Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: ao8HQV9tXZew70oPqzS1HEobBR6VVs06n/SoBhAZQuI=
Subject key identifier: 7E:9F:65:4D:81:20:B0:97:06:21:BB:2A:7B:6D:ED:A3:F8:B6:B4:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C53143C97D195A3088FB1B2498506F8FCEEFC92
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:53:14:3c:97:d1:95:a3:08:8f:b1:b2:49:85:06:f8:fc:ee:fc:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=ea9097348762b47a15cd991f8428b06a803262b98a04168c5574c16adc7c04a4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:18:48:19:f5:7c:e8:0d:42:72:9d:37:d1:9f:
2e:22:fd:1a:de:6a:cd:38:d9:fc:81:d6:fa:c1:81:
24:97:7a:02:64:be:61:5b:50:77:02:66:b8:e7:d6:
61:2f:e0:93:64:41:95:ce:46:28:0e:30:ad:87:24:
8f:89:49:23:8c:44:0c:29:d4:f1:fe:da:c3:82:4a:
db:13:cf:a7:34:2d:8a:e0:21:d1:49:e4:39:60:82:
e8:99:45:3d:91:84:0a:f1:87:b0:e3:68:83:47:91:
10:8c:76:92:44:89:12:03:13:ef:72:79:a1:5c:11:
7d:1e:a0:4f:56:fc:06:d5:69:33:67:5a:c0:5a:cb:
56:6e:a7:0b:0e:38:01:d4:4a:a4:4d:62:c2:e0:8d:
e5:e5:49:88:dd:88:4f:0a:7c:dc:5c:48:30:e2:bb:
4c:7e:04:eb:2b:ef:83:69:31:8f:9c:12:95:ba:08:
0b:c4:0f:26:81:c6:80:37:a6:3b:5f:18:ca:5a:23:
c0:1c:22:8f:d5:e9:a6:6f:aa:5f:ad:21:75:62:db:
1e:95:8d:00:b8:4a:aa:d3:ed:d9:09:a0:a8:79:d3:
32:95:27:19:1a:5d:f2:dc:d3:fe:f6:a5:68:2e:dc:
b2:db:d2:c0:89:1f:e9:3d:9d:3c:d7:2d:e0:80:2f:
9a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:9F:65:4D:81:20:B0:97:06:21:BB:2A:7B:6D:ED:A3:F8:B6:B4:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b6:25:63:8e:0b:e6:1d:fe:68:82:81:63:40:b7:d1:27:98:82:
ed:b1:7f:a9:e1:09:e7:0f:25:26:a9:5b:e3:c7:99:d3:b8:bd:
21:37:8e:e1:b5:e8:0a:0d:5e:96:c2:35:b7:27:d5:34:76:4a:
17:3e:05:07:b4:05:46:8a:53:68:14:3c:c9:f2:a7:16:ef:53:
dd:ab:b7:1c:72:73:dd:50:e8:80:52:e4:3c:ce:0f:ea:e2:ff:
6d:b1:47:55:c8:96:2e:0b:4f:09:44:fc:c5:52:27:aa:17:71:
41:0e:fe:cb:0f:d9:93:30:3a:b8:02:47:7d:93:16:8f:46:71:
b7:61:94:c0:e4:7f:33:df:0c:d8:e9:49:82:1c:41:66:40:73:
36:60:0c:ec:03:50:0d:20:23:6d:74:be:7e:df:5e:3b:b0:09:
3e:ce:79:d6:84:50:e5:b5:ab:e3:48:16:a4:ef:31:02:24:bc:
08:c6:95:92:68:47:0a:5a:85:97:b7:5e:b1:c5:0b:67:3f:7b:
d3:f3:1d:db:88:02:4a:b8:ef:d8:64:2a:c7:1f:26:b4:75:1c:
48:81:b6:af:1c:e5:28:53:a0:4b:3e:2a:30:f0:91:f9:43:53:
ea:c2:5e:18:c4:63:0b:d2:8a:63:7d:4f:e4:b3:20:86:0e:14:
2d:23:0d:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHFMUPJfRlaMIj7GySYUG+Pzu/JIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhOTA5NzM0ODc2MmI0N2ExNWNkOTkxZjg0MjhiMDZhODAzMjYyYjk4YTA0
MTY4YzU1NzRjMTZhZGM3YzA0YTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoYSBn1fOgNQnKdN9GfLiL9Gt5qzTjZ/IHW+sGBJJd6AmS+YVtQdwJmuOfW
YS/gk2RBlc5GKA4wrYckj4lJI4xEDCnU8f7aw4JK2xPPpzQtiuAh0UnkOWCC6JlF
PZGECvGHsONog0eREIx2kkSJEgMT73J5oVwRfR6gT1b8BtVpM2dawFrLVm6nCw44
AdRKpE1iwuCN5eVJiN2ITwp83FxIMOK7TH4E6yvvg2kxj5wSlboIC8QPJoHGgDem
O18YylojwBwij9Xppm+qX60hdWLbHpWNALhKqtPt2QmgqHnTMpUnGRpd8tzT/val
aC7cstvSwIkf6T2dPNct4IAvmp0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR+n2VN
gSCwlwYhuyp7be2j+La0+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQC2JWOOC+Yd/miCgWNAt9EnmILtsX+p4QnnDyUmqVvj
x5nTuL0hN47htegKDV6WwjW3J9U0dkoXPgUHtAVGilNoFDzJ8qcW71Pdq7cccnPd
UOiAUuQ8zg/q4v9tsUdVyJYuC08JRPzFUieqF3FBDv7LD9mTMDq4Akd9kxaPRnG3
YZTA5H8z3wzY6UmCHEFmQHM2YAzsA1ANICNtdL5+3147sAk+znnWhFDltavjSBak
7zECJLwIxpWSaEcKWoWXt16xxQtnP3vT8x3biAJKuO/YZCrHHya0dRxIgbavHOUo
U6BLPiow8JH5Q1Pqwl4YxGML0opjfU/ksyCGDhQtIw0R
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org