Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: sVbZ4YmD4Bw9CS+1W3qhFId0pdtvvKsOtdFq8JCHwHc=
Subject key identifier: 8F:43:6F:5B:6D:3D:38:3C:43:96:03:63:35:EE:FF:B9:8D:E3:C3:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60AF8AC6FC2191F554AFF2591FBF14CA2ADC6FA2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:af:8a:c6:fc:21:91:f5:54:af:f2:59:1f:bf:14:ca:2a:dc:6f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=c0e28a47df987e1877b385d6e54a53896619ff9158528a1539a49b71a27bdcad, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:fe:47:b0:be:2d:9a:22:3f:03:40:fe:0d:
0e:29:a0:4c:ef:b7:12:1d:3e:61:dd:5d:5f:c9:22:
f7:56:f6:fb:19:5b:c7:f6:48:a3:43:34:e7:79:28:
57:9c:35:2b:75:80:6e:3a:d1:50:91:4c:66:19:91:
51:4e:6d:34:50:d3:ce:bd:90:77:67:36:b2:aa:08:
79:d5:9f:de:8d:c2:b8:c2:90:25:01:a1:bf:bf:3f:
6e:a2:a2:72:d9:8a:8c:bd:a1:c8:43:8d:11:d0:2f:
9a:29:02:d3:06:ac:ba:05:30:c7:b2:9b:ad:ca:15:
87:9d:8f:40:36:95:38:67:f0:3b:93:32:52:e6:6a:
e2:df:44:11:9c:61:3e:29:23:d0:6a:82:52:4b:e1:
10:bc:d4:55:ef:ce:e8:90:ac:fc:c6:4b:9c:cf:09:
b9:31:08:02:c3:e2:89:9a:15:70:9b:1c:ea:e4:d2:
88:d7:f8:73:c5:fa:40:b5:42:ae:41:5b:c7:84:00:
ee:ce:38:82:7d:d3:86:8a:9b:51:29:5b:1a:ed:5a:
25:99:d1:fa:14:b9:69:0e:8d:88:62:e7:68:ff:df:
23:19:f1:82:99:25:ca:2e:5e:45:af:68:62:58:11:
37:07:6d:77:ad:c7:04:f7:ed:8c:15:b7:30:99:19:
d9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:43:6F:5B:6D:3D:38:3C:43:96:03:63:35:EE:FF:B9:8D:E3:C3:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:d0:d5:9e:24:cb:53:a1:8c:4f:45:7f:23:24:ca:af:57:fc:
b5:33:b1:dd:cb:24:6f:89:74:76:21:1b:42:f9:11:16:c4:1b:
d7:71:f2:25:98:78:be:cb:91:57:15:69:7f:65:0a:8c:ec:dd:
ae:e1:ee:4e:13:00:d4:da:d4:56:92:3d:7d:b2:45:5f:35:24:
f0:eb:8e:9a:ac:46:24:99:ab:c5:1e:fc:05:3b:69:3f:31:99:
e9:d3:6d:db:23:6f:c3:ca:62:44:25:eb:27:e4:09:17:0c:ba:
49:35:27:8f:23:f4:21:c3:31:70:c5:9b:6a:00:1d:b9:91:45:
55:43:34:de:6d:2f:ea:7b:1f:66:55:05:bc:f9:27:e0:a6:06:
f5:cb:4c:00:bc:8a:9f:64:da:9a:1d:37:2e:db:6b:70:aa:1e:
c3:ad:60:de:0b:48:01:2f:33:b9:92:1e:1a:f4:04:5d:53:a1:
e1:0a:bf:b3:07:a2:90:34:74:71:80:92:e5:2c:24:bf:03:6a:
6b:b9:6e:6d:74:d2:ef:58:82:25:23:05:7b:b6:b0:bf:a3:e5:
76:ee:97:35:bc:0b:9a:f8:91:24:42:cd:67:88:01:8c:08:1e:
9a:cd:e5:7e:0e:5b:1e:74:1d:ed:06:37:1f:bf:ad:21:49:e3:
28:e8:17:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYK+KxvwhkfVUr/JZH78Uyircb6IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwZTI4YTQ3ZGY5ODdlMTg3N2IzODVkNmU1NGE1Mzg5NjYxOWZmOTE1ODUy
OGExNTM5YTQ5YjcxYTI3YmRjYWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDU/kewvi2aIj8DQP4NDimgTO+3Eh0+Yd1dX8ki91b2+xlbx/ZIo0M053ko
V5w1K3WAbjrRUJFMZhmRUU5tNFDTzr2Qd2c2sqoIedWf3o3CuMKQJQGhv78/bqKi
ctmKjL2hyEONEdAvmikC0wasugUwx7KbrcoVh52PQDaVOGfwO5MyUuZq4t9EEZxh
Pikj0GqCUkvhELzUVe/O6JCs/MZLnM8JuTEIAsPiiZoVcJsc6uTSiNf4c8X6QLVC
rkFbx4QA7s44gn3ThoqbUSlbGu1aJZnR+hS5aQ6NiGLnaP/fIxnxgpklyi5eRa9o
YlgRNwdtd63HBPftjBW3MJkZ2S0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSPQ29b
bT04PEOWA2M17v+5jePDYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQBP0NWeJMtToYxPRX8jJMqvV/y1M7HdyyRviXR2IRtC
+REWxBvXcfIlmHi+y5FXFWl/ZQqM7N2u4e5OEwDU2tRWkj19skVfNSTw646arEYk
mavFHvwFO2k/MZnp023bI2/DymJEJesn5AkXDLpJNSePI/QhwzFwxZtqAB25kUVV
QzTebS/qex9mVQW8+Sfgpgb1y0wAvIqfZNqaHTcu22twqh7DrWDeC0gBLzO5kh4a
9ARdU6HhCr+zB6KQNHRxgJLlLCS/A2pruW5tdNLvWIIlIwV7trC/o+V27pc1vAua
+JEkQs1niAGMCB6azeV+DlsedB3tBjcfv60hSeMo6BdD
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org