Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c6e5629f-2225-4c0c-962b-6950ec611f11.roa
File: c6e5629f-2225-4c0c-962b-6950ec611f11.roa (raw, json)
Hash identifier: AXZHHVDqH+mTFbZCEv5H2fkZvri5/Dn88VrkCLiAvhg=
Subject key identifier: 6F:60:1A:51:A5:85:17:AB:2B:A6:F9:69:F5:0A:7E:CE:24:AC:05:57
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6DD3F822705ED28033357A5F73FBC477B373D601
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c6e5629f-2225-4c0c-962b-6950ec611f11.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:d3:f8:22:70:5e:d2:80:33:35:7a:5f:73:fb:c4:77:b3:73:d6:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=732ca518f17b4e21b9b64144144b3dbe9e839c9c3a147fe20ce077c06b18d2aa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:16:02:45:b7:60:11:ef:fd:0d:e8:36:bd:5d:
58:8a:93:c0:95:82:e3:e4:a2:65:7f:34:26:87:09:
4c:26:13:92:bc:1a:0c:2d:ba:64:d3:ea:34:a7:c2:
2e:0b:c3:d0:8b:0e:a2:27:e8:3f:06:0c:c7:51:9e:
7b:a2:ef:62:c5:1b:b5:97:dc:0a:e8:86:d3:45:02:
3c:25:e3:ac:32:20:1b:c3:11:8a:0d:2d:bc:aa:31:
d4:ba:fe:f9:9a:23:79:1f:c3:6a:d8:e4:69:88:01:
e4:14:85:f1:a6:40:28:b0:97:44:f9:8e:e5:ac:44:
66:df:f4:1f:1a:10:15:0f:e5:f8:83:85:4a:7b:cc:
ae:e7:58:70:66:78:c1:12:4d:34:a7:63:b6:89:32:
63:4f:cb:ef:a5:5b:48:b7:68:8b:bb:7c:eb:84:31:
02:73:9e:ab:9d:47:12:c7:2e:60:f6:30:9a:d2:4f:
12:32:72:d3:1e:d0:ac:59:27:fe:f5:6d:f8:8a:21:
a3:44:8f:68:ff:52:ba:59:a8:68:4c:6f:50:14:f6:
b1:ed:5b:63:d2:92:7a:06:2b:23:7c:1e:75:bf:46:
f4:3c:c1:c9:8b:72:f5:37:6f:04:a8:84:47:3b:aa:
4d:de:18:27:49:09:1c:43:b5:a1:4e:1b:ad:da:fc:
12:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:60:1A:51:A5:85:17:AB:2B:A6:F9:69:F5:0A:7E:CE:24:AC:05:57
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c6e5629f-2225-4c0c-962b-6950ec611f11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c6:c1:c0:27:78:83:5d:85:32:c7:8c:4a:9f:eb:d3:7d:8f:9b:
f0:b7:03:b9:ad:dc:ba:39:d1:bf:91:e9:fb:89:fa:cb:49:a8:
16:a8:ab:a5:32:66:9f:6e:22:36:40:91:be:e2:cb:58:15:66:
83:5b:73:62:76:f7:60:d0:bd:d6:44:46:ca:34:9b:43:a2:7d:
f4:04:17:d0:ab:f6:dd:db:10:fd:0f:e9:d8:54:f5:90:c3:2d:
ac:77:6a:2f:1c:66:fa:34:bc:bf:ab:ac:93:e5:f1:51:5a:95:
eb:bd:ea:bd:0b:d1:cd:00:54:67:39:5e:03:0a:a6:0e:7d:43:
07:dd:d8:fc:9a:f9:f9:be:9c:21:15:a9:cf:fc:7e:c4:ea:4d:
d1:82:e1:e2:46:ee:6b:1f:3b:c3:1f:6b:d0:09:49:6a:d5:f2:
09:52:38:5d:3c:47:d6:33:0e:43:d0:4e:e2:2a:fb:db:cb:ce:
be:01:e7:0b:76:a7:86:f3:e7:f6:1c:7a:66:d9:af:62:59:2e:
40:89:f5:83:da:97:d9:ae:74:03:27:e3:c4:27:ba:26:d5:75:
e8:c4:5f:b6:6f:cd:f1:64:07:51:f0:d5:79:a1:34:37:bc:84:
7c:52:32:4a:25:5b:cd:01:8d:30:fe:50:27:b1:75:49:46:37:
88:e1:43:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbdP4InBe0oAzNXpfc/vEd7Nz1gEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMmNhNTE4ZjE3YjRlMjFiOWI2NDE0NDE0NGIzZGJlOWU4MzljOWMzYTE0
N2ZlMjBjZTA3N2MwNmIxOGQyYWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0WAkW3YBHv/Q3oNr1dWIqTwJWC4+SiZX80JocJTCYTkrwaDC26ZNPqNKfC
LgvD0IsOoifoPwYMx1Gee6LvYsUbtZfcCuiG00UCPCXjrDIgG8MRig0tvKox1Lr+
+ZojeR/DatjkaYgB5BSF8aZAKLCXRPmO5axEZt/0HxoQFQ/l+IOFSnvMrudYcGZ4
wRJNNKdjtokyY0/L76VbSLdoi7t864QxAnOeq51HEscuYPYwmtJPEjJy0x7QrFkn
/vVt+Ioho0SPaP9SulmoaExvUBT2se1bY9KSegYrI3wedb9G9DzByYty9TdvBKiE
RzuqTd4YJ0kJHEO1oU4brdr8Em0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRvYBpR
pYUXqyum+Wn1Cn7OJKwFVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzZlNTYyOWYtMjIyNS00YzBjLTk2MmItNjk1MGVjNjExZjExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQDGwcAneINdhTLHjEqf69N9j5vwtwO5rdy6OdG/ken7
ifrLSagWqKulMmafbiI2QJG+4stYFWaDW3Nidvdg0L3WREbKNJtDon30BBfQq/bd
2xD9D+nYVPWQwy2sd2ovHGb6NLy/q6yT5fFRWpXrveq9C9HNAFRnOV4DCqYOfUMH
3dj8mvn5vpwhFanP/H7E6k3RguHiRu5rHzvDH2vQCUlq1fIJUjhdPEfWMw5D0E7i
Kvvby86+AecLdqeG8+f2HHpm2a9iWS5AifWD2pfZrnQDJ+PEJ7om1XXoxF+2b83x
ZAdR8NV5oTQ3vIR8UjJKJVvNAY0w/lAnsXVJRjeI4UO6
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org