Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: v0KEhRNxWIN7ZNb0hmzkWzupBDjQwE1n3lTbTICUi8I=
Subject key identifier: A0:11:73:17:D0:3D:6C:53:FA:6F:60:87:A8:16:DB:A6:0C:0A:59:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 42DB743BA104910826868034441E32643627375A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:db:74:3b:a1:04:91:08:26:86:80:34:44:1e:32:64:36:27:37:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=efb355c85a13693beb9e981473c06cd82e4c309369444b6c5ad7dea35f0f9748, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:23:2b:29:f2:84:2a:9b:6c:41:88:ba:a0:e9:
48:b4:0f:57:ad:e8:2b:62:fc:f6:4b:c0:8e:69:1e:
fb:79:57:8a:bc:8f:bf:7a:b8:a2:4c:a2:86:29:a6:
4d:34:d3:05:aa:b5:b1:84:fe:66:f2:26:1a:f6:f5:
a8:80:21:66:72:5c:e3:4a:9f:73:66:10:06:22:e3:
90:48:5b:d5:d0:cb:3a:ee:0d:1a:68:28:2f:0a:9b:
1e:20:fc:11:76:e6:69:6a:97:dd:81:ac:aa:56:df:
c1:4b:97:58:d8:d7:76:51:cb:ce:c1:5f:5b:4e:0a:
0d:7a:75:f6:b4:78:83:d7:51:90:8b:6c:0c:49:d9:
c6:a9:5b:43:99:bc:11:c7:e9:e1:cc:1c:41:2d:87:
28:a2:2b:13:9c:fa:7b:ae:92:ae:9f:c7:15:e7:da:
a1:12:43:6e:0d:b6:6d:c7:93:8c:40:48:9e:57:a0:
d0:fb:4b:b9:ce:52:ba:b1:d3:ad:70:00:5f:71:29:
ff:5b:44:dc:1f:da:0b:fe:87:0c:63:1f:18:c1:c3:
13:eb:cb:e1:ce:fc:87:3b:ec:88:86:7f:ab:7b:78:
df:93:bd:2e:f5:97:57:43:8f:e1:56:b2:e6:a8:da:
6a:bb:59:27:5f:99:fc:db:5a:ee:e5:0d:c7:d1:93:
5c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:11:73:17:D0:3D:6C:53:FA:6F:60:87:A8:16:DB:A6:0C:0A:59:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:e7:60:f2:bf:f3:36:66:1c:02:99:14:68:c7:21:4f:cd:33:
66:25:a8:25:8d:b4:ed:77:2e:8a:58:c3:4e:21:d5:64:4e:19:
0d:98:be:c0:75:b6:70:41:d2:fe:59:28:d1:5a:3d:66:e3:45:
10:7a:b1:3d:ff:2b:9c:df:9b:30:d6:7f:1b:52:5b:e1:8e:7a:
83:ed:00:90:d9:53:b4:74:2f:cf:55:39:0b:d1:90:13:12:51:
55:03:ac:5e:c7:10:a7:d0:4d:2c:83:0e:a9:ce:63:73:23:02:
d9:0a:54:a8:7d:16:4a:77:23:ea:71:b0:ef:2e:69:ac:f0:3d:
49:f9:a9:35:a2:8a:30:36:49:96:66:c5:36:1d:fa:47:cf:84:
8c:ba:90:f9:24:a7:26:81:c5:33:c3:c8:93:a7:cd:96:46:ea:
cc:4f:75:33:86:38:fd:61:8c:9a:05:e8:f3:7e:80:92:34:24:
0a:3c:4c:2f:7d:34:f1:d6:eb:3e:c9:93:e2:0c:7e:4a:9e:75:
e3:9d:a4:48:91:63:be:18:05:29:85:b9:19:43:35:8f:e1:c5:
9a:76:bf:cf:b6:0d:5a:d3:b0:0f:9d:6e:3d:75:11:f5:de:df:
95:11:0e:28:ae:a6:e0:ea:8a:d0:a0:14:f9:19:19:f5:fe:8a:
b0:43:55:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQtt0O6EEkQgmhoA0RB4yZDYnN1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmYjM1NWM4NWExMzY5M2JlYjllOTgxNDczYzA2Y2Q4MmU0YzMwOTM2OTQ0
NGI2YzVhZDdkZWEzNWYwZjk3NDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4jKynyhCqbbEGIuqDpSLQPV63oK2L89kvAjmke+3lXiryPv3q4okyihimm
TTTTBaq1sYT+ZvImGvb1qIAhZnJc40qfc2YQBiLjkEhb1dDLOu4NGmgoLwqbHiD8
EXbmaWqX3YGsqlbfwUuXWNjXdlHLzsFfW04KDXp19rR4g9dRkItsDEnZxqlbQ5m8
Ecfp4cwcQS2HKKIrE5z6e66Srp/HFefaoRJDbg22bceTjEBInleg0PtLuc5SurHT
rXAAX3Ep/1tE3B/aC/6HDGMfGMHDE+vL4c78hzvsiIZ/q3t435O9LvWXV0OP4Vay
5qjaartZJ1+Z/Nta7uUNx9GTXEMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSgEXMX
0D1sU/pvYIeoFtumDApZ6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQCM52Dyv/M2ZhwCmRRoxyFPzTNmJagljbTtdy6KWMNO
IdVkThkNmL7AdbZwQdL+WSjRWj1m40UQerE9/yuc35sw1n8bUlvhjnqD7QCQ2VO0
dC/PVTkL0ZATElFVA6xexxCn0E0sgw6pzmNzIwLZClSofRZKdyPqcbDvLmms8D1J
+ak1ooowNkmWZsU2HfpHz4SMupD5JKcmgcUzw8iTp82WRurMT3Uzhjj9YYyaBejz
foCSNCQKPEwvfTTx1us+yZPiDH5KnnXjnaRIkWO+GAUphbkZQzWP4cWadr/Ptg1a
07APnW49dRH13t+VEQ4orqbg6orQoBT5GRn1/oqwQ1U/
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org