Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
File: 24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa (raw, json)
Hash identifier: C9Q/MVNlNAMBDMTHX8DFIsrp+Fk2SU3iGNAawAj1cok=
Subject key identifier: 34:DD:52:73:97:83:A5:06:53:3F:FC:7C:6B:ED:6D:9D:A0:BC:33:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 766D4718E0D5EAAAE7079FCC294620361E7150AB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:6d:47:18:e0:d5:ea:aa:e7:07:9f:cc:29:46:20:36:1e:71:50:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=f1cb34a2bfcf268852398ed7145ad8c1175e6e73a7a0780a4cb502ecc23e4752, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:07:49:a7:17:11:9d:0b:c7:0e:11:9d:f6:
74:dd:1b:7a:14:3e:07:74:cd:d9:b0:89:12:89:bb:
5a:33:3d:fa:02:6a:1a:9c:d4:0d:c6:d1:0e:e9:7d:
9b:73:82:ac:e2:90:bc:92:97:44:d5:5c:f8:99:1e:
2e:46:21:bd:fb:cc:a2:3a:98:40:81:11:9c:f9:84:
0e:83:b7:00:8f:26:05:76:e0:a5:24:fc:82:45:d6:
82:1b:09:2b:0e:b8:30:d0:18:70:8e:69:28:80:86:
bb:ea:59:b6:b5:2e:96:d7:41:81:10:0b:c8:42:29:
3e:38:30:a7:4b:54:b8:6b:0b:fd:96:c7:fc:08:18:
31:0f:1f:70:d0:68:63:b1:04:6e:cf:0e:14:c2:c4:
80:42:04:93:92:25:06:b3:62:d6:e2:62:d8:46:83:
68:98:ec:6d:75:15:70:4b:ae:89:9f:53:b8:d0:dd:
e8:42:9d:ca:a6:e4:2b:f9:41:3e:d3:8c:27:30:7c:
7c:3f:44:60:4f:fa:a6:e2:19:12:d6:42:78:ad:8e:
fa:ae:90:56:95:92:46:34:7b:4d:09:47:ea:bf:13:
4c:3a:bd:b0:df:0b:e8:e1:e1:b3:89:90:6c:2c:ba:
c1:e8:c3:ab:02:32:3d:a8:ae:42:38:26:5e:d0:8c:
47:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DD:52:73:97:83:A5:06:53:3F:FC:7C:6B:ED:6D:9D:A0:BC:33:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
31:7c:1c:07:08:d3:e2:79:f7:1f:24:b8:04:f1:19:6b:f1:04:
c0:ff:38:da:e1:9c:58:38:db:32:b9:1a:b6:cf:d3:18:53:8f:
e0:32:5b:73:b8:56:71:2b:31:a6:9b:90:ab:1b:b8:0c:2e:8a:
b5:b7:9b:55:a4:0d:b9:e9:b1:28:7b:8b:af:e4:83:5f:4f:5d:
76:54:81:24:4a:97:42:25:c2:12:ed:10:96:d0:4f:41:73:1a:
e1:77:ca:e6:63:98:0d:18:3d:d8:a7:82:fc:a1:a3:c8:cb:c5:
36:bb:8a:c3:19:a7:33:01:e2:41:da:69:d7:1a:5d:d7:07:a9:
7e:07:c0:15:f5:33:e7:5c:81:c8:10:0d:9b:91:51:ab:c5:f8:
22:4a:2b:5a:d2:12:ae:ff:f1:ba:f4:1d:7f:1d:33:63:b1:ff:
e1:ec:5c:db:05:73:c7:93:b8:4f:41:44:d4:20:1b:0a:a2:aa:
79:34:15:0f:62:21:47:82:14:2e:9c:98:26:70:26:82:91:95:
2e:f4:2a:12:88:1f:e3:06:9b:c5:d1:33:bd:84:01:7a:53:3f:
db:16:2f:b0:04:9d:99:0a:b2:60:19:b8:62:4f:bb:be:af:60:
ad:f2:f4:8a:0f:e5:ce:91:2d:6f:a9:05:a7:6d:9a:75:f0:ec:
f1:94:6b:63
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdm1HGODV6qrnB5/MKUYgNh5xUKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxY2IzNGEyYmZjZjI2ODg1MjM5OGVkNzE0NWFkOGMxMTc1ZTZlNzNhN2Ew
NzgwYTRjYjUwMmVjYzIzZTQ3NTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmzB0mnFxGdC8cOEZ32dN0behQ+B3TN2bCJEom7WjM9+gJqGpzUDcbRDul9
m3OCrOKQvJKXRNVc+JkeLkYhvfvMojqYQIERnPmEDoO3AI8mBXbgpST8gkXWghsJ
Kw64MNAYcI5pKICGu+pZtrUultdBgRALyEIpPjgwp0tUuGsL/ZbH/AgYMQ8fcNBo
Y7EEbs8OFMLEgEIEk5IlBrNi1uJi2EaDaJjsbXUVcEuuiZ9TuNDd6EKdyqbkK/lB
PtOMJzB8fD9EYE/6puIZEtZCeK2O+q6QVpWSRjR7TQlH6r8TTDq9sN8L6OHhs4mQ
bCy6wejDqwIyPaiuQjgmXtCMR2MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ03VJz
l4OlBlM//Hxr7W2doLwzwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjRjNjNiOTctNWI1ZS00NDlkLWI4NmItN2U5ZTUzYjE4MmJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAxfBwHCNPiefcfJLgE8Rlr8QTA/zja4ZxYONsyuRq2
z9MYU4/gMltzuFZxKzGmm5CrG7gMLoq1t5tVpA256bEoe4uv5INfT112VIEkSpdC
JcIS7RCW0E9Bcxrhd8rmY5gNGD3Yp4L8oaPIy8U2u4rDGaczAeJB2mnXGl3XB6l+
B8AV9TPnXIHIEA2bkVGrxfgiSita0hKu//G69B1/HTNjsf/h7FzbBXPHk7hPQUTU
IBsKoqp5NBUPYiFHghQunJgmcCaCkZUu9CoSiB/jBpvF0TO9hAF6Uz/bFi+wBJ2Z
CrJgGbhiT7u+r2Ct8vSKD+XOkS1vqQWnbZp18OzxlGtj
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org