Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
File: b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa (raw, json)
Hash identifier: mBgdZvf1F5zhtYOjclC1GXrGk34+yYhOzBsjJOsI+Ro=
Subject key identifier: C0:6A:6B:02:20:29:AA:BC:A3:8F:A7:84:8E:B4:C6:BF:67:FE:88:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B63EDCEF8BF959D0CE79CCDEDD86B6BB075E8E2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:63:ed:ce:f8:bf:95:9d:0c:e7:9c:cd:ed:d8:6b:6b:b0:75:e8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=7b291500b86d24a9d374db5fd30e40b635694bf41f1bc9375841faa0d3ba3757, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:c3:69:73:38:97:46:2f:8a:1a:55:5c:3e:
ad:bf:e3:92:1c:83:05:0c:cd:a1:a8:08:f7:b2:e9:
5b:68:95:68:e2:32:a4:57:a4:eb:a9:c8:07:6d:2b:
ad:cd:a4:96:4d:ff:20:09:55:d6:53:2e:9e:88:7f:
76:a9:2d:cb:e7:ce:4c:43:cd:44:19:fe:af:d4:2c:
0c:71:1a:60:80:f0:5c:39:98:2e:3f:66:98:58:61:
32:0d:fe:70:c5:4b:5f:23:3b:4a:27:9b:c4:68:7a:
1f:e1:15:77:4e:ff:fc:ff:69:6f:23:d4:7b:f7:af:
c4:35:71:43:eb:98:c7:b7:d2:8a:30:ed:82:0d:a6:
25:23:bf:3c:91:97:2c:d4:48:73:f8:19:aa:bd:45:
8d:03:87:20:8c:ef:e2:cf:ad:b6:50:b8:f9:2e:9c:
84:3d:67:98:0a:51:14:a1:78:ad:c0:4e:c6:5a:85:
e5:af:90:86:df:5a:65:64:54:82:7f:ee:77:a3:c7:
db:17:8d:64:61:02:13:aa:9e:78:a8:c3:42:e8:db:
56:1b:e4:3d:eb:5b:ff:f6:89:4b:92:ce:51:fd:b1:
43:08:74:5b:fd:03:8d:93:b5:bc:e1:67:f2:2f:0e:
76:f3:6f:6b:a9:86:d5:c4:fa:b7:9d:d2:dc:85:56:
70:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6A:6B:02:20:29:AA:BC:A3:8F:A7:84:8E:B4:C6:BF:67:FE:88:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
05:2b:b2:22:7e:26:22:28:1a:e4:67:ea:a9:73:bd:e8:de:eb:
a6:a4:f6:08:d1:57:fe:a1:35:84:75:11:be:4c:c9:b4:17:ed:
0a:5d:29:e8:9b:27:21:7c:72:55:fa:c4:5a:94:a3:9b:72:3f:
47:3a:1f:34:53:b2:b0:f0:eb:98:36:92:96:94:85:3d:8d:3b:
73:01:8b:08:cc:a9:39:17:f8:7a:cd:30:c1:ff:dd:05:03:cb:
08:f9:83:ec:6d:32:8d:71:5c:80:f2:de:08:15:6a:97:de:e4:
f3:35:06:19:a4:bd:38:60:6c:b5:b0:c7:39:fc:4a:b7:e6:26:
f3:90:61:b0:66:68:4b:a3:1a:f4:b3:49:3f:85:73:b6:10:8d:
3f:fd:84:c0:55:d5:d6:22:79:ff:22:f3:6a:df:ae:93:49:36:
78:f5:63:72:28:83:aa:b7:e8:12:49:a9:aa:d4:07:92:60:9b:
cf:54:fc:3f:01:ba:7b:25:ac:e0:cb:ef:04:c7:ae:7f:db:28:
73:7b:b9:4e:e2:68:51:e3:5f:b2:45:ad:86:c2:18:72:fb:ea:
f8:ae:0c:8f:46:23:9e:07:e8:27:18:0e:64:8d:85:d2:08:b7:
d8:62:35:f8:16:47:8d:2c:a6:cb:63:f1:2d:65:c3:16:5b:4d:
5b:51:65:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO2Ptzvi/lZ0M55zN7dhra7B16OIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiMjkxNTAwYjg2ZDI0YTlkMzc0ZGI1ZmQzMGU0MGI2MzU2OTRiZjQxZjFi
YzkzNzU4NDFmYWEwZDNiYTM3NTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV1w2lzOJdGL4oaVVw+rb/jkhyDBQzNoagI97LpW2iVaOIypFek66nIB20r
rc2klk3/IAlV1lMunoh/dqkty+fOTEPNRBn+r9QsDHEaYIDwXDmYLj9mmFhhMg3+
cMVLXyM7SiebxGh6H+EVd07//P9pbyPUe/evxDVxQ+uYx7fSijDtgg2mJSO/PJGX
LNRIc/gZqr1FjQOHIIzv4s+ttlC4+S6chD1nmApRFKF4rcBOxlqF5a+Qht9aZWRU
gn/ud6PH2xeNZGECE6qeeKjDQujbVhvkPetb//aJS5LOUf2xQwh0W/0DjZO1vOFn
8i8OdvNva6mG1cT6t53S3IVWcO0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTAamsC
ICmqvKOPp4SOtMa/Z/6IhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjU0MGU1OWQtYmZkMi00YTcyLTliYjAtMzdlODQ4ZDQxY2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQAFK7IifiYiKBrkZ+qpc73o3uumpPYI0Vf+oTWEdRG+
TMm0F+0KXSnomychfHJV+sRalKObcj9HOh80U7Kw8OuYNpKWlIU9jTtzAYsIzKk5
F/h6zTDB/90FA8sI+YPsbTKNcVyA8t4IFWqX3uTzNQYZpL04YGy1sMc5/Eq35ibz
kGGwZmhLoxr0s0k/hXO2EI0//YTAVdXWInn/IvNq366TSTZ49WNyKIOqt+gSSamq
1AeSYJvPVPw/Abp7Jazgy+8Ex65/2yhze7lO4mhR41+yRa2Gwhhy++r4rgyPRiOe
B+gnGA5kjYXSCLfYYjX4FkeNLKbLY/EtZcMWW01bUWUJ
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org