Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
File: bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa (raw, json)
Hash identifier: YdqGZm8L+cWdPtaDZxA+a3lQohYRDP6KgsxZ26OTghw=
Subject key identifier: D3:66:72:23:E9:F0:2E:22:3C:69:C6:AA:98:37:1B:CE:02:42:6C:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 080C30726EBDE914E81220448C21902C3B691C85
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:0c:30:72:6e:bd:e9:14:e8:12:20:44:8c:21:90:2c:3b:69:1c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=c679d9544667d7de9bd2504898a4291af3242c69785cd6eeb278a8d605546b1a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f7:6b:a5:c3:b1:7f:43:23:2d:a4:c7:88:a2:
eb:35:cc:ae:2a:b8:64:9d:f1:ec:1b:97:25:50:3a:
48:ce:12:96:94:ce:32:f7:90:fe:60:25:d6:26:b6:
4d:5f:79:40:9c:bd:6f:b6:ae:54:dd:26:7f:10:12:
28:35:f3:50:d7:c9:ef:7a:39:8f:fc:09:03:5b:66:
fc:24:b9:93:da:af:6b:ec:82:d6:ad:2e:e8:1e:c1:
ea:bb:d5:51:1c:0a:3c:e4:d3:e7:80:70:cc:a4:8e:
5c:bc:0a:18:9a:ae:c8:7c:5a:7b:e5:22:a4:56:28:
dc:17:16:2d:4e:ff:39:02:7a:89:ec:46:6c:db:79:
2c:56:d7:b0:b8:9e:15:29:70:62:6e:8e:02:68:36:
0c:04:0a:41:7d:7f:28:15:d3:45:4a:36:18:0c:f8:
47:22:ee:df:f6:52:cd:27:55:e0:32:63:7a:dc:40:
4f:ca:31:52:2b:04:ab:21:8e:cf:38:ba:e3:d1:c5:
28:1d:dd:d1:25:37:26:f9:da:fa:ce:7f:cb:0e:f3:
72:09:28:ef:ab:86:cd:20:04:0d:3d:a9:0b:35:5b:
d5:1b:08:9c:ef:d0:95:10:c6:e1:e0:a2:a8:57:51:
0a:ac:23:b7:91:ca:cf:1a:7e:5f:06:35:7c:fa:ff:
8a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:66:72:23:E9:F0:2E:22:3C:69:C6:AA:98:37:1B:CE:02:42:6C:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
03:ef:75:18:3e:1f:ea:27:c4:d3:5a:6c:ef:32:95:3c:53:2d:
24:62:18:20:7e:25:15:a1:4f:93:9a:ca:46:53:29:f2:55:02:
3a:c6:7c:00:96:39:c3:a2:e1:cd:53:1f:1c:7d:e5:8a:b0:95:
f2:8f:88:58:7b:a0:d6:68:0a:80:e3:1d:69:58:9d:8c:96:d2:
b4:a6:a4:ff:f5:c3:2b:eb:4a:9d:5b:74:3a:c7:9a:0b:f9:2d:
4d:8b:a8:5c:f4:d6:bb:50:2d:4a:d7:44:8d:7b:af:6e:b0:f4:
46:af:e9:a4:88:cc:ed:64:63:7f:66:e8:ce:78:22:8c:e1:f5:
66:71:b1:b2:00:cd:59:1d:6c:e4:3a:4e:4a:6a:12:6a:c5:24:
3f:00:0e:7b:e6:62:d6:50:14:4b:1c:b7:69:6b:ac:9c:8b:30:
ed:fa:8f:e5:30:c9:12:81:2b:7e:6f:e5:e4:72:08:2f:e3:0d:
49:6e:75:0e:8f:4e:62:0e:fd:46:7d:e8:18:8c:94:c2:33:bc:
ae:bd:d4:8c:71:6b:44:37:1a:56:31:3b:05:62:1e:50:b6:1f:
54:62:26:ba:74:7e:f0:31:19:b8:28:11:af:a1:2c:3b:8f:2c:
3d:19:1f:7d:2f:b5:3d:70:3d:34:67:03:ea:a6:01:d8:14:d6:
a8:69:d9:eb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCAwwcm696RToEiBEjCGQLDtpHIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGM2NzlkOTU0NDY2N2Q3ZGU5YmQyNTA0ODk4YTQyOTFhZjMyNDJjNjk3ODVj
ZDZlZWIyNzhhOGQ2MDU1NDZiMWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJb3a6XDsX9DIy2kx4ii6zXMriq4ZJ3x7BuXJVA6SM4SlpTOMveQ/mAl1ia2
TV95QJy9b7auVN0mfxASKDXzUNfJ73o5j/wJA1tm/CS5k9qva+yC1q0u6B7B6rvV
URwKPOTT54BwzKSOXLwKGJquyHxae+UipFYo3BcWLU7/OQJ6iexGbNt5LFbXsLie
FSlwYm6OAmg2DAQKQX1/KBXTRUo2GAz4RyLu3/ZSzSdV4DJjetxAT8oxUisEqyGO
zzi649HFKB3d0SU3Jvna+s5/yw7zcgko76uGzSAEDT2pCzVb1RsInO/QlRDG4eCi
qFdRCqwjt5HKzxp+XwY1fPr/igkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTTZnIj
6fAuIjxpxqqYNxvOAkJs6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmMyZjRmOWYtNjJhYi00ZDUzLTg5NWMtMjI0NjlmNWNiZWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQAD73UYPh/qJ8TTWmzvMpU8Uy0kYhggfiUVoU+TmspG
UynyVQI6xnwAljnDouHNUx8cfeWKsJXyj4hYe6DWaAqA4x1pWJ2MltK0pqT/9cMr
60qdW3Q6x5oL+S1Ni6hc9Na7UC1K10SNe69usPRGr+mkiMztZGN/ZujOeCKM4fVm
cbGyAM1ZHWzkOk5KahJqxSQ/AA575mLWUBRLHLdpa6ycizDt+o/lMMkSgSt+b+Xk
cggv4w1JbnUOj05iDv1GfegYjJTCM7yuvdSMcWtENxpWMTsFYh5Qth9UYia6dH7w
MRm4KBGvoSw7jyw9GR99L7U9cD00ZwPqpgHYFNaoadnr
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org