Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29b3caa9-6470-45c4-9283-9836b50ed0d6.roa
File: 29b3caa9-6470-45c4-9283-9836b50ed0d6.roa (raw, json)
Hash identifier: eEykqs6xQk8VdQRxU64AixEZ+v7T5AgeMSaKfJnh6cw=
Subject key identifier: ED:F6:4F:E6:DC:44:31:64:97:78:32:18:4B:E4:3C:43:B2:FD:0D:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 232E0BEACE973D2110A416C37A9B29463DFD3C30
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29b3caa9-6470-45c4-9283-9836b50ed0d6.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.24.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:2e:0b:ea:ce:97:3d:21:10:a4:16:c3:7a:9b:29:46:3d:fd:3c:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=5414df7992ea6b82248afce783cf21ff6ed4046f631dcd120d7ffd1969fabb74, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b8:de:4d:72:4d:f9:37:10:4d:5a:fb:fc:b6:
d0:d2:02:b4:23:a8:55:c0:c6:d2:03:f3:84:65:91:
86:fc:73:08:45:c9:76:fb:df:8a:3e:cc:2b:b4:a4:
90:67:95:11:63:50:9b:29:99:e1:66:be:b4:f6:f8:
5a:ef:94:1a:e6:b3:9b:4b:a9:ac:9b:8e:2a:cd:02:
47:98:5a:68:52:2b:71:24:21:d1:8b:53:dd:e4:a5:
d4:d8:58:8b:e2:c6:99:56:87:05:8d:c1:52:1d:f7:
6f:f3:e7:67:dc:ab:8e:a0:ac:57:4f:18:d5:94:e0:
ab:ab:01:48:7b:31:52:e2:20:87:bc:58:43:70:71:
15:2e:ef:2e:25:b7:69:be:8c:46:02:b9:f1:9e:4e:
65:36:8c:c3:25:f6:c5:1e:05:3e:1b:19:b6:22:2e:
cf:f1:2f:ae:ed:7f:03:fb:2e:7c:a3:09:3a:a1:52:
ad:8f:04:08:8a:4d:75:32:33:19:98:c6:97:e2:31:
78:b9:3a:63:45:01:14:39:94:ca:54:40:d3:c3:4b:
03:6f:d6:b9:46:00:5d:21:d9:9a:b8:62:fb:66:54:
71:31:42:e1:a5:0e:cd:4f:6b:04:62:18:d0:d6:e2:
e6:87:2f:a6:1b:63:e5:53:ff:bb:a3:02:8b:cd:f7:
49:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F6:4F:E6:DC:44:31:64:97:78:32:18:4B:E4:3C:43:B2:FD:0D:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29b3caa9-6470-45c4-9283-9836b50ed0d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
30:a4:d1:24:bb:27:d3:8a:d8:1b:3d:f1:ba:03:32:9d:09:57:
95:31:29:43:4b:59:7d:b4:9d:4a:7d:cf:af:19:fe:eb:cd:29:
6e:bd:c3:3d:58:af:0f:ed:eb:c6:21:99:c9:12:d3:24:c7:eb:
5d:bc:1a:a1:b9:25:d3:8d:59:f3:04:83:cc:b5:7d:c5:ae:17:
66:c4:87:f7:b3:9a:6b:81:37:a1:f5:82:38:e3:93:b1:a1:b8:
77:0d:50:a1:c9:d0:89:15:2f:e8:9d:92:0d:7b:c8:e7:c6:50:
ac:b5:42:b0:1a:58:93:28:52:33:3c:a0:ec:e6:ec:c8:90:e7:
a1:34:a5:9b:87:fc:7a:9d:db:86:38:3c:d9:fd:d6:6f:33:84:
ec:9f:38:54:07:dc:b6:ea:be:b4:36:39:5b:a0:a6:9b:68:a8:
89:26:09:89:55:81:dd:14:47:22:89:64:83:4b:d8:fc:30:0c:
94:3a:07:74:3f:ef:ab:e0:ba:0e:35:da:fb:19:60:1c:56:12:
36:90:b2:ca:b4:42:6e:29:20:de:6b:33:43:76:1b:ed:2c:04:
24:f5:4c:78:a6:c8:84:05:27:98:f8:a1:d3:ee:6f:a6:58:de:
9d:28:39:a0:8c:00:8f:bf:1a:18:0c:af:b5:7b:d7:d2:65:90:
08:6e:94:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIy4L6s6XPSEQpBbDepspRj39PDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MTRkZjc5OTJlYTZiODIyNDhhZmNlNzgzY2YyMWZmNmVkNDA0NmY2MzFk
Y2QxMjBkN2ZmZDE5NjlmYWJiNzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC43k1yTfk3EE1a+/y20NICtCOoVcDG0gPzhGWRhvxzCEXJdvvfij7MK7Sk
kGeVEWNQmymZ4Wa+tPb4Wu+UGuazm0uprJuOKs0CR5haaFIrcSQh0YtT3eSl1NhY
i+LGmVaHBY3BUh33b/PnZ9yrjqCsV08Y1ZTgq6sBSHsxUuIgh7xYQ3BxFS7vLiW3
ab6MRgK58Z5OZTaMwyX2xR4FPhsZtiIuz/Evru1/A/sufKMJOqFSrY8ECIpNdTIz
GZjGl+IxeLk6Y0UBFDmUylRA08NLA2/WuUYAXSHZmrhi+2ZUcTFC4aUOzU9rBGIY
0Nbi5ocvphtj5VP/u6MCi833SaMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTt9k/m
3EQxZJd4MhhL5DxDsv0N5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjliM2NhYTktNjQ3MC00NWM0LTkyODMtOTgzNmI1MGVkMGQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQAwpNEkuyfTitgbPfG6AzKdCVeVMSlDS1l9tJ1Kfc+v
Gf7rzSluvcM9WK8P7evGIZnJEtMkx+tdvBqhuSXTjVnzBIPMtX3FrhdmxIf3s5pr
gTeh9YI445Oxobh3DVChydCJFS/onZINe8jnxlCstUKwGliTKFIzPKDs5uzIkOeh
NKWbh/x6nduGODzZ/dZvM4TsnzhUB9y26r60NjlboKabaKiJJgmJVYHdFEciiWSD
S9j8MAyUOgd0P++r4LoONdr7GWAcVhI2kLLKtEJuKSDeazNDdhvtLAQk9Ux4psiE
BSeY+KHT7m+mWN6dKDmgjACPvxoYDK+1e9fSZZAIbpTx
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:21 2024 by rpki-client on console-ams.rpki-client.org