Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
File: 9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa (raw, json)
Hash identifier: F1oa5aR1bGmEA4YbhrO1MCUvnFMHmt7z/6Y+S6mBHf4=
Subject key identifier: E1:CE:22:1B:74:EB:C0:43:99:E8:DF:67:50:20:AD:5A:4D:74:4C:D1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11D972D6E207C8E8FC5F4A166E7701D5541D9023
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:d9:72:d6:e2:07:c8:e8:fc:5f:4a:16:6e:77:01:d5:54:1d:90:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=f993ab6b3558f782533ecc496a62825d70ff3c4087014f25ef7af98675d23818, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:92:88:49:21:60:bd:46:0f:17:1e:a0:25:
eb:97:a4:20:77:cc:ee:3b:f3:47:73:04:0e:24:8f:
f1:a6:2d:a3:2b:d6:db:24:cb:e6:3f:42:b3:cd:31:
2b:b1:48:fb:bc:60:62:b6:bc:64:da:42:6c:94:02:
b7:5a:6a:d3:34:0b:b1:e7:11:0e:9c:89:d7:28:3a:
00:32:05:72:d2:e9:bc:ca:a5:79:44:a0:90:cb:94:
9f:a7:08:21:d7:13:f9:a0:97:b8:31:78:01:27:71:
be:2d:94:f5:4b:2b:c2:e7:5d:17:fb:0f:84:85:14:
5f:4b:22:44:00:bb:8f:53:00:32:0c:16:e4:30:3f:
f4:3d:6a:89:db:b2:4b:5c:0a:c9:4c:20:36:0d:e7:
89:b6:a1:82:5a:12:4e:38:2d:5a:a2:40:27:bf:7d:
cb:ee:c4:d4:f1:19:47:43:f8:df:77:58:e1:bf:6c:
95:2d:2d:30:69:4d:a4:9d:11:0b:27:99:1d:ca:d2:
db:df:da:e2:4d:d7:27:8a:5e:af:be:5d:77:e4:4c:
a4:f3:c0:20:91:f8:b5:41:86:7d:cb:0c:a9:43:9d:
13:b6:c2:71:4f:8b:8f:2b:8d:a2:51:96:92:4b:66:
a2:0f:1a:68:a1:dc:94:15:97:21:6b:6e:e1:d4:95:
f3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CE:22:1B:74:EB:C0:43:99:E8:DF:67:50:20:AD:5A:4D:74:4C:D1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:4f:73:cf:fe:3b:bd:a7:ad:c1:f9:ee:ca:d5:9c:7c:94:5b:
41:1d:f8:bb:1b:70:ca:76:82:b9:06:ed:da:8f:78:0e:42:2f:
dc:4e:cc:09:6e:dd:ff:3a:64:49:27:af:2a:17:2f:06:dd:fa:
ca:66:4e:1a:23:94:1a:80:2b:58:dc:64:40:3e:d6:af:42:94:
46:25:b3:59:83:83:88:a3:4f:ec:01:d0:83:f3:10:9f:90:3c:
71:80:22:60:03:9d:37:16:79:59:95:2e:34:5c:db:3f:7e:70:
b6:8f:2f:23:47:00:26:12:ed:d9:2a:79:36:e4:61:ce:4a:7a:
3d:14:ff:b3:d4:8a:ab:d5:c1:39:f4:89:eb:79:45:07:ae:d5:
a0:d4:a6:0b:aa:f7:5d:c7:0b:06:a1:d5:70:b6:89:f6:05:76:
1f:0e:1b:a6:7f:8e:fd:90:54:bc:1e:cb:ad:e0:21:d7:01:29:
79:81:94:df:b1:2f:c4:44:92:8f:5d:b3:40:1d:7e:e8:9c:7f:
39:70:43:d9:a4:0d:41:bd:39:ae:82:cd:80:07:09:29:c0:1d:
bc:a9:85:76:c7:28:af:90:d1:61:19:63:a5:ca:bc:a7:ea:9b:
56:92:d7:09:8a:0e:53:49:d3:1a:fe:93:20:1b:eb:f0:70:e4:
9d:01:16:89
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEdly1uIHyOj8X0oWbncB1VQdkCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5OTNhYjZiMzU1OGY3ODI1MzNlY2M0OTZhNjI4MjVkNzBmZjNjNDA4NzAx
NGYyNWVmN2FmOTg2NzVkMjM4MTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1pkohJIWC9Rg8XHqAl65ekIHfM7jvzR3MEDiSP8aYtoyvW2yTL5j9Cs80x
K7FI+7xgYra8ZNpCbJQCt1pq0zQLsecRDpyJ1yg6ADIFctLpvMqleUSgkMuUn6cI
IdcT+aCXuDF4ASdxvi2U9UsrwuddF/sPhIUUX0siRAC7j1MAMgwW5DA/9D1qiduy
S1wKyUwgNg3nibahgloSTjgtWqJAJ799y+7E1PEZR0P433dY4b9slS0tMGlNpJ0R
CyeZHcrS29/a4k3XJ4per75dd+RMpPPAIJH4tUGGfcsMqUOdE7bCcU+LjyuNolGW
kktmog8aaKHclBWXIWtu4dSV830CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThziIb
dOvAQ5no32dQIK1aTXRM0TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU1NjUxMGItNWYxYy00N2Y2LThhNTQtMmVmOWM5NmM1NzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQA6T3PP/ju9p63B+e7K1Zx8lFtBHfi7G3DKdoK5Bu3a
j3gOQi/cTswJbt3/OmRJJ68qFy8G3frKZk4aI5QagCtY3GRAPtavQpRGJbNZg4OI
o0/sAdCD8xCfkDxxgCJgA503FnlZlS40XNs/fnC2jy8jRwAmEu3ZKnk25GHOSno9
FP+z1Iqr1cE59InreUUHrtWg1KYLqvddxwsGodVwton2BXYfDhumf479kFS8Hsut
4CHXASl5gZTfsS/ERJKPXbNAHX7onH85cEPZpA1BvTmugs2ABwkpwB28qYV2xyiv
kNFhGWOlyryn6ptWktcJig5TSdMa/pMgG+vwcOSdARaJ
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:44:40 2024 by rpki-client on console-fra.rpki-client.org