Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6be51680-57c7-4d1d-ba12-3da6cbabf591.roa
File: 6be51680-57c7-4d1d-ba12-3da6cbabf591.roa (raw, json)
Hash identifier: U+t7u1rbZrWqmGU6hjr6qsToY6duznvTtYED/JMNXsw=
Subject key identifier: 44:E1:FA:86:14:D0:6C:D8:A6:09:80:69:33:4C:CC:F9:4B:BB:2F:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5745F44B5BE0148A0426A0614A505F8057265483
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6be51680-57c7-4d1d-ba12-3da6cbabf591.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:45:f4:4b:5b:e0:14:8a:04:26:a0:61:4a:50:5f:80:57:26:54:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3721aa5d65c17fe4b53a25934e31714b2a03c21ad5dab073335ff2e9e1372dcb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:59:30:8b:39:37:0b:f3:51:ca:07:2b:a8:
b2:78:5d:6f:fd:3a:22:4c:a8:05:e8:88:56:01:9b:
30:0b:02:bd:32:34:0b:df:09:d4:45:99:2c:0c:91:
f6:0c:01:eb:57:c0:53:93:07:f8:52:48:4b:a9:6b:
4f:df:78:2b:38:a3:5e:9a:61:67:2b:0a:17:d1:6a:
1e:b2:43:c5:28:40:9e:5f:f2:d3:4a:11:63:b2:56:
d2:08:3e:ac:02:18:b9:61:7d:b8:00:77:91:ad:17:
26:37:a6:eb:da:1a:ef:5b:54:12:76:01:76:8a:1a:
e5:1b:a3:a4:15:db:41:d6:00:c5:5a:7f:88:22:6a:
d1:b8:6e:f7:d7:eb:78:bc:9b:70:68:f1:0e:a1:b0:
b6:9e:0c:82:c3:c2:c3:79:01:55:a6:9d:15:b5:b4:
1d:50:13:8d:90:89:4c:66:7e:b6:ee:6e:52:f4:b5:
17:e3:31:81:26:b2:09:0f:77:aa:f3:35:49:da:d7:
cb:27:f6:24:7e:24:e2:f2:36:c4:54:60:25:52:92:
48:ee:63:17:f7:a8:af:7b:b9:05:a5:4f:6c:37:02:
6b:cd:88:08:da:97:21:e6:a2:8e:8d:11:a4:a2:03:
65:15:6f:0f:00:a2:8d:37:b3:01:74:bc:9c:a6:f5:
a3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E1:FA:86:14:D0:6C:D8:A6:09:80:69:33:4C:CC:F9:4B:BB:2F:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6be51680-57c7-4d1d-ba12-3da6cbabf591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:32:94:cf:5e:5e:b0:62:18:dc:b6:60:6b:ab:a0:57:10:80:
e5:a0:83:c6:c5:77:27:94:03:2d:56:1a:80:45:bb:50:13:52:
6e:bf:e1:8e:31:35:b3:9b:21:13:c4:93:3b:5d:e2:43:d2:03:
21:41:51:0d:25:52:70:f9:7a:07:90:58:fb:8a:05:cf:01:ee:
43:ac:26:7a:45:a2:3a:c7:bd:9f:dc:91:85:0f:b3:49:e6:a5:
de:93:48:11:b7:fd:ac:46:3b:56:5a:97:98:de:8c:27:c0:ee:
3b:d9:d1:8f:6a:ab:c2:4d:94:53:69:73:83:78:80:f4:9b:48:
8c:c6:89:b9:c5:85:fc:f5:51:b2:11:9f:94:80:28:d2:61:17:
21:79:aa:0d:dc:1f:ab:1a:c8:40:5d:b0:90:7f:f2:d3:9a:11:
a6:86:2a:33:5d:69:b2:53:29:bb:78:50:59:d6:94:a3:a7:9c:
c4:d1:c3:e3:0f:8b:4f:2b:25:66:bc:8c:d9:c7:35:92:b9:bc:
a6:67:a9:3f:5e:d3:cc:c3:eb:d6:57:a0:05:3a:41:bd:8e:14:
96:04:55:7b:81:c7:3b:14:f9:f7:d6:23:0c:43:b0:69:11:48:
35:ff:f8:55:1f:fb:4d:94:2a:d9:08:17:bd:a1:67:13:b9:74:
4c:63:cd:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV0X0S1vgFIoEJqBhSlBfgFcmVIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3MjFhYTVkNjVjMTdmZTRiNTNhMjU5MzRlMzE3MTRiMmEwM2MyMWFkNWRh
YjA3MzMzNWZmMmU5ZTEzNzJkY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyRWTCLOTcL81HKByuosnhdb/06IkyoBeiIVgGbMAsCvTI0C98J1EWZLAyR
9gwB61fAU5MH+FJIS6lrT994KzijXpphZysKF9FqHrJDxShAnl/y00oRY7JW0gg+
rAIYuWF9uAB3ka0XJjem69oa71tUEnYBdooa5RujpBXbQdYAxVp/iCJq0bhu99fr
eLybcGjxDqGwtp4MgsPCw3kBVaadFbW0HVATjZCJTGZ+tu5uUvS1F+MxgSayCQ93
qvM1SdrXyyf2JH4k4vI2xFRgJVKSSO5jF/eor3u5BaVPbDcCa82ICNqXIeaijo0R
pKIDZRVvDwCijTezAXS8nKb1o4kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRE4fqG
FNBs2KYJgGkzTMz5S7svCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmJlNTE2ODAtNTdjNy00ZDFkLWJhMTItM2RhNmNiYWJmNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQB/MpTPXl6wYhjctmBrq6BXEIDloIPGxXcnlAMtVhqA
RbtQE1Juv+GOMTWzmyETxJM7XeJD0gMhQVENJVJw+XoHkFj7igXPAe5DrCZ6RaI6
x72f3JGFD7NJ5qXek0gRt/2sRjtWWpeY3ownwO472dGPaqvCTZRTaXODeID0m0iM
xom5xYX89VGyEZ+UgCjSYRcheaoN3B+rGshAXbCQf/LTmhGmhiozXWmyUym7eFBZ
1pSjp5zE0cPjD4tPKyVmvIzZxzWSubymZ6k/XtPMw+vWV6AFOkG9jhSWBFV7gcc7
FPn31iMMQ7BpEUg1//hVH/tNlCrZCBe9oWcTuXRMY83z
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org