Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
File: 1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa (raw, json)
Hash identifier: OTmdznPHd972p9nX641ZIt+MVQTN8ulWlAuhKJa/zzc=
Subject key identifier: 3B:33:D6:35:4C:4A:5A:70:0C:5F:D5:D7:40:FB:62:3E:0A:7F:10:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C28C7E153D9D30F74F9D45A4CDF6354F5679782
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:28:c7:e1:53:d9:d3:0f:74:f9:d4:5a:4c:df:63:54:f5:67:97:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4bad146b80c2ccb9f629287a5e48538f67d54fb43e1d1839ebf9f05beb2abbf3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ba:40:ad:f8:16:f4:3d:d2:e6:40:ae:04:f7:
a8:7a:5f:f9:f6:f4:e6:6c:d1:fe:a0:23:4c:59:33:
31:a5:f3:a5:45:fd:91:b4:2f:24:97:50:6f:93:d3:
a6:3e:03:7b:8a:25:18:68:85:c7:b9:22:5b:01:ee:
de:a6:9b:28:82:ac:e5:89:32:29:58:3f:58:ec:35:
2e:81:0b:f1:ef:cc:56:17:4e:f4:e2:9b:af:57:16:
4c:81:2e:91:4d:c6:ae:68:18:c4:59:80:8a:02:67:
96:9c:ab:6a:3d:3c:84:78:82:24:43:3a:4a:94:50:
23:1b:bb:1e:50:2c:73:4e:3c:f3:18:b9:ba:0c:c4:
97:05:77:d9:fe:9c:6c:c1:19:9c:71:59:06:db:a7:
15:75:c9:a0:62:cf:47:48:bb:10:a2:e4:00:cd:09:
ca:e7:3c:1a:49:f7:d4:24:41:0c:90:7c:f8:0e:9c:
47:58:18:7b:a5:ae:97:d0:32:c4:ac:da:c4:a3:20:
02:48:a1:49:d4:80:6f:39:37:ff:77:fa:c5:52:c6:
15:9b:2b:0c:b6:a4:b0:ea:28:cf:ca:1c:53:43:69:
6c:42:6a:83:07:95:d2:6b:b4:b0:c6:1c:3e:ec:0d:
30:95:3d:6e:2a:6b:76:aa:29:19:c4:80:24:05:45:
59:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:33:D6:35:4C:4A:5A:70:0C:5F:D5:D7:40:FB:62:3E:0A:7F:10:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:0a:29:33:fc:d6:fd:61:8f:9a:4f:ca:c6:4b:3e:dc:c0:39:
20:26:0d:91:1b:a5:1c:55:38:b9:1c:d0:0c:86:85:f7:9c:09:
b9:93:f9:99:ad:cf:6e:42:55:ab:84:44:66:14:b4:2d:9d:ec:
29:91:7c:a5:c6:cc:2e:8e:74:f1:00:f5:82:5a:2c:c4:35:80:
3c:f7:b3:9b:79:67:87:15:fd:f4:69:55:f3:cd:53:9a:10:73:
03:48:8d:fb:18:6f:48:76:fa:4b:95:17:db:3f:bd:1c:0c:58:
65:a0:a3:97:60:8d:d3:80:3b:22:6c:1f:4d:4a:8a:bb:e6:ca:
1b:20:89:30:13:a3:77:2a:57:74:fa:ab:80:8f:02:15:38:58:
79:db:9a:65:02:d5:ef:19:4e:72:3b:2e:f5:03:29:52:59:af:
6a:db:1c:ee:14:2c:ed:9f:e8:77:b2:d7:3a:49:92:c2:09:a3:
08:34:e9:ab:89:63:6f:11:75:51:7c:bd:71:ee:a4:45:fa:43:
af:ba:62:27:b4:ad:85:94:4a:bd:a0:b2:dc:03:1e:80:88:85:
61:45:cf:5a:b2:65:d6:13:fd:9c:be:20:6f:72:50:a3:ad:03:
16:99:b5:c1:6e:9c:44:d3:fe:63:dc:3b:d7:04:6f:57:5d:31:
15:18:6b:36
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHCjH4VPZ0w90+dRaTN9jVPVnl4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYWQxNDZiODBjMmNjYjlmNjI5Mjg3YTVlNDg1MzhmNjdkNTRmYjQzZTFk
MTgzOWViZjlmMDViZWIyYWJiZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMW6QK34FvQ90uZArgT3qHpf+fb05mzR/qAjTFkzMaXzpUX9kbQvJJdQb5PT
pj4De4olGGiFx7kiWwHu3qabKIKs5YkyKVg/WOw1LoEL8e/MVhdO9OKbr1cWTIEu
kU3GrmgYxFmAigJnlpyraj08hHiCJEM6SpRQIxu7HlAsc0488xi5ugzElwV32f6c
bMEZnHFZBtunFXXJoGLPR0i7EKLkAM0Jyuc8Gkn31CRBDJB8+A6cR1gYe6Wul9Ay
xKzaxKMgAkihSdSAbzk3/3f6xVLGFZsrDLaksOooz8ocU0NpbEJqgweV0mu0sMYc
PuwNMJU9biprdqopGcSAJAVFWRECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7M9Y1
TEpacAxf1ddA+2I+Cn8QtDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWY2OTViODgtMzBlOS00OWYyLTllMDAtNGYzZmEzZDM1NGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQCECikz/Nb9YY+aT8rGSz7cwDkgJg2RG6UcVTi5HNAM
hoX3nAm5k/mZrc9uQlWrhERmFLQtnewpkXylxswujnTxAPWCWizENYA897ObeWeH
Ff30aVXzzVOaEHMDSI37GG9IdvpLlRfbP70cDFhloKOXYI3TgDsibB9NSoq75sob
IIkwE6N3Kld0+quAjwIVOFh525plAtXvGU5yOy71AylSWa9q2xzuFCztn+h3stc6
SZLCCaMINOmriWNvEXVRfL1x7qRF+kOvumIntK2FlEq9oLLcAx6AiIVhRc9asmXW
E/2cviBvclCjrQMWmbXBbpxE0/5j3DvXBG9XXTEVGGs2
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org