Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: pvvK6gYNjqAPXG93UbYHvr2Sgh2WCyMCL0bboC/LRcQ=
Subject key identifier: AC:3F:B5:4A:FA:6E:B9:CC:1E:26:80:2E:94:66:42:0A:1F:2B:5E:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 671557DBF49E932A75ADA618330EEBABA5D83807
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:15:57:db:f4:9e:93:2a:75:ad:a6:18:33:0e:eb:ab:a5:d8:38:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=4bec923204a7a63446eb828e24e1d8ebed05be1963999e1c42d89e363fab5a99, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ef:25:45:54:6d:7d:7b:ec:17:c4:32:92:30:
88:f9:2d:f0:6e:85:92:be:2b:da:f1:2e:52:1b:c8:
8a:f0:0e:fa:a7:1e:ff:a8:9c:08:76:50:2c:4f:b7:
67:20:00:cb:cf:ad:04:21:97:f5:dd:16:fb:5b:dc:
47:4a:8f:fa:d8:b7:30:e0:2e:28:c2:26:95:37:66:
31:9d:ab:9a:4e:15:c4:d1:81:a2:69:22:00:4a:49:
c4:98:ce:37:8e:27:99:11:ba:6f:b2:1b:b0:1b:fd:
d8:c4:af:f3:56:09:58:c7:ea:ed:52:b9:9a:f4:e8:
1d:96:d5:55:b2:c3:23:de:f6:9b:3a:b4:4e:7c:fd:
b1:4e:e5:3a:87:23:71:b0:fb:c0:16:b4:3a:fc:82:
ef:54:c0:39:d1:7b:12:14:51:27:c5:92:89:5f:4b:
7b:98:51:ff:dc:68:f5:77:dd:15:9d:fd:d3:bc:d9:
5f:0e:a3:47:23:da:e3:1e:fc:39:72:f0:af:cd:de:
69:d1:c4:fb:07:dd:ad:2e:7f:49:24:d0:6e:94:11:
4f:40:b3:61:49:0e:38:63:c5:aa:8f:1c:53:34:e9:
3c:03:63:9f:cf:78:ef:ae:83:4a:4d:f1:11:f2:2d:
b8:10:8f:93:51:e8:23:3b:3a:3d:00:99:37:85:1a:
9c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3F:B5:4A:FA:6E:B9:CC:1E:26:80:2E:94:66:42:0A:1F:2B:5E:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:04:9b:87:9d:88:d7:f2:51:00:b9:22:c3:98:01:90:bc:55:
98:f7:83:81:05:7e:23:d4:46:a8:e7:19:af:2d:ae:06:60:3b:
1a:0b:81:be:33:05:60:c4:0c:e4:12:5c:d0:6e:da:90:a3:f5:
51:b0:df:d5:18:5b:7c:1a:0f:20:a5:03:71:54:39:e2:fb:2a:
c6:47:42:9a:78:ed:81:05:74:7d:e5:11:62:c1:21:b0:3d:0c:
5c:5f:f8:b5:9e:74:70:51:ea:d9:89:7b:54:5d:14:2b:58:b2:
fa:a2:f9:21:c8:3b:4b:2c:19:3d:70:14:e9:2d:ed:3b:c7:a8:
3e:fa:8e:df:87:6d:d9:25:31:d7:91:15:e4:06:09:ba:1d:17:
ea:a5:c8:41:17:10:6f:5c:7d:dd:ae:3c:42:9b:8b:af:03:63:
c7:21:55:4e:1f:a4:08:ed:0b:b0:1d:1a:a8:1f:88:39:79:ab:
e5:f6:7c:84:ee:46:75:4f:dc:19:9b:82:fe:22:25:38:b1:92:
e0:91:24:cb:ee:c9:35:60:a8:1a:22:bc:c8:4d:c0:14:c7:13:
68:ac:87:fa:cc:0b:f8:5e:59:b1:9e:50:65:cf:a1:3c:f2:a4:
ba:0f:1c:4b:72:78:67:f4:4f:29:47:21:78:d1:0c:da:bb:d7:
bf:25:0c:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZxVX2/Sekyp1raYYMw7rq6XYOAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiZWM5MjMyMDRhN2E2MzQ0NmViODI4ZTI0ZTFkOGViZWQwNWJlMTk2Mzk5
OWUxYzQyZDg5ZTM2M2ZhYjVhOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7vJUVUbX177BfEMpIwiPkt8G6Fkr4r2vEuUhvIivAO+qce/6icCHZQLE+3
ZyAAy8+tBCGX9d0W+1vcR0qP+ti3MOAuKMImlTdmMZ2rmk4VxNGBomkiAEpJxJjO
N44nmRG6b7IbsBv92MSv81YJWMfq7VK5mvToHZbVVbLDI972mzq0Tnz9sU7lOocj
cbD7wBa0OvyC71TAOdF7EhRRJ8WSiV9Le5hR/9xo9XfdFZ3907zZXw6jRyPa4x78
OXLwr83eadHE+wfdrS5/SSTQbpQRT0CzYUkOOGPFqo8cUzTpPANjn894766DSk3x
EfItuBCPk1HoIzs6PQCZN4UanIUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsP7VK
+m65zB4mgC6UZkIKHyteHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQBVBJuHnYjX8lEAuSLDmAGQvFWY94OBBX4j1Eao5xmv
La4GYDsaC4G+MwVgxAzkElzQbtqQo/VRsN/VGFt8Gg8gpQNxVDni+yrGR0KaeO2B
BXR95RFiwSGwPQxcX/i1nnRwUerZiXtUXRQrWLL6ovkhyDtLLBk9cBTpLe07x6g+
+o7fh23ZJTHXkRXkBgm6HRfqpchBFxBvXH3drjxCm4uvA2PHIVVOH6QI7QuwHRqo
H4g5eavl9nyE7kZ1T9wZm4L+IiU4sZLgkSTL7sk1YKgaIrzITcAUxxNorIf6zAv4
XlmxnlBlz6E88qS6DxxLcnhn9E8pRyF40Qzau9e/JQyf
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org