Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: MP8Zawrf91nopG9hHvmRlZMUjSvEVblLdXbRyJDUdC4=
Subject key identifier: F3:EA:C8:74:C3:0C:69:CA:E8:82:44:D4:BB:5C:6C:1E:83:35:07:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2489E59DB4D5D79DE30AA85FBE814E93077FEF97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Tue 21 May 2024 00:00:00 +0000
ROA not before: Tue 21 May 2024 00:00:00 +0000
ROA not after: Tue 25 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:89:e5:9d:b4:d5:d7:9d:e3:0a:a8:5f:be:81:4e:93:07:7f:ef:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 21 00:00:00 2024 GMT
Not After : Jun 25 23:59:59 2024 GMT
Subject: serialNumber=a387e3c80ace8a17fa9f48d9662aa1bf1b8a96cb124311a5c0a65215506bd9c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:68:24:2d:6a:71:41:80:83:d4:82:7f:01:66:
02:eb:5a:d5:b6:a4:82:4b:20:7f:68:fe:bc:ed:e2:
5d:37:ec:6c:5f:cc:56:a2:96:21:56:34:2f:29:20:
dc:cb:16:01:b6:ea:ce:4b:3c:59:29:5e:6c:6a:23:
0d:9b:9e:7b:9d:ce:93:a4:bb:76:83:94:ee:52:07:
4e:59:37:8a:b4:f4:62:c4:01:85:16:de:89:96:a8:
22:85:3e:da:bf:b7:22:6f:ac:78:be:05:02:45:54:
a5:b3:fd:e6:20:32:1f:fc:d7:e6:d9:4f:3c:4a:47:
eb:bf:f6:40:bd:f9:d7:84:7b:bd:a8:eb:8f:28:71:
81:67:68:3b:11:0a:e6:1e:6f:75:da:2d:2c:69:be:
69:c9:f0:fc:29:3a:04:42:5f:a6:d5:61:69:ad:78:
dd:c7:21:b7:1b:d4:d2:38:04:96:19:2f:6c:17:27:
3d:58:5c:db:c5:43:8a:42:60:e6:0f:21:4c:4b:ad:
82:8f:6a:71:09:f9:e3:90:da:3b:9a:9f:da:80:38:
38:3d:f5:ca:ea:dd:af:6e:ff:af:76:20:a7:9e:32:
50:69:70:85:9d:26:8c:8b:53:fa:45:27:89:6c:37:
71:46:01:92:bd:77:a6:26:1d:0c:83:48:f5:f1:7c:
ef:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EA:C8:74:C3:0C:69:CA:E8:82:44:D4:BB:5C:6C:1E:83:35:07:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:59:43:ea:75:ea:af:28:f0:2a:89:7d:d7:df:24:de:16:23:
97:23:9e:bf:89:85:cb:4a:53:59:71:e8:77:91:30:b9:52:27:
a3:11:54:e5:d6:2f:0b:3c:f4:7d:80:76:ee:f6:30:b1:45:8c:
44:40:c7:fb:4f:2e:ec:e5:4d:e9:7c:30:df:b9:48:7f:63:9b:
f0:d7:7c:e3:04:75:d3:89:5a:05:10:e8:ea:bb:a3:a5:91:6b:
8f:f7:00:8a:72:80:2a:f6:1d:63:53:9d:32:50:a5:8c:59:89:
be:ad:e2:74:ef:4d:ad:3f:c2:3e:ad:7a:ac:8a:24:87:b5:e7:
0e:9a:cb:ab:ea:ec:68:ca:4e:43:d1:1b:cc:a2:2d:57:34:42:
5e:9a:d4:c8:1f:02:f8:5c:fb:ef:4f:b3:ef:65:b3:3c:f8:d0:
49:5b:9b:04:a8:f0:e9:ad:f4:e9:57:a0:d0:c7:45:a0:45:f9:
c8:ee:0b:0c:b5:8f:f2:b5:ee:29:58:39:13:d3:ff:12:65:70:
66:4f:23:d0:75:ee:25:5c:54:95:4c:e5:c7:b1:30:22:3a:d6:
68:64:04:2d:e6:fa:9a:fc:e6:f5:4e:5e:d2:4b:21:8b:51:20:
33:e2:6c:bc:53:98:ac:79:08:be:0c:1c:2e:5f:b8:8a:50:19:
ff:b6:87:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJInlnbTV153jCqhfvoFOkwd/75cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjEwMDAwMDBaFw0yNDA2MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzODdlM2M4MGFjZThhMTdmYTlmNDhkOTY2MmFhMWJmMWI4YTk2Y2IxMjQz
MTFhNWMwYTY1MjE1NTA2YmQ5YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpoJC1qcUGAg9SCfwFmAuta1bakgksgf2j+vO3iXTfsbF/MVqKWIVY0Lykg
3MsWAbbqzks8WSlebGojDZuee53Ok6S7doOU7lIHTlk3irT0YsQBhRbeiZaoIoU+
2r+3Im+seL4FAkVUpbP95iAyH/zX5tlPPEpH67/2QL3514R7vajrjyhxgWdoOxEK
5h5vddotLGm+acnw/Ck6BEJfptVhaa143cchtxvU0jgElhkvbBcnPVhc28VDikJg
5g8hTEutgo9qcQn545DaO5qf2oA4OD31yurdr27/r3Ygp54yUGlwhZ0mjItT+kUn
iWw3cUYBkr13piYdDINI9fF872ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTz6sh0
wwxpyuiCRNS7XGwegzUHDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQCRWUPqdeqvKPAqiX3X3yTeFiOXI56/iYXLSlNZceh3
kTC5UiejEVTl1i8LPPR9gHbu9jCxRYxEQMf7Ty7s5U3pfDDfuUh/Y5vw13zjBHXT
iVoFEOjqu6OlkWuP9wCKcoAq9h1jU50yUKWMWYm+reJ0702tP8I+rXqsiiSHtecO
msur6uxoyk5D0RvMoi1XNEJemtTIHwL4XPvvT7PvZbM8+NBJW5sEqPDprfTpV6DQ
x0WgRfnI7gsMtY/yte4pWDkT0/8SZXBmTyPQde4lXFSVTOXHsTAiOtZoZAQt5vqa
/Ob1Tl7SSyGLUSAz4my8U5iseQi+DBwuX7iKUBn/toeT
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org