Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
File: 1fa4e984-a5f7-4c42-8d75-506f4844be77.roa (raw, json)
Hash identifier: jPiSKvTTxTDqnRsXf0v/J+CX5oqnWLI6pO81ApjCnl4=
Subject key identifier: 38:8B:23:39:FA:F4:1B:38:11:4B:0F:DE:67:EB:3B:6B:26:29:63:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76AFB0C6B5A2279741C32BCF878F572467FC2E45
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:af:b0:c6:b5:a2:27:97:41:c3:2b:cf:87:8f:57:24:67:fc:2e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=30d7f98e5627faeada4e6428a958dcba29cb5aed2b3820e21d07a1e45580ab98, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e8:2d:73:be:c0:2d:6f:70:87:f3:4a:77:ec:
69:3a:66:08:04:00:7f:f7:03:c6:97:77:c2:3a:47:
4b:7f:12:52:38:05:ac:22:75:2a:fd:88:85:d7:2a:
7f:5e:8d:4f:6c:a0:60:83:0d:ec:29:ea:36:92:83:
ba:5d:1d:79:32:c9:af:de:fa:0f:aa:03:aa:4d:ef:
af:a4:ae:93:51:67:7e:8d:22:f5:fa:ca:a5:49:60:
3c:8f:37:ed:a3:b3:8d:80:7f:c3:3e:7f:3c:af:8a:
5e:be:3b:9c:56:07:63:ef:93:3f:09:7f:27:48:c0:
b2:58:c0:80:94:84:1b:b5:bc:0f:5f:73:8d:80:0d:
da:06:25:50:c2:f3:74:bf:f1:4f:ba:b5:31:eb:5d:
ed:8d:4e:43:59:25:40:eb:fc:fc:89:84:62:dc:4a:
46:95:56:90:bf:c6:0d:21:1d:32:2f:3f:ac:ea:10:
68:79:ea:8e:95:25:80:e3:24:f6:d5:be:12:b5:63:
10:2c:e0:8c:88:2e:88:18:9f:82:07:b3:1d:c4:fc:
65:1d:f3:a0:5a:f6:ef:2a:04:93:7b:4c:d3:71:c9:
93:6a:31:d3:d6:af:f8:fd:94:0c:c0:12:26:06:c8:
7c:3c:93:8a:d8:fb:ad:03:e6:d5:a0:2d:78:e6:fb:
87:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8B:23:39:FA:F4:1B:38:11:4B:0F:DE:67:EB:3B:6B:26:29:63:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7f:a3:ec:f7:aa:98:a0:9f:83:e6:62:6b:4c:1c:db:6a:d9:de:
1e:5f:69:ce:f1:82:cc:50:2e:95:40:32:3f:04:e3:2b:90:af:
30:04:19:8c:dd:24:b8:d5:38:0b:d5:36:27:d6:4e:6b:51:54:
82:fc:b7:6a:b4:a1:45:0d:24:72:9c:f2:a5:bd:17:11:45:a1:
8d:9c:fc:dd:9a:7d:07:dc:e2:89:2c:23:14:cb:39:04:7e:cf:
c9:b8:66:b2:4a:b8:70:9d:c0:5c:20:12:ce:1a:e3:77:ec:ed:
74:37:c2:ac:a6:75:ab:77:70:f1:f3:3e:d8:67:1c:6e:49:4a:
41:92:6b:e0:15:98:19:a7:02:59:d0:40:0b:8c:72:73:d5:53:
62:37:06:82:69:20:47:b4:26:58:b0:95:2e:c2:5e:e9:3a:c0:
20:a7:56:a5:87:76:7f:b7:c3:9b:7a:07:7b:f9:0c:7a:c7:e3:
81:0e:d8:f6:6b:e5:d6:f9:cc:55:b0:91:e5:de:39:90:16:d5:
18:bd:19:31:d7:fc:6b:df:86:6b:bc:61:75:d4:b6:5c:27:88:
d7:f0:4a:73:6d:bf:77:e7:9c:c2:56:d9:6e:f2:4b:66:87:66:
91:31:1e:b3:8b:29:47:12:b9:71:90:e2:f8:87:a3:82:53:91:
dc:04:f1:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdq+wxrWiJ5dBwyvPh49XJGf8LkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZDdmOThlNTYyN2ZhZWFkYTRlNjQyOGE5NThkY2JhMjljYjVhZWQyYjM4
MjBlMjFkMDdhMWU0NTU4MGFiOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALboLXO+wC1vcIfzSnfsaTpmCAQAf/cDxpd3wjpHS38SUjgFrCJ1Kv2Ihdcq
f16NT2ygYIMN7CnqNpKDul0deTLJr976D6oDqk3vr6Suk1Fnfo0i9frKpUlgPI83
7aOzjYB/wz5/PK+KXr47nFYHY++TPwl/J0jAsljAgJSEG7W8D19zjYAN2gYlUMLz
dL/xT7q1Metd7Y1OQ1klQOv8/ImEYtxKRpVWkL/GDSEdMi8/rOoQaHnqjpUlgOMk
9tW+ErVjECzgjIguiBifggezHcT8ZR3zoFr27yoEk3tM03HJk2ox09av+P2UDMAS
JgbIfDyTitj7rQPm1aAteOb7h+8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ4iyM5
+vQbOBFLD95n6ztrJiljiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNGU5ODQtYTVmNy00YzQyLThkNzUtNTA2ZjQ4NDRiZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/o+z3qpign4PmYmtMHNtq2d4eX2nO8YLMUC6VQDI/
BOMrkK8wBBmM3SS41TgL1TYn1k5rUVSC/LdqtKFFDSRynPKlvRcRRaGNnPzdmn0H
3OKJLCMUyzkEfs/JuGaySrhwncBcIBLOGuN37O10N8KspnWrd3Dx8z7YZxxuSUpB
kmvgFZgZpwJZ0EALjHJz1VNiNwaCaSBHtCZYsJUuwl7pOsAgp1alh3Z/t8Obegd7
+Qx6x+OBDtj2a+XW+cxVsJHl3jmQFtUYvRkx1/xr34ZrvGF11LZcJ4jX8Epzbb93
55zCVtlu8ktmh2aRMR6ziylHErlxkOL4h6OCU5HcBPHt
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:46:56 2024 by rpki-client on console-fra.rpki-client.org