Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
File: b76b2450-5088-45d4-a9f3-3c0e092919bd.roa (raw, json)
Hash identifier: N1zJKRVXJKywB9ujYURajjUO21g7sydWKdNMYJ5KBiM=
Subject key identifier: 3E:93:33:CC:F1:40:A9:33:04:39:2C:FC:A9:BB:87:19:B7:5B:0D:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E87522E3D47F70FB91BE7E570A5EF7CF66BD696
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.168.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:87:52:2e:3d:47:f7:0f:b9:1b:e7:e5:70:a5:ef:7c:f6:6b:d6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=5a366e10f5c6c0f2c4737ecfc28a42519db63f0031f9cb6f9a2c8032ed00f164, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:e5:26:d6:2e:e3:10:2d:57:5a:bf:8a:20:
9b:d8:5d:c4:74:77:c0:5e:b0:b3:29:bc:3d:ab:c8:
d0:9f:3b:40:3e:fe:b2:d3:3c:65:34:14:e0:80:a9:
8b:57:e1:2b:f9:a5:83:a7:e5:93:46:9a:0e:e2:ee:
d8:aa:4d:62:96:99:fc:c9:88:7d:bd:b3:00:47:e9:
08:a9:91:b3:0a:5d:5e:c5:a6:e6:9c:f6:2a:b0:a0:
da:12:d8:b1:31:f4:4c:fe:76:d9:35:eb:36:5a:c8:
e3:d4:29:ec:12:59:86:af:da:65:b0:38:b3:44:46:
8e:76:7f:4b:54:60:fd:60:a9:74:c2:17:07:74:08:
ce:83:fd:88:d1:7b:ca:e8:8b:ab:e4:0f:f1:34:f1:
33:23:92:c1:a0:0c:c4:b9:09:e0:ec:81:0b:e0:d8:
a2:90:fa:28:35:8f:d2:3e:36:dd:9c:cc:53:f4:67:
68:1c:fd:f8:00:ba:64:c7:7b:ec:94:e9:e2:d8:21:
97:0f:b1:d1:f1:bd:6d:93:56:ac:41:7e:f1:e2:6e:
5e:3e:f4:4f:8e:80:44:0f:41:08:9d:41:dd:ab:e6:
06:45:df:fa:01:1e:c8:3e:5f:71:29:c7:a4:e5:79:
56:df:c0:0d:ad:f3:fe:52:44:f0:b6:59:11:45:48:
29:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:93:33:CC:F1:40:A9:33:04:39:2C:FC:A9:BB:87:19:B7:5B:0D:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7c:9c:e5:f1:a4:71:ac:f6:fe:6e:31:a0:85:52:cf:93:ad:47:
cb:46:9d:62:4f:64:7a:77:e4:a5:fe:da:4a:6a:3d:00:6a:53:
1f:db:2f:b5:f9:2f:5e:fb:ab:84:74:49:76:e8:41:44:32:5c:
7d:6f:25:25:9d:f4:0a:b3:46:1f:3e:6d:04:e8:49:f8:b1:f1:
38:4a:0e:e8:c5:51:22:6f:84:78:b6:19:cb:6e:15:8d:21:df:
17:44:c4:c0:5e:79:a9:19:82:75:e7:b2:12:0e:f5:3b:81:a6:
9e:ad:95:2d:89:b6:7e:59:fa:ef:7c:03:f1:b9:27:b8:3a:38:
1b:9f:55:20:57:76:95:09:02:01:6f:dc:e5:1f:75:97:d2:32:
7f:75:c7:94:97:8d:9b:5f:58:f0:f2:64:3f:33:0b:44:42:eb:
03:80:0d:a8:45:30:f0:a6:90:28:a1:e4:a4:b9:b4:44:44:d3:
40:89:06:c0:4a:a8:38:e1:28:7b:28:26:fd:6a:5e:22:94:c9:
78:33:82:8c:77:6d:aa:e7:1d:6f:87:25:99:cd:4c:14:5d:73:
bf:80:6a:78:11:89:d2:fe:4b:bd:86:d4:7c:7e:bf:0a:ef:bf:
f8:25:5d:c5:01:5b:d4:31:49:1e:4f:70:b7:f4:7c:f1:b5:87:
a6:a0:b1:02
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXodSLj1H9w+5G+flcKXvfPZr1pYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhMzY2ZTEwZjVjNmMwZjJjNDczN2VjZmMyOGE0MjUxOWRiNjNmMDAzMWY5
Y2I2ZjlhMmM4MDMyZWQwMGYxNjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOO5SbWLuMQLVdav4ogm9hdxHR3wF6wsym8PavI0J87QD7+stM8ZTQU4ICp
i1fhK/mlg6flk0aaDuLu2KpNYpaZ/MmIfb2zAEfpCKmRswpdXsWm5pz2KrCg2hLY
sTH0TP522TXrNlrI49Qp7BJZhq/aZbA4s0RGjnZ/S1Rg/WCpdMIXB3QIzoP9iNF7
yuiLq+QP8TTxMyOSwaAMxLkJ4OyBC+DYopD6KDWP0j423ZzMU/RnaBz9+AC6ZMd7
7JTp4tghlw+x0fG9bZNWrEF+8eJuXj70T46ARA9BCJ1B3avmBkXf+gEeyD5fcSnH
pOV5Vt/ADa3z/lJE8LZZEUVIKdsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ+kzPM
8UCpMwQ5LPypu4cZt1sNdzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjc2YjI0NTAtNTA4OC00NWQ0LWE5ZjMtM2MwZTA5MjkxOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQB8nOXxpHGs9v5uMaCFUs+TrUfLRp1iT2R6d+Sl/tpK
aj0AalMf2y+1+S9e+6uEdEl26EFEMlx9byUlnfQKs0YfPm0E6En4sfE4Sg7oxVEi
b4R4thnLbhWNId8XRMTAXnmpGYJ157ISDvU7gaaerZUtibZ+WfrvfAPxuSe4Ojgb
n1UgV3aVCQIBb9zlH3WX0jJ/dceUl42bX1jw8mQ/MwtEQusDgA2oRTDwppAooeSk
ubRERNNAiQbASqg44Sh7KCb9al4ilMl4M4KMd22q5x1vhyWZzUwUXXO/gGp4EYnS
/ku9htR8fr8K77/4JV3FAVvUMUkeT3C39HzxtYemoLEC
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org