Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
File: 2d0b0f83-8102-46aa-aad9-aae539204639.roa (raw, json)
Hash identifier: xTsYdnal5VHAhHaTMnOLoX6fPGVo/TsjZ3eEqjTdEbo=
Subject key identifier: FA:19:30:C0:82:EF:6D:21:67:27:4B:ED:A9:36:79:2B:FD:28:7C:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6292C4E93D267035B177EFB15F95059C03538184
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:92:c4:e9:3d:26:70:35:b1:77:ef:b1:5f:95:05:9c:03:53:81:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=9c160d0c20c3e2678d5730c2d09e1131299f5f3f580c78aaf614e11eedfe1fc9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5d:72:7f:07:9e:dd:cb:3d:7b:53:f9:ef:45:
f2:7c:36:bf:c2:7b:c3:f6:ec:06:4a:00:b2:7c:98:
e5:ff:c4:d6:79:8a:88:05:8a:34:50:7e:94:7e:08:
14:16:9f:82:39:8c:a0:fd:4e:70:87:aa:c9:d3:19:
d9:eb:b0:b2:c3:c8:ba:07:4c:55:a5:03:3e:9d:b9:
f2:4d:3d:f8:9a:3f:21:2c:da:20:58:89:26:28:4f:
cb:07:cc:e1:5b:50:f2:f6:3e:77:5e:1d:b2:a7:2d:
e5:2f:2c:c2:fc:73:7e:62:d6:a8:59:ca:50:36:eb:
12:20:04:be:b8:2e:43:c2:35:32:8e:9c:9b:c9:46:
50:80:14:40:39:59:85:b4:4d:19:85:26:96:0b:ac:
c0:ce:f7:9b:34:a7:96:3d:ec:c5:62:eb:52:cb:21:
86:53:5b:7d:c1:4f:97:f8:e4:39:97:27:3f:d3:43:
c4:6d:4a:9a:9a:c0:d7:29:b1:ab:ca:be:29:7d:dc:
a8:4e:c7:e4:e7:c2:3a:83:fd:f9:9e:32:58:e0:47:
d4:4b:f0:60:26:52:9f:4d:c6:33:f9:e6:42:66:23:
e8:9c:43:67:78:8f:00:cf:b0:33:17:26:b1:e2:e7:
e8:21:d5:2f:57:15:24:3b:c6:71:08:f0:12:2a:d4:
05:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:19:30:C0:82:EF:6D:21:67:27:4B:ED:A9:36:79:2B:FD:28:7C:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
ab:bf:65:93:bb:e1:60:7d:fd:f7:c4:18:1f:0a:73:12:7e:72:
34:3e:68:3f:2b:7f:ba:a3:90:a4:b7:73:69:5a:3c:0c:10:34:
7e:c7:14:73:2d:59:f0:ea:ab:83:5e:1f:95:a9:16:a3:30:f6:
d2:57:5f:57:03:21:f3:93:d1:ec:af:40:06:96:7d:59:69:20:
ac:cb:29:85:5d:9d:af:b5:cb:8c:54:3f:dc:82:2f:3d:6a:07:
9c:16:94:2e:3d:80:24:5b:b1:61:8d:b3:66:6b:df:4d:dc:1a:
b8:f1:fc:68:7f:44:6c:7d:3a:be:8b:c1:6c:a2:1e:a2:21:65:
25:d4:86:a1:fc:1f:99:d8:01:75:f6:7c:36:0a:20:25:5f:52:
fa:21:72:f3:81:4f:1a:4b:84:c4:f7:d3:0e:15:07:28:17:15:
2d:c2:0d:4d:c7:84:9f:a5:37:79:8e:14:68:1c:31:2b:b6:75:
04:4a:89:d9:4b:a6:6c:d2:c2:47:1e:01:c8:e7:ba:ce:63:56:
47:44:56:ba:9e:a4:09:ff:db:6d:c9:af:ef:d2:51:3c:59:4d:
52:7a:94:a7:29:e6:2f:ed:1b:03:48:c3:ac:34:4a:c8:2c:ab:
cb:e4:37:54:cd:95:14:fd:47:49:05:da:49:e9:44:57:9e:b1:
e4:fc:68:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYpLE6T0mcDWxd++xX5UFnANTgYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDljMTYwZDBjMjBjM2UyNjc4ZDU3MzBjMmQwOWUxMTMxMjk5ZjVmM2Y1ODBj
NzhhYWY2MTRlMTFlZWRmZTFmYzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANddcn8Hnt3LPXtT+e9F8nw2v8J7w/bsBkoAsnyY5f/E1nmKiAWKNFB+lH4I
FBafgjmMoP1OcIeqydMZ2euwssPIugdMVaUDPp258k09+Jo/ISzaIFiJJihPywfM
4VtQ8vY+d14dsqct5S8swvxzfmLWqFnKUDbrEiAEvrguQ8I1Mo6cm8lGUIAUQDlZ
hbRNGYUmlguswM73mzSnlj3sxWLrUsshhlNbfcFPl/jkOZcnP9NDxG1KmprA1ymx
q8q+KX3cqE7H5OfCOoP9+Z4yWOBH1EvwYCZSn03GM/nmQmYj6JxDZ3iPAM+wMxcm
seLn6CHVL1cVJDvGcQjwEirUBfUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6GTDA
gu9tIWcnS+2pNnkr/Sh8oDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQwYjBmODMtODEwMi00NmFhLWFhZDktYWFlNTM5MjA0NjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQCrv2WTu+Fgff33xBgfCnMSfnI0Pmg/K3+6o5Ckt3Np
WjwMEDR+xxRzLVnw6quDXh+VqRajMPbSV19XAyHzk9Hsr0AGln1ZaSCsyymFXZ2v
tcuMVD/cgi89agecFpQuPYAkW7FhjbNma99N3Bq48fxof0RsfTq+i8Fsoh6iIWUl
1Iah/B+Z2AF19nw2CiAlX1L6IXLzgU8aS4TE99MOFQcoFxUtwg1Nx4SfpTd5jhRo
HDErtnUESonZS6Zs0sJHHgHI57rOY1ZHRFa6nqQJ/9ttya/v0lE8WU1SepSnKeYv
7RsDSMOsNErILKvL5DdUzZUU/UdJBdpJ6URXnrHk/GhI
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org