Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
File: e5242553-2ce0-44b9-a44b-832a808bc6b1.roa (raw, json)
Hash identifier: MoqF7DAGsngErCij47KW8LEDodsf8+SW4kZ7LUl7Tjg=
Subject key identifier: 8D:33:5C:D6:DA:6F:1C:D5:06:26:74:05:EB:F4:D3:6F:12:02:D7:ED
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B83A2E37BD2C42F9462E627137A1652200A69E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:83:a2:e3:7b:d2:c4:2f:94:62:e6:27:13:7a:16:52:20:0a:69:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=80da3cd1b70f4a839c9807b387e5405351b06dd9bbd67a37cd87c35bcd2824f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:61:87:ad:2f:36:1a:65:4f:43:e8:cb:fc:c1:
fb:58:10:a2:96:8d:64:c9:c8:28:d5:7c:47:31:f7:
2b:5c:3d:2c:63:8f:7b:2a:49:cb:08:08:8f:f4:c7:
93:fb:82:b1:11:7d:b9:88:81:3c:2b:9e:3b:19:12:
8d:e9:38:80:eb:81:6e:91:1b:e7:59:b6:db:a2:5d:
a4:0e:c8:64:f8:37:6a:7c:31:76:16:07:40:d3:3c:
49:08:57:1d:26:54:ac:d0:f3:0b:3b:74:87:6b:ee:
3b:1d:c7:90:21:3e:8f:2e:38:01:32:86:5d:e3:7e:
d1:07:6b:ea:7d:74:ad:a7:00:7e:44:b9:1d:0c:75:
eb:9c:43:c7:92:ea:0d:77:01:39:4b:83:09:53:66:
08:fd:02:b4:08:8b:1b:4c:05:1a:c8:38:f3:b3:64:
6f:a4:f4:65:27:9c:d0:55:22:6d:e1:30:ff:2a:75:
c6:40:f0:37:16:8f:df:89:a6:bb:be:db:28:9f:ca:
ae:3b:5b:f7:9a:43:f6:5f:ac:7b:d5:a7:eb:b8:d5:
11:0e:9b:e1:63:9f:ec:14:b8:1c:21:03:5c:d2:a5:
d6:eb:ac:3c:d2:4f:69:04:27:f0:13:b5:02:e7:2a:
f6:33:50:84:30:51:cf:08:ae:44:2d:bf:62:9d:3a:
dc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:33:5C:D6:DA:6F:1C:D5:06:26:74:05:EB:F4:D3:6F:12:02:D7:ED
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:c8:93:1e:b9:41:17:8d:66:1f:3a:d7:6c:25:70:9e:8a:1c:
a4:af:63:ea:23:80:68:c1:42:85:45:80:78:d6:68:d1:f2:4b:
77:fd:97:b8:44:0d:42:ec:88:72:86:f8:d6:5b:d7:a4:12:66:
34:98:19:26:25:55:8d:90:6a:ab:e7:4f:01:47:93:58:83:b2:
9d:f3:9f:7a:1b:7a:2c:52:99:8c:0c:2e:4a:ac:eb:5a:8e:c5:
c3:89:06:f9:5c:ac:50:d3:8e:24:5e:2b:d9:94:8e:3d:49:9d:
bb:8e:96:6c:68:88:81:61:4c:1c:2d:dd:71:07:fd:e3:be:1b:
d8:37:39:bf:8e:81:3a:34:57:8b:f7:f3:f6:11:65:87:a7:15:
dc:4e:7b:61:a1:84:d5:23:03:6b:4e:42:40:0a:30:d0:97:77:
c5:a8:e5:36:45:bd:19:e4:b2:6f:d4:26:d1:79:2a:81:97:13:
d6:df:e8:57:d6:e8:0f:92:10:9e:fc:46:67:31:5e:18:40:6e:
94:03:c0:b5:ea:17:cd:58:4b:3e:16:05:19:2a:80:2c:47:b6:
de:87:87:d2:b2:ee:5e:40:05:b7:16:9d:2d:3f:80:c4:88:6b:
77:28:65:46:e4:37:eb:18:6d:0f:df:9a:12:27:da:26:d4:8f:
cf:e0:40:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa4Oi43vSxC+UYuYnE3oWUiAKaeMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZGEzY2QxYjcwZjRhODM5Yzk4MDdiMzg3ZTU0MDUzNTFiMDZkZDliYmQ2
N2EzN2NkODdjMzViY2QyODI0ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJthh60vNhplT0Poy/zB+1gQopaNZMnIKNV8RzH3K1w9LGOPeypJywgIj/TH
k/uCsRF9uYiBPCueOxkSjek4gOuBbpEb51m226JdpA7IZPg3anwxdhYHQNM8SQhX
HSZUrNDzCzt0h2vuOx3HkCE+jy44ATKGXeN+0Qdr6n10racAfkS5HQx165xDx5Lq
DXcBOUuDCVNmCP0CtAiLG0wFGsg487Nkb6T0ZSec0FUibeEw/yp1xkDwNxaP34mm
u77bKJ/Krjtb95pD9l+se9Wn67jVEQ6b4WOf7BS4HCEDXNKl1uusPNJPaQQn8BO1
Aucq9jNQhDBRzwiuRC2/Yp063EsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSNM1zW
2m8c1QYmdAXr9NNvEgLX7TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTUyNDI1NTMtMmNlMC00NGI5LWE0NGItODMyYTgwOGJjNmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQAOyJMeuUEXjWYfOtdsJXCeihykr2PqI4BowUKFRYB4
1mjR8kt3/Ze4RA1C7IhyhvjWW9ekEmY0mBkmJVWNkGqr508BR5NYg7Kd8596G3os
UpmMDC5KrOtajsXDiQb5XKxQ044kXivZlI49SZ27jpZsaIiBYUwcLd1xB/3jvhvY
Nzm/joE6NFeL9/P2EWWHpxXcTnthoYTVIwNrTkJACjDQl3fFqOU2Rb0Z5LJv1CbR
eSqBlxPW3+hX1ugPkhCe/EZnMV4YQG6UA8C16hfNWEs+FgUZKoAsR7beh4fSsu5e
QAW3Fp0tP4DEiGt3KGVG5DfrGG0P35oSJ9om1I/P4ECE
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:43 2024 by rpki-client on console-fra.rpki-client.org