Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
File: 5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa (raw, json)
Hash identifier: JFNXyv0n/uFgm7qWWmqRA0KFEutnHRmG2nLkbFth740=
Subject key identifier: EE:18:12:3B:C3:23:AD:BE:CF:D2:15:42:D1:99:12:76:EF:1C:7C:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33244EA12CC5E732F78C310590895F4FEDD5D7E0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:24:4e:a1:2c:c5:e7:32:f7:8c:31:05:90:89:5f:4f:ed:d5:d7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=d39612d528eda04299d19c19691eef28cfd942d679a1e703561106c5a5554be7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:d1:c9:f9:44:e9:6d:06:e9:66:e9:7f:93:
db:db:c7:10:14:a1:d4:18:24:b8:4d:7c:20:d4:81:
2b:b0:89:17:6c:3c:85:34:89:93:a1:ec:66:71:a9:
32:ed:1d:36:8a:95:70:bd:63:f4:84:0f:6b:a1:78:
97:dc:56:34:48:02:b1:76:ae:db:40:78:c7:72:5a:
ee:f9:eb:c7:d4:13:9e:69:11:2d:64:8f:9d:85:00:
b3:39:d5:82:fd:cc:40:70:39:9d:a5:07:b7:9f:7a:
6d:2c:c4:c9:63:91:20:d4:e5:d7:20:4a:94:26:eb:
33:72:a0:b2:62:80:87:5d:82:2d:9c:7f:51:ff:72:
36:ff:ea:f2:8d:92:8e:10:4a:71:62:fc:1e:08:14:
a2:9c:e8:bd:a1:4e:9c:59:ce:75:8d:24:e2:cc:c9:
0e:d1:db:89:c3:f6:d3:ac:74:e8:44:9b:1b:ab:27:
66:be:92:51:42:ef:ab:ed:17:f7:c2:04:26:06:30:
86:02:42:20:e1:cb:e7:d3:51:8c:c0:a1:a3:1e:c6:
a7:9f:a7:f2:9c:d2:07:10:a4:32:14:bd:80:6b:10:
f9:51:33:7a:81:93:8a:af:6c:39:0a:00:99:21:0b:
51:0a:62:d0:1d:b2:b7:e3:7f:3e:a4:dd:f3:c0:9e:
f2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:18:12:3B:C3:23:AD:BE:CF:D2:15:42:D1:99:12:76:EF:1C:7C:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
c3:1b:61:8f:74:11:53:74:d4:0f:b9:b9:f7:27:cb:f0:bf:1b:
67:74:52:bd:d0:01:27:d9:8d:3c:60:0d:f4:e2:80:02:11:ac:
a5:89:71:6b:f6:9c:e7:99:3d:35:24:8f:e4:e3:87:4e:43:29:
b5:b1:8d:60:c9:5c:09:d1:90:37:c9:29:df:6f:46:81:91:5e:
e7:64:85:20:23:34:5c:98:cb:da:ee:10:48:c9:3f:ca:bf:a3:
fb:4b:50:a9:28:ad:66:80:03:c4:2d:bc:5c:16:e8:d8:ed:11:
34:74:e5:e5:53:75:6d:3b:2c:4a:4b:3d:d3:3c:ca:98:68:97:
c1:16:31:0a:87:e0:24:63:f5:53:5e:3b:57:3d:6c:55:47:21:
be:27:62:b3:36:4d:a9:13:94:50:61:8f:2e:6c:b7:49:f7:1b:
09:8d:20:28:ec:00:12:00:e0:60:e5:51:e8:a5:0d:ea:6a:df:
7a:39:fd:42:04:f5:9b:12:cf:14:a2:ab:29:2d:7c:b2:fa:0c:
33:54:45:e4:f6:4f:da:fb:d0:48:04:87:84:eb:f8:7b:db:6e:
70:d9:ba:4f:91:98:90:7c:fa:c0:02:b7:89:fb:90:7f:24:7a:
11:e4:5d:c3:69:06:05:94:21:4b:58:f5:e9:e9:83:d8:85:e1:
e7:e5:9f:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMyROoSzF5zL3jDEFkIlfT+3V1+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzOTYxMmQ1MjhlZGEwNDI5OWQxOWMxOTY5MWVlZjI4Y2ZkOTQyZDY3OWEx
ZTcwMzU2MTEwNmM1YTU1NTRiZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf70cn5ROltBulm6X+T29vHEBSh1BgkuE18INSBK7CJF2w8hTSJk6HsZnGp
Mu0dNoqVcL1j9IQPa6F4l9xWNEgCsXau20B4x3Ja7vnrx9QTnmkRLWSPnYUAsznV
gv3MQHA5naUHt596bSzEyWORINTl1yBKlCbrM3KgsmKAh12CLZx/Uf9yNv/q8o2S
jhBKcWL8HggUopzovaFOnFnOdY0k4szJDtHbicP206x06ESbG6snZr6SUULvq+0X
98IEJgYwhgJCIOHL59NRjMChox7Gp5+n8pzSBxCkMhS9gGsQ+VEzeoGTiq9sOQoA
mSELUQpi0B2yt+N/PqTd88Ce8iMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTuGBI7
wyOtvs/SFULRmRJ27xx8QjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTAzOGQ0ZWEtOGJiMS00NTY2LTk3NzgtNWRmY2VhZWIzNjA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQDDG2GPdBFTdNQPubn3J8vwvxtndFK90AEn2Y08YA30
4oACEayliXFr9pznmT01JI/k44dOQym1sY1gyVwJ0ZA3ySnfb0aBkV7nZIUgIzRc
mMva7hBIyT/Kv6P7S1CpKK1mgAPELbxcFujY7RE0dOXlU3VtOyxKSz3TPMqYaJfB
FjEKh+AkY/VTXjtXPWxVRyG+J2KzNk2pE5RQYY8ubLdJ9xsJjSAo7AASAOBg5VHo
pQ3qat96Of1CBPWbEs8UoqspLXyy+gwzVEXk9k/a+9BIBIeE6/h7225w2bpPkZiQ
fPrAAreJ+5B/JHoR5F3DaQYFlCFLWPXp6YPYheHn5Z+T
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:25 2024 by rpki-client on console-ams.rpki-client.org