Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: 5jUbewW9EZEa3WO8QkdnYyQbLx9BfYSCnrISXRc9uA4=
Subject key identifier: 07:24:5B:7D:E1:FD:08:79:F1:8C:F5:05:F3:DF:DF:D0:7A:3B:98:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 732B1B105B4F6B895BA405A9021234E440EE3776
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:2b:1b:10:5b:4f:6b:89:5b:a4:05:a9:02:12:34:e4:40:ee:37:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=f3b535b9566e7c0830505d32400f572c2686d88f4a936529cf828ec869a5773d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7b:a8:4a:62:86:d7:b5:dd:dd:db:eb:63:9b:
48:eb:78:70:ca:c6:7f:6b:4e:f4:06:30:7a:8e:80:
4b:da:e2:52:1d:ad:b2:ab:05:39:16:2b:82:c1:1c:
6d:02:75:ad:f3:65:14:1d:4c:41:47:1e:f8:5c:b1:
b2:e1:f0:ce:49:b2:43:83:c3:66:5d:89:9d:9c:1a:
e3:aa:ac:71:38:c5:28:5d:e6:e4:db:9f:d7:a3:22:
35:f0:b8:8d:37:f3:99:63:0a:01:e9:31:92:9b:20:
1d:a5:6e:ec:7c:c7:d8:bd:6d:fa:97:a2:c5:c3:60:
61:6b:31:dc:3e:aa:f5:56:5f:68:16:76:9e:74:31:
ee:6b:1e:07:32:24:2e:dd:da:30:28:b9:08:cf:4e:
b1:a8:6f:e4:0d:6f:c8:f2:12:a5:01:c2:4f:16:d0:
6a:41:35:72:f9:dc:94:29:2d:d4:de:bb:7f:e3:51:
3f:94:38:29:73:95:ad:45:7a:54:b8:ed:4c:c4:b1:
56:76:c5:a6:51:0e:b3:bb:84:0e:a4:dc:31:be:2d:
ae:84:74:0a:8c:37:c2:05:a7:2c:be:5a:60:88:9d:
dc:fe:3b:53:6d:c4:53:a8:58:df:05:c6:2f:5b:9b:
ca:f2:1a:34:b1:ef:89:11:e5:d2:26:80:24:64:1c:
d4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:24:5B:7D:E1:FD:08:79:F1:8C:F5:05:F3:DF:DF:D0:7A:3B:98:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:d9:f4:13:39:9a:7e:9e:7d:9a:dd:b1:b5:e6:56:b9:fc:e7:
d7:13:15:3a:41:bd:be:64:00:13:a8:37:2f:2b:71:fb:90:38:
45:d9:4a:e7:e3:6f:13:c2:6c:49:d6:f6:f7:4d:7b:77:8d:cf:
19:7c:f6:7d:a4:dd:a4:69:bf:98:44:30:10:fe:ec:87:ec:97:
d0:cc:1d:c6:03:00:80:4f:c8:ef:48:fe:2c:41:62:62:e3:40:
1e:13:4a:da:5f:30:04:1d:ac:31:68:62:bd:e2:08:94:b2:93:
27:a4:2a:6c:cb:75:28:37:29:01:2b:a3:60:b3:2f:23:91:7f:
36:36:03:f7:12:94:f7:78:11:4e:35:40:44:fb:31:70:f7:ff:
ad:ed:61:7d:72:58:db:f4:af:74:f9:ab:fc:b8:28:b9:05:73:
2f:65:18:16:4f:d5:9d:7b:49:82:73:ec:9e:ef:ac:2f:12:47:
7d:fb:de:20:b7:66:cd:93:4d:90:f1:ed:8e:e9:f8:87:94:cd:
2d:ac:bd:48:3e:22:50:f1:fe:c5:ff:6c:f9:db:24:c7:94:7b:
50:97:eb:73:cc:eb:3b:6f:40:80:d8:7a:c8:93:9e:e6:aa:a2:
fd:76:45:f0:30:6e:db:d3:82:91:bf:47:c2:ec:e3:c6:42:d0:
a8:97:8c:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcysbEFtPa4lbpAWpAhI05EDuN3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYjUzNWI5NTY2ZTdjMDgzMDUwNWQzMjQwMGY1NzJjMjY4NmQ4OGY0YTkz
NjUyOWNmODI4ZWM4NjlhNTc3M2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx7qEpihte13d3b62ObSOt4cMrGf2tO9AYweo6AS9riUh2tsqsFORYrgsEc
bQJ1rfNlFB1MQUce+FyxsuHwzkmyQ4PDZl2JnZwa46qscTjFKF3m5Nuf16MiNfC4
jTfzmWMKAekxkpsgHaVu7HzH2L1t+peixcNgYWsx3D6q9VZfaBZ2nnQx7mseBzIk
Lt3aMCi5CM9Osahv5A1vyPISpQHCTxbQakE1cvnclCkt1N67f+NRP5Q4KXOVrUV6
VLjtTMSxVnbFplEOs7uEDqTcMb4troR0Cow3wgWnLL5aYIid3P47U23EU6hY3wXG
L1ubyvIaNLHviRHl0iaAJGQc1O8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHJFt9
4f0IefGM9QXz39/QejuYdDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQAo2fQTOZp+nn2a3bG15la5/OfXExU6Qb2+ZAATqDcv
K3H7kDhF2Urn428TwmxJ1vb3TXt3jc8ZfPZ9pN2kab+YRDAQ/uyH7JfQzB3GAwCA
T8jvSP4sQWJi40AeE0raXzAEHawxaGK94giUspMnpCpsy3UoNykBK6Ngsy8jkX82
NgP3EpT3eBFONUBE+zFw9/+t7WF9cljb9K90+av8uCi5BXMvZRgWT9Wde0mCc+ye
76wvEkd9+94gt2bNk02Q8e2O6fiHlM0trL1IPiJQ8f7F/2z52yTHlHtQl+tzzOs7
b0CA2HrIk57mqqL9dkXwMG7b04KRv0fC7OPGQtCol4z0
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:30 2024 by rpki-client on console-fra.rpki-client.org