Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
File: 24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa (raw, json)
Hash identifier: GsO+0cTlgPkBnwoED9PZVRMvJsNro9cAAC/zbXtCLMA=
Subject key identifier: 1E:09:D5:24:56:87:73:4A:11:56:B5:D6:47:0B:C1:E0:F0:6E:B2:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0FD571FB4B2F7DD7918C06687B474E9BFB27D7D7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:d5:71:fb:4b:2f:7d:d7:91:8c:06:68:7b:47:4e:9b:fb:27:d7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=4fb0eb823280a62051bd1ec0817a5dc6fbb5a1f6e7c49ea38d2cfd4bfff39069, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:55:84:0b:9d:11:02:5f:f7:de:fe:c5:c2:d7:
5b:72:7d:a7:b4:ce:40:04:bd:3b:c8:90:18:a1:62:
8c:00:88:e1:0b:ac:fd:39:d4:16:ee:9f:c7:5b:06:
87:2b:84:28:8c:9b:55:7e:30:cd:ba:e7:4c:58:3d:
55:d9:65:ed:4f:00:3f:38:d6:8c:ab:21:76:e0:fb:
33:26:89:75:68:5c:ec:75:ea:9c:df:f0:76:c8:4b:
bc:3e:c6:10:86:da:aa:c9:06:28:24:0c:bb:92:c9:
76:b8:d9:8e:d9:1d:f5:5f:ba:43:35:95:0b:c2:1d:
9f:1d:77:66:1b:e8:45:11:e1:17:56:c4:7f:64:21:
66:e5:cf:01:82:f7:90:54:65:a9:d0:1c:32:d7:48:
c9:4a:85:5c:aa:79:4d:f0:cd:b7:67:87:13:17:a6:
9b:16:18:53:7a:17:b2:73:87:cd:37:4c:37:cf:b9:
88:5b:62:00:09:e0:2c:f7:c9:2a:83:02:1a:1d:37:
09:03:fd:25:af:b2:79:63:93:40:d0:7e:64:42:e7:
92:41:4d:77:2d:b0:8c:1a:7f:bf:ac:22:e2:36:1c:
b9:c4:d4:88:38:5f:2f:18:6f:d0:68:4d:a9:cb:3a:
a0:f2:ef:c9:af:76:47:56:4d:3b:0e:b1:96:b2:46:
35:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:09:D5:24:56:87:73:4A:11:56:B5:D6:47:0B:C1:E0:F0:6E:B2:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
ce:af:21:35:74:17:4e:c0:04:a1:fb:9d:36:82:b7:91:da:e3:
f6:f6:53:36:2a:10:25:9b:04:35:f4:0b:94:97:f6:3c:70:91:
f2:33:87:fd:b5:30:d8:d1:d6:00:75:c3:c0:25:1e:5a:7e:3a:
e6:17:d1:5f:91:6e:03:b9:c4:18:c1:ff:f9:fd:39:9e:69:24:
dd:f0:71:77:15:01:d2:83:be:df:61:be:1a:09:14:6d:e5:97:
2a:fc:1a:78:d6:63:69:c4:24:1a:f3:2d:39:db:be:8b:69:9a:
03:e0:e4:f0:16:f9:f2:6d:3d:3e:d6:9b:e8:59:7d:c4:a8:2b:
18:c9:f3:5c:2f:da:66:9b:6d:fa:80:24:3c:68:22:61:c9:99:
2f:8d:ae:e9:55:98:27:44:64:23:75:f0:fa:37:4b:4b:ad:ac:
15:ae:6d:98:f2:85:45:e4:9b:14:e6:bc:92:41:74:f6:4f:43:
d3:91:3f:24:f5:82:f0:2a:98:bd:2f:2b:54:6c:2c:da:1f:c6:
b5:52:60:80:54:b4:61:00:8c:5d:f3:ae:a1:66:b2:dc:6d:df:
4e:3c:91:48:de:e1:2d:d0:20:98:c9:38:fb:04:53:c3:46:b1:
02:96:8d:cd:c2:79:f8:31:b0:fe:6c:16:1b:ec:ba:48:a8:5c:
7b:38:fe:a5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD9Vx+0svfdeRjAZoe0dOm/sn19cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmYjBlYjgyMzI4MGE2MjA1MWJkMWVjMDgxN2E1ZGM2ZmJiNWExZjZlN2M0
OWVhMzhkMmNmZDRiZmZmMzkwNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxVhAudEQJf997+xcLXW3J9p7TOQAS9O8iQGKFijACI4Qus/TnUFu6fx1sG
hyuEKIybVX4wzbrnTFg9Vdll7U8APzjWjKshduD7MyaJdWhc7HXqnN/wdshLvD7G
EIbaqskGKCQMu5LJdrjZjtkd9V+6QzWVC8Idnx13ZhvoRRHhF1bEf2QhZuXPAYL3
kFRlqdAcMtdIyUqFXKp5TfDNt2eHExemmxYYU3oXsnOHzTdMN8+5iFtiAAngLPfJ
KoMCGh03CQP9Ja+yeWOTQNB+ZELnkkFNdy2wjBp/v6wi4jYcucTUiDhfLxhv0GhN
qcs6oPLvya92R1ZNOw6xlrJGNbMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeCdUk
VodzShFWtdZHC8Hg8G6yDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjRjNjNiOTctNWI1ZS00NDlkLWI4NmItN2U5ZTUzYjE4MmJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQDOryE1dBdOwASh+502greR2uP29lM2KhAlmwQ19AuU
l/Y8cJHyM4f9tTDY0dYAdcPAJR5afjrmF9FfkW4DucQYwf/5/TmeaSTd8HF3FQHS
g77fYb4aCRRt5Zcq/Bp41mNpxCQa8y05276LaZoD4OTwFvnybT0+1pvoWX3EqCsY
yfNcL9pmm236gCQ8aCJhyZkvja7pVZgnRGQjdfD6N0tLrawVrm2Y8oVF5JsU5ryS
QXT2T0PTkT8k9YLwKpi9LytUbCzaH8a1UmCAVLRhAIxd866hZrLcbd9OPJFI3uEt
0CCYyTj7BFPDRrEClo3Nwnn4MbD+bBYb7LpIqFx7OP6l
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org