Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
File: 297efebe-504f-4d63-8877-e5b94842e462.roa (raw, json)
Hash identifier: /IVV4tAaUTjbOR9YTKXdDJqL9uSfHYFGyS1HtqvRat0=
Subject key identifier: 76:B2:6B:BF:31:3A:DA:F7:5E:F5:42:E3:15:23:02:A6:63:C5:C5:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2203D64293572E2257FC07950C783570A38FB364
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:03:d6:42:93:57:2e:22:57:fc:07:95:0c:78:35:70:a3:8f:b3:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=151a87c55dfc4de93701abb36b83f18b570359a556c027120bac566524fbbd53, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d6:65:75:57:1d:f6:58:a7:4a:a4:ee:32:1e:
72:bb:b2:05:81:85:6a:fe:dc:84:d5:4f:01:3c:fd:
03:c0:b2:09:80:cc:2a:96:f2:0e:2a:7a:b3:57:a5:
dc:1a:92:f8:3d:9e:78:80:c7:d2:80:c6:5d:30:83:
c9:31:dd:9c:a3:94:78:34:fc:14:66:c7:f9:c9:f5:
09:c7:54:85:aa:52:7c:49:27:72:cf:b4:64:0f:21:
cd:64:2e:db:bd:78:11:17:31:6d:e1:bf:2c:f7:ea:
35:a5:f4:74:56:bf:10:48:ab:da:06:3a:10:4d:40:
6a:50:be:c2:d3:c8:5b:67:0f:61:31:ef:f8:8a:33:
1b:a9:a4:43:83:5d:06:8b:c7:14:24:6d:19:60:cf:
c1:e8:ee:e3:2b:d4:26:18:97:06:9d:f0:98:c2:74:
4f:5d:87:45:14:f8:f5:0b:cb:be:4a:49:26:12:75:
a9:fd:fd:ed:6e:4a:a4:a2:5f:68:bc:59:8b:3f:ad:
ca:b3:91:05:30:e4:11:a8:9c:ac:a8:9e:58:44:d1:
5e:d9:dd:1f:64:bf:1d:5f:b3:fe:6b:c3:ef:79:4b:
fe:a3:91:d0:78:0e:08:30:57:7d:79:2d:7f:d7:73:
b7:d4:53:c7:a7:c0:d8:4c:aa:6b:0d:4e:a2:1c:43:
db:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B2:6B:BF:31:3A:DA:F7:5E:F5:42:E3:15:23:02:A6:63:C5:C5:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/297efebe-504f-4d63-8877-e5b94842e462.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0d:2a:f7:64:ac:33:3b:50:85:f7:c8:84:02:b1:af:3e:1b:ca:
28:1c:28:e7:79:d7:e9:1d:80:75:45:c9:02:ec:5e:98:58:71:
13:c9:ab:4a:88:07:2e:e5:bb:bb:f9:38:95:66:41:87:e7:4b:
94:08:e1:b3:9a:2f:30:7a:c8:c3:b2:9a:83:3b:d8:a0:50:e5:
fd:c9:34:b2:1f:ba:ab:d9:b0:d8:cc:ba:cd:ae:d8:a0:78:9a:
b7:52:e3:3c:aa:3c:c6:60:e9:21:70:90:e7:02:c3:0a:d1:15:
c9:a5:1b:8b:1b:6f:64:da:0c:cb:91:60:0d:9d:1a:d9:96:ba:
89:f3:b5:73:9e:00:c4:93:04:48:84:6c:8a:33:e1:85:ea:3c:
cd:eb:ab:f3:eb:f5:ca:d3:70:65:68:11:e7:00:f5:56:24:04:
9d:07:c7:61:b4:1d:59:2c:96:2d:44:8c:49:1a:c2:61:6e:65:
36:b8:d3:6d:29:e7:22:55:3f:9b:d5:bd:d5:e4:f6:d5:07:a8:
cb:66:35:eb:0e:29:ce:0a:ac:76:b2:05:95:a9:82:6f:a8:07:
f8:94:49:8a:c1:87:4e:f3:c2:02:a7:af:8d:f3:39:74:55:cd:
ac:84:ae:4b:83:cc:90:d4:ec:5e:cb:63:e3:3b:49:d3:cb:89:
95:02:d0:5b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIgPWQpNXLiJX/AeVDHg1cKOPs2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MWE4N2M1NWRmYzRkZTkzNzAxYWJiMzZiODNmMThiNTcwMzU5YTU1NmMw
MjcxMjBiYWM1NjY1MjRmYmJkNTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzWZXVXHfZYp0qk7jIecruyBYGFav7chNVPATz9A8CyCYDMKpbyDip6s1el
3BqS+D2eeIDH0oDGXTCDyTHdnKOUeDT8FGbH+cn1CcdUhapSfEkncs+0ZA8hzWQu
2714ERcxbeG/LPfqNaX0dFa/EEir2gY6EE1AalC+wtPIW2cPYTHv+IozG6mkQ4Nd
BovHFCRtGWDPweju4yvUJhiXBp3wmMJ0T12HRRT49QvLvkpJJhJ1qf397W5KpKJf
aLxZiz+tyrORBTDkEaicrKieWETRXtndH2S/HV+z/mvD73lL/qOR0HgOCDBXfXkt
f9dzt9RTx6fA2Eyqaw1OohxD2xkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR2smu/
MTra9171QuMVIwKmY8XF4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjk3ZWZlYmUtNTA0Zi00ZDYzLTg4NzctZTViOTQ4NDJlNDYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQANKvdkrDM7UIX3yIQCsa8+G8ooHCjnedfpHYB1RckC
7F6YWHETyatKiAcu5bu7+TiVZkGH50uUCOGzmi8wesjDspqDO9igUOX9yTSyH7qr
2bDYzLrNrtigeJq3UuM8qjzGYOkhcJDnAsMK0RXJpRuLG29k2gzLkWANnRrZlrqJ
87VzngDEkwRIhGyKM+GF6jzN66vz6/XK03BlaBHnAPVWJASdB8dhtB1ZLJYtRIxJ
GsJhbmU2uNNtKeciVT+b1b3V5PbVB6jLZjXrDinOCqx2sgWVqYJvqAf4lEmKwYdO
88ICp6+N8zl0Vc2shK5Lg8yQ1Oxey2PjO0nTy4mVAtBb
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org