Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: Tni/7P/RxmlVy4ezWFaWhrb7ptBXgDqTfdfX9QzEjV4=
Subject key identifier: 67:DE:19:68:FC:CF:29:F0:EC:11:0B:DD:3D:85:D8:C9:BD:5A:55:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 731100F45EF86761565C1688549EB520CCC2BE4C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:11:00:f4:5e:f8:67:61:56:5c:16:88:54:9e:b5:20:cc:c2:be:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=b3b3ebbda952840c391a115b3b11ea8cf372451b15a8ad36fb7e28e1e32d390c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:e9:5e:66:17:82:35:f9:7e:9f:0a:b7:32:
5f:fb:c4:23:2e:45:a6:67:08:31:3b:8e:67:91:e0:
ab:61:4b:31:ce:0c:aa:d8:4c:a4:2e:80:5a:f5:94:
bd:c6:64:5e:a0:ff:38:96:cf:ca:b8:f6:20:fe:47:
1a:3e:9d:ab:62:25:88:1a:83:bd:aa:7e:28:ab:55:
58:39:21:2c:9e:0b:fb:bb:53:58:3a:bb:7a:26:64:
2f:6e:62:d6:3e:b3:56:11:0a:f4:0e:88:a8:93:83:
6d:32:69:32:3a:62:a8:1b:dd:16:e3:a2:6b:a5:e0:
1f:05:62:96:59:ea:0f:01:17:41:91:26:09:2f:93:
b2:ca:db:09:c6:ab:d7:1f:12:d0:02:b2:c8:be:40:
51:c7:ad:51:8f:b4:d3:57:0f:fc:0a:f7:fa:7c:0e:
3b:57:f1:5e:31:69:32:57:75:41:ca:4a:e1:0b:c2:
da:b0:7a:b8:7b:36:23:cb:b6:8a:61:a7:5f:49:ee:
dd:66:d3:ec:41:75:8d:95:a6:90:a6:a1:3d:bc:be:
f5:f3:6e:47:76:aa:a3:30:99:4d:63:d2:9c:15:2c:
fe:15:56:90:bf:3a:36:cb:1a:b4:b4:37:cc:8d:8a:
80:91:51:31:7a:43:70:b9:1a:8d:d4:de:f7:c8:14:
ab:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DE:19:68:FC:CF:29:F0:EC:11:0B:DD:3D:85:D8:C9:BD:5A:55:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:b0:06:f5:f1:f0:4a:e5:7b:79:ae:13:80:c1:fa:02:41:17:
d9:51:6b:c4:c7:54:b3:8b:da:f9:42:aa:e9:b8:e7:de:35:a5:
ba:46:b0:45:cd:c2:ed:61:d5:f8:03:01:16:6a:eb:c1:99:b5:
7b:d1:59:6b:23:6c:65:cf:10:5f:2b:f7:0e:76:8a:87:a4:8d:
2e:0d:1f:52:c7:87:95:d3:6e:9d:3b:ea:56:b4:02:a4:10:82:
f1:cc:26:2c:af:20:a3:e1:a7:7d:2a:4a:f8:c8:d4:5d:94:0e:
0c:b0:d6:01:4e:16:07:3c:d1:a2:c6:03:7e:e9:85:48:8b:01:
d2:d6:a6:44:7a:a3:97:9c:24:c6:2b:3b:43:3b:c4:db:3c:11:
df:99:8e:03:91:5f:22:33:c1:80:fa:f7:5f:f4:5b:d9:59:9d:
a8:3c:eb:ab:21:cd:0d:6a:f6:44:a4:10:21:b5:8e:f5:5c:a9:
e2:eb:2f:e8:59:da:4d:82:aa:f3:54:4d:32:31:23:d4:e8:82:
7d:2c:b2:41:56:8d:7a:6d:f3:8f:3b:ad:2a:3a:6d:04:76:04:
b5:0c:09:80:7c:c6:b3:17:33:b9:2d:35:fd:1b:01:cd:95:59:
cf:7a:2b:12:72:e7:52:61:c5:59:3b:59:5e:fa:86:88:9d:1b:
7d:86:8c:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcxEA9F74Z2FWXBaIVJ61IMzCvkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzYjNlYmJkYTk1Mjg0MGMzOTFhMTE1YjNiMTFlYThjZjM3MjQ1MWIxNWE4
YWQzNmZiN2UyOGUxZTMyZDM5MGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALj96V5mF4I1+X6fCrcyX/vEIy5FpmcIMTuOZ5Hgq2FLMc4MqthMpC6AWvWU
vcZkXqD/OJbPyrj2IP5HGj6dq2IliBqDvap+KKtVWDkhLJ4L+7tTWDq7eiZkL25i
1j6zVhEK9A6IqJODbTJpMjpiqBvdFuOia6XgHwVillnqDwEXQZEmCS+TssrbCcar
1x8S0AKyyL5AUcetUY+001cP/Ar3+nwOO1fxXjFpMld1QcpK4QvC2rB6uHs2I8u2
imGnX0nu3WbT7EF1jZWmkKahPby+9fNuR3aqozCZTWPSnBUs/hVWkL86NssatLQ3
zI2KgJFRMXpDcLkajdTe98gUq+ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRn3hlo
/M8p8OwRC909hdjJvVpV+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQB4sAb18fBK5Xt5rhOAwfoCQRfZUWvEx1Szi9r5Qqrp
uOfeNaW6RrBFzcLtYdX4AwEWauvBmbV70VlrI2xlzxBfK/cOdoqHpI0uDR9Sx4eV
026dO+pWtAKkEILxzCYsryCj4ad9Kkr4yNRdlA4MsNYBThYHPNGixgN+6YVIiwHS
1qZEeqOXnCTGKztDO8TbPBHfmY4DkV8iM8GA+vdf9FvZWZ2oPOurIc0NavZEpBAh
tY71XKni6y/oWdpNgqrzVE0yMSPU6IJ9LLJBVo16bfOPO60qOm0EdgS1DAmAfMaz
FzO5LTX9GwHNlVnPeisScudSYcVZO1le+oaInRt9hoyZ
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org