Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
File: 1350b3cb-6def-4283-90f3-051faef7a4e3.roa (raw, json)
Hash identifier: hNWEyOu2jacD6tQV4TZIZbG5sY2BPutlMSThqGA9VZQ=
Subject key identifier: B5:18:D6:AD:FC:A4:D4:46:4B:99:80:AB:9E:F8:33:0A:72:4E:A6:E8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B9BD33AF398E3576BC7DE5632B762AB551F0E34
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:9b:d3:3a:f3:98:e3:57:6b:c7:de:56:32:b7:62:ab:55:1f:0e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=30547b08f632cc97e7465eb30c19db374f731c6bd6408210b35d9fdc068834bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:35:f1:71:34:a0:d7:d5:36:74:a4:df:80:2d:
1e:27:36:ec:6c:a7:2a:3e:af:1b:86:02:fe:ab:f5:
f0:1e:5f:34:b1:bd:df:74:46:71:af:6b:e7:51:4b:
9b:1a:d7:54:25:f8:eb:f3:ba:c1:0a:fa:4c:85:8a:
67:7e:68:21:24:3b:56:8f:81:65:0e:ac:48:8b:3d:
07:e3:a4:af:93:9d:82:12:81:f3:52:61:c2:2c:6f:
a7:52:5d:5a:4e:3a:0e:26:72:b2:75:ab:93:d0:51:
34:86:4b:8d:b8:79:bd:37:4e:a6:76:fa:d0:d5:93:
23:55:e1:17:ff:b6:12:0f:36:97:96:e9:65:a7:79:
d8:8c:e3:7a:98:94:5e:03:0d:b5:ae:5b:2c:f5:01:
73:0d:0e:6f:49:a6:f1:01:cd:da:45:16:dd:48:e6:
34:85:bc:91:d9:b1:a7:98:e1:be:67:fd:dc:67:20:
96:c4:b5:ee:8f:b1:31:b2:ba:a6:5d:4c:94:b2:47:
76:53:5d:bb:a0:1e:e4:a6:58:10:a4:3b:30:66:aa:
4b:e4:8c:4b:99:ad:18:65:99:f7:88:38:be:09:9a:
52:ca:99:d9:16:ce:2f:8e:d6:ae:b4:84:6b:d1:b7:
15:ac:de:dc:ba:b7:b5:f4:e6:79:06:65:ea:4e:a7:
d6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:18:D6:AD:FC:A4:D4:46:4B:99:80:AB:9E:F8:33:0A:72:4E:A6:E8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1350b3cb-6def-4283-90f3-051faef7a4e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
ca:85:39:72:73:84:81:67:cf:84:07:60:e2:31:e5:a9:c0:95:
40:a2:32:13:ff:c2:25:0c:65:39:6f:c2:04:02:7f:96:e4:ee:
d4:c1:cd:09:8d:f3:1b:07:aa:57:35:fd:f4:20:60:b7:8b:1a:
87:2d:c3:6c:55:5a:46:16:c1:37:58:44:76:4c:3e:ed:21:9a:
d7:cf:cf:30:43:0d:68:b3:37:bd:46:d4:64:63:49:ce:1d:6e:
ca:06:38:2d:10:c2:44:a0:d5:45:7a:d1:35:f5:af:d4:f0:16:
dd:90:71:c9:d8:b4:cf:57:b6:81:0f:ae:30:95:37:e8:c3:fd:
3e:7d:f7:f3:a9:2d:0e:6f:d5:67:63:58:9d:25:8a:fd:19:1b:
89:ea:6f:14:d2:19:0b:74:21:79:43:a7:ab:7d:e6:97:2b:c6:
bb:62:97:b8:23:c1:8e:06:81:ef:1b:de:a4:7d:d0:91:00:5c:
4a:11:d3:2b:b2:46:8d:15:cd:fb:79:36:92:2d:4a:bb:97:a3:
f2:c2:89:40:45:02:f2:38:ca:5b:20:d2:d5:bb:a4:7d:82:05:
44:27:b9:96:ba:00:e2:65:bb:31:44:7c:02:79:ff:06:c9:e5:
6b:d5:10:12:f4:c3:95:df:f9:12:36:9e:23:89:ea:50:ce:2b:
00:ab:6c:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe5vTOvOY41drx95WMrdiq1UfDjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwNTQ3YjA4ZjYzMmNjOTdlNzQ2NWViMzBjMTlkYjM3NGY3MzFjNmJkNjQw
ODIxMGIzNWQ5ZmRjMDY4ODM0YmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALM18XE0oNfVNnSk34AtHic27GynKj6vG4YC/qv18B5fNLG933RGca9r51FL
mxrXVCX46/O6wQr6TIWKZ35oISQ7Vo+BZQ6sSIs9B+Okr5OdghKB81Jhwixvp1Jd
Wk46DiZysnWrk9BRNIZLjbh5vTdOpnb60NWTI1XhF/+2Eg82l5bpZad52IzjepiU
XgMNta5bLPUBcw0Ob0mm8QHN2kUW3UjmNIW8kdmxp5jhvmf93GcglsS17o+xMbK6
pl1MlLJHdlNdu6Ae5KZYEKQ7MGaqS+SMS5mtGGWZ94g4vgmaUsqZ2RbOL47WrrSE
a9G3Faze3Lq3tfTmeQZl6k6n1lECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1GNat
/KTURkuZgKue+DMKck6m6DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTM1MGIzY2ItNmRlZi00MjgzLTkwZjMtMDUxZmFlZjdhNGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQDKhTlyc4SBZ8+EB2DiMeWpwJVAojIT/8IlDGU5b8IE
An+W5O7Uwc0JjfMbB6pXNf30IGC3ixqHLcNsVVpGFsE3WER2TD7tIZrXz88wQw1o
sze9RtRkY0nOHW7KBjgtEMJEoNVFetE19a/U8BbdkHHJ2LTPV7aBD64wlTfow/0+
fffzqS0Ob9VnY1idJYr9GRuJ6m8U0hkLdCF5Q6erfeaXK8a7Ype4I8GOBoHvG96k
fdCRAFxKEdMrskaNFc37eTaSLUq7l6PywolARQLyOMpbINLVu6R9ggVEJ7mWugDi
ZbsxRHwCef8GyeVr1RAS9MOV3/kSNp4jiepQzisAq2wN
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:25 2024 by rpki-client on console-fra.rpki-client.org