Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
File: e4b516c1-e154-4f18-af17-f71694b6015c.roa (raw, json)
Hash identifier: /9c5kR12YRp+It4NAGA7ro6j33+Ky2aQa8lL8z6j4Ow=
Subject key identifier: F0:C3:EC:45:9F:87:1B:01:DC:E6:75:11:C3:7B:1A:FD:11:F7:64:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F2FF19B2DB1807417847030DBF84791F3BB57AE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:2f:f1:9b:2d:b1:80:74:17:84:70:30:db:f8:47:91:f3:bb:57:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=5d1ab757ed59bb5f232c2a7b14abe2b7487423d2d300a3b7061aadc682742d04, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cd:7b:89:3d:e1:c4:c0:7c:8c:c4:a4:7b:e2:
18:00:c1:ea:ee:fe:39:97:2e:73:8c:e6:f6:a3:83:
cb:a9:1f:7f:d1:f7:56:cf:06:21:84:4a:59:f3:d4:
03:6d:46:f0:d7:82:d9:7a:e5:b3:8f:65:f4:d8:3f:
36:35:47:7f:59:b9:ad:b2:52:ea:35:29:db:67:26:
81:00:e9:2d:7d:1c:b5:6d:1c:66:1f:21:4f:b0:ab:
62:c0:b9:57:ae:c7:f2:bd:e6:42:71:cc:da:52:28:
44:4c:47:37:36:98:1e:0d:63:a0:f6:3c:26:28:51:
8a:0f:47:38:42:c1:0c:de:49:2c:a8:79:4c:1f:83:
a3:9e:81:b8:dc:20:2c:c1:1f:6d:1a:c5:70:cf:d6:
d0:73:75:13:17:76:fd:e6:a9:e4:ea:0a:e5:4f:10:
c2:0b:62:e0:d2:0e:8b:ce:58:ae:45:b9:32:88:0c:
9e:f7:5f:37:2d:9c:ad:f6:c5:44:df:64:d1:db:3b:
1b:ab:a1:9b:43:9b:b4:4f:61:54:2f:90:9d:f8:c7:
fb:f9:ad:11:54:ff:b1:6e:d8:e5:6e:8f:aa:ad:e1:
83:81:cf:c8:02:40:0c:a5:d2:8c:86:89:97:35:66:
f1:af:de:56:eb:96:c8:e7:1f:0c:92:7e:2f:5f:15:
3b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C3:EC:45:9F:87:1B:01:DC:E6:75:11:C3:7B:1A:FD:11:F7:64:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:03:24:cf:9e:e6:5e:97:3f:71:6a:1b:47:78:e5:eb:c1:7d:
02:cf:ea:cd:13:30:95:2b:d8:dd:a8:04:fe:a4:83:ee:de:c5:
ef:b1:6c:6c:b3:b1:4c:ae:ff:e9:aa:32:e0:ed:14:be:ab:d3:
4c:5a:8b:b6:15:eb:51:84:c3:ad:8c:19:bd:aa:f4:b7:b4:4b:
bf:be:47:74:91:ca:fb:ed:af:3e:cd:02:58:28:81:94:52:16:
2c:92:51:5a:19:7d:dd:69:ca:54:86:61:29:36:e9:eb:ef:8f:
92:c7:70:cb:78:70:17:ce:6a:23:69:05:9d:4b:98:a5:6d:f2:
ed:83:ee:38:4b:03:19:ab:6d:70:53:31:af:e4:e8:c4:80:f5:
8a:ef:d4:99:75:e6:c3:fb:74:3c:a6:d3:5b:d2:f7:f3:f8:dc:
60:fd:35:f4:39:cf:d4:b0:1f:04:5d:0c:3b:1f:40:1e:c9:92:
4d:a3:ed:92:cf:cf:d1:09:3c:af:29:93:40:df:9d:25:73:a5:
20:5c:bf:67:78:4d:83:84:db:a1:a2:8b:c6:de:2e:5f:7f:01:
29:69:63:69:0e:5d:38:06:f9:4a:85:78:49:4b:48:18:a3:65:
6a:a1:32:fb:a0:56:be:e2:9e:f9:25:d7:5e:19:b3:af:a6:4b:
e9:05:3d:8d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHy/xmy2xgHQXhHAw2/hHkfO7V64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkMWFiNzU3ZWQ1OWJiNWYyMzJjMmE3YjE0YWJlMmI3NDg3NDIzZDJkMzAw
YTNiNzA2MWFhZGM2ODI3NDJkMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnNe4k94cTAfIzEpHviGADB6u7+OZcuc4zm9qODy6kff9H3Vs8GIYRKWfPU
A21G8NeC2Xrls49l9Ng/NjVHf1m5rbJS6jUp22cmgQDpLX0ctW0cZh8hT7CrYsC5
V67H8r3mQnHM2lIoRExHNzaYHg1joPY8JihRig9HOELBDN5JLKh5TB+Do56BuNwg
LMEfbRrFcM/W0HN1Exd2/eap5OoK5U8Qwgti4NIOi85YrkW5MogMnvdfNy2crfbF
RN9k0ds7G6uhm0ObtE9hVC+QnfjH+/mtEVT/sW7Y5W6Pqq3hg4HPyAJADKXSjIaJ
lzVm8a/eVuuWyOcfDJJ+L18VO0UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTww+xF
n4cbAdzmdRHDexr9EfdkzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTRiNTE2YzEtZTE1NC00ZjE4LWFmMTctZjcxNjk0YjYwMTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQDLAyTPnuZelz9xahtHeOXrwX0Cz+rNEzCVK9jdqAT+
pIPu3sXvsWxss7FMrv/pqjLg7RS+q9NMWou2FetRhMOtjBm9qvS3tEu/vkd0kcr7
7a8+zQJYKIGUUhYsklFaGX3dacpUhmEpNunr74+Sx3DLeHAXzmojaQWdS5ilbfLt
g+44SwMZq21wUzGv5OjEgPWK79SZdebD+3Q8ptNb0vfz+Nxg/TX0Oc/UsB8EXQw7
H0AeyZJNo+2Sz8/RCTyvKZNA350lc6UgXL9neE2DhNuhoovG3i5ffwEpaWNpDl04
BvlKhXhJS0gYo2VqoTL7oFa+4p75JddeGbOvpkvpBT2N
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org