79:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:06:c5:b1:d7:0a:19:1d:8a:43:e8:4d:52:de:bd:35:58:c3:
d2:b6:0e:19:cc:7e:09:54:aa:08:e1:b3:30:47:55:08:62:bb:
be:5d:d9:2e:24:a7:48:13:86:3e:93:93:d7:0c:1b:8d:31:58:
9a:05:2f:a0:d3:66:6c:aa:2a:57:5b:32:48:72:5f:a6:3f:95:
a0:31:db:47:22:f9:36:b7:c4:0e:31:5c:95:1a:44:4f:a6:c3:
62:ae:e9:27:bb:9c:bd:71:36:8e:a6:81:be:fb:f0:b2:8e:cc:
a9:d1:6f:3f:81:17:7e:e2:ef:4e:3e:6d:72:5d:82:e9:64:df:
21:da:08:de:fc:7a:9b:72:dd:78:0c:ab:27:a7:92:2d:17:7f:
1c:34:26:3f:a2:db:1d:31:98:49:44:d2:a7:d8:dd:5e:95:8b:
29:9e:7b:67:bb:b9:bf:66:f2:dd:46:28:bc:09:20:ba:5e:5f:
bb:67:da:9a:55:d8:a9:34:6c:43:8b:d8:63:a2:47:dd:49:a8:
71:b2:89:6b:d1:70:6d:87:56:3a:34:13:cc:87:1e:64:e2:18:
13:20:4e:4d:e6:ce:f7:db:51:b6:5c:df:89:91:e7:30:0a:8e:
05:50:14:4b:28:22:aa:0b:c7:33:b4:95:a7:d2:30:3b:c8:a2:
02:52:8e:3c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYLhSuSetByRocI7P+AKlXaundswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4YzlmYTQ2N2YxMWIyYjQ5OTBkMmUzNDRlZDQwOTc4NTkzM2U2YzMzZDUw
YjgwNjc4MTM2MzJlYTUxMTg2ODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPIIouRvceoRXQs2/5pVJ0Nt4OzGc8xNQdBpjNQ9Sqc8AHAanNVqNtVp+xh
xYcgNucpY7hHZPnQ48W49VhCzAbpqA5vGdLcnwcsPjBNRd6k4B9BupyqXgRE/oy7
gnuWDj2uUimkbhT5TKBXwgYvXpJo/KC/yt0ijVZVqrTazekyQ1dPA9dCdqDDLBvw
otYjaDzbRKJqe4lko1R5PwOQRssiwOOLl72ZFqLg8X3MSSQZJ05BbYrXVBDS2CcI
PlCWpTkGrKYeZcur5xO4cf+8WAEA+nPoipWrXcugfvIBicgYKvFBV0aAmdZNrEmk
e/Rj/Maxeagg7o4hRE0cMwkOnA8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSjl8Z4
SPtezoB5xSjYnvFS+1B5hDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQBYBsWx1woZHYpD6E1S3r01WMPStg4ZzH4JVKoI4bMw
R1UIYru+XdkuJKdIE4Y+k5PXDBuNMViaBS+g02ZsqipXWzJIcl+mP5WgMdtHIvk2
t8QOMVyVGkRPpsNiruknu5y9cTaOpoG++/Cyjsyp0W8/gRd+4u9OPm1yXYLpZN8h
2gje/Hqbct14DKsnp5ItF38cNCY/otsdMZhJRNKn2N1elYspnntnu7m/ZvLdRii8
CSC6Xl+7Z9qaVdipNGxDi9hjokfdSahxsolr0XBth1Y6NBPMhx5k4hgTIE5N5s73
21G2XN+JkecwCo4FUBRLKCKqC8cztJWn0jA7yKICUo48
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org