Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
File: 5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa (raw, json)
Hash identifier: u6N9FIaMM4Knqg7mVtHermj5vok6halH0Z1NaYXMlhs=
Subject key identifier: 5F:A3:9F:65:E7:31:57:0A:9A:F8:DD:C1:9E:5D:95:B2:7A:24:BA:70
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 17B74BC6B021A4BB7A4EED164D5AA833CDA64F19
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:b7:4b:c6:b0:21:a4:bb:7a:4e:ed:16:4d:5a:a8:33:cd:a6:4f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=ecb2b3332a4fcdadee53e524b5a2279affc09063ba57f5ae886a8edf0a5fcc6d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:44:a4:7b:98:cf:34:d6:f9:d8:be:6b:91:
b1:aa:0e:97:42:4f:53:8b:15:68:bb:57:bf:3a:ac:
ff:86:8e:56:2f:bc:60:49:e8:e5:7b:f6:22:8f:18:
d4:77:75:7e:f7:8a:15:01:4e:d2:be:71:60:f0:25:
6f:40:77:26:86:34:39:8b:6d:50:b2:48:f3:22:ce:
d3:3b:f6:1f:89:c3:67:14:ec:0f:24:1d:c2:ce:5b:
f8:de:b3:e1:85:61:a0:7f:53:71:e5:ac:0c:5f:fb:
27:49:4c:a4:9c:09:e5:f5:27:e5:dc:77:9e:52:fe:
fd:d3:35:87:28:7b:5a:62:a9:1c:53:d0:31:70:85:
a9:df:3f:e9:a7:5f:35:43:3f:a8:73:b9:82:1b:c2:
d7:5a:66:b8:b9:9c:be:59:9d:d4:72:94:27:b5:ea:
4b:f0:ea:1a:ce:cf:f4:9d:6a:85:33:ba:0c:a4:89:
fb:06:4a:d2:9d:2e:86:40:e2:83:a6:22:f8:93:24:
45:68:b2:ad:87:d1:cb:65:52:07:31:78:24:5f:7a:
f0:b3:39:6b:85:2d:18:83:b8:7d:df:6b:4e:77:fa:
a9:ee:a4:19:8a:18:a1:86:4c:4c:fb:2c:20:b4:93:
9d:13:72:72:3b:71:69:81:90:eb:df:c5:23:ff:17:
c2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A3:9F:65:E7:31:57:0A:9A:F8:DD:C1:9E:5D:95:B2:7A:24:BA:70
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ccf05a8-b4fe-4e2c-9ad2-733a33029e21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d4:cd:59:f5:40:cb:6b:6a:e2:43:4b:65:1e:97:aa:bd:b9:88:
df:5f:33:5e:41:46:f4:2e:79:7a:91:6f:da:3a:4e:d8:cd:47:
35:e1:73:3d:62:27:78:c4:3a:52:62:b1:32:3d:8c:57:19:43:
39:47:8a:91:52:8b:88:bf:cc:82:c6:ed:a2:82:cf:a2:35:6d:
61:c0:45:fb:94:30:cd:92:ce:5e:f7:81:ae:06:1d:e3:3a:3f:
62:de:b1:cb:d9:ad:2e:67:13:c3:40:d6:17:13:81:d3:d2:25:
1a:e3:d5:e6:e9:5d:8b:82:18:b1:f6:bb:03:a3:69:34:59:d4:
c8:2b:3b:2a:c0:de:2a:ba:d6:61:62:9b:4f:29:bf:24:29:4c:
8f:a9:de:f3:20:f2:e0:8b:77:49:d7:22:63:ea:53:db:a2:92:
89:ac:e5:d5:ab:b8:7a:dc:8b:d0:f0:68:a2:10:ef:de:c8:b1:
e4:b4:94:73:07:aa:1a:28:8e:ab:09:e0:ec:ea:59:8f:39:ff:
d3:7f:a6:d7:4d:c5:7b:d9:62:75:67:f5:06:68:0a:c7:64:39:
7a:af:61:16:5b:24:5e:d5:af:2e:59:c4:b7:58:7e:d5:35:9b:
61:d6:8d:34:86:d9:30:92:1c:0d:7b:cb:75:a9:20:bb:ce:28:
bd:7d:25:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF7dLxrAhpLt6Tu0WTVqoM82mTxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjYjJiMzMzMmE0ZmNkYWRlZTUzZTUyNGI1YTIyNzlhZmZjMDkwNjNiYTU3
ZjVhZTg4NmE4ZWRmMGE1ZmNjNmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVkRKR7mM801vnYvmuRsaoOl0JPU4sVaLtXvzqs/4aOVi+8YEno5Xv2Io8Y
1Hd1fveKFQFO0r5xYPAlb0B3JoY0OYttULJI8yLO0zv2H4nDZxTsDyQdws5b+N6z
4YVhoH9TceWsDF/7J0lMpJwJ5fUn5dx3nlL+/dM1hyh7WmKpHFPQMXCFqd8/6adf
NUM/qHO5ghvC11pmuLmcvlmd1HKUJ7XqS/DqGs7P9J1qhTO6DKSJ+wZK0p0uhkDi
g6Yi+JMkRWiyrYfRy2VSBzF4JF968LM5a4UtGIO4fd9rTnf6qe6kGYoYoYZMTPss
ILSTnRNycjtxaYGQ69/FI/8XwicCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRfo59l
5zFXCpr43cGeXZWyeiS6cDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNjZjA1YTgtYjRmZS00ZTJjLTlhZDItNzMzYTMzMDI5ZTIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G
CSqGSIb3DQEBCwUAA4IBAQDUzVn1QMtrauJDS2Uel6q9uYjfXzNeQUb0Lnl6kW/a
Ok7YzUc14XM9Yid4xDpSYrEyPYxXGUM5R4qRUouIv8yCxu2igs+iNW1hwEX7lDDN
ks5e94GuBh3jOj9i3rHL2a0uZxPDQNYXE4HT0iUa49Xm6V2Lghix9rsDo2k0WdTI
KzsqwN4qutZhYptPKb8kKUyPqd7zIPLgi3dJ1yJj6lPbopKJrOXVq7h63IvQ8Gii
EO/eyLHktJRzB6oaKI6rCeDs6lmPOf/Tf6bXTcV72WJ1Z/UGaArHZDl6r2EWWyRe
1a8uWcS3WH7VNZth1o00htkwkhwNe8t1qSC7zii9fSUU
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:25 2024 by rpki-client on console-fra.rpki-client.org