Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
File: 7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa (raw, json)
Hash identifier: f54qVr3gwK57pB0sQVPLFTDLMQ4q1wgqHG1EpOli1o0=
Subject key identifier: E7:2D:02:1F:28:35:52:14:3F:7D:EB:49:44:6F:46:F7:D5:82:1A:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 439CFCEC9D8CC34D0C699A12808C0C1DE2DB7DEC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:9c:fc:ec:9d:8c:c3:4d:0c:69:9a:12:80:8c:0c:1d:e2:db:7d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=c52a6d3b70c823694bb489e29f3f787252bcae3317e08e632abc3da1f47b286c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:1c:bb:a4:11:a1:77:94:5d:a3:e1:37:30:
de:9f:d9:7b:68:46:ab:42:ac:07:d7:bc:a5:14:17:
91:7a:ae:91:e6:dd:7b:73:0b:57:d7:d7:55:f0:f6:
5c:a1:70:e1:35:7f:31:aa:db:6c:20:08:d4:1a:19:
31:28:05:69:0b:54:8d:a4:93:49:df:cd:79:50:a2:
25:b8:28:a9:36:c3:5a:b9:b9:4f:09:11:84:c9:70:
e4:b7:36:6e:87:9d:04:35:0b:03:9e:67:a0:ad:d8:
d8:c7:c4:89:f7:ff:8b:d0:53:f1:ec:91:b7:22:99:
da:c7:71:65:f5:6e:c1:58:d7:98:0c:a6:45:09:ea:
ab:48:98:37:95:90:75:28:08:74:22:7b:69:2d:a7:
7e:2e:ac:d6:a4:f5:30:86:8a:4b:c1:7e:95:91:c1:
43:77:0b:dc:89:57:a5:96:b0:9a:5b:b8:07:fc:20:
5c:e9:c3:e6:74:a3:75:e7:22:1c:fd:8f:fa:71:09:
fe:0d:32:be:f1:94:be:b5:fc:cc:b2:db:2f:21:a0:
8d:d9:38:06:97:96:f9:d0:ae:68:4b:76:aa:3f:ee:
a2:c3:be:f2:1e:be:9c:38:9f:61:28:18:90:44:62:
99:8f:6f:0f:f2:b1:9b:ef:9d:8f:47:29:7b:e1:07:
b9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2D:02:1F:28:35:52:14:3F:7D:EB:49:44:6F:46:F7:D5:82:1A:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7d69dca7-aabd-4aa0-8ae7-a0abd4050eca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:98:13:d6:dd:2c:53:4c:a2:f7:3c:d8:e6:31:df:89:01:27:
55:14:01:3f:48:15:49:1d:d0:f4:ef:28:4c:95:18:f8:68:cc:
d6:bc:3d:b4:df:65:9c:1a:bb:40:7e:ad:9c:60:b9:ec:9a:15:
b3:3c:46:d3:fa:1b:c6:46:b6:c4:81:0d:b7:73:ae:5c:be:e2:
1a:d8:da:fa:c7:1b:2a:b9:96:81:a7:82:b1:86:55:48:0b:07:
17:b6:28:94:d2:25:b5:34:c2:a9:bf:d9:89:d1:1d:f2:9f:40:
a2:97:66:33:60:28:f4:79:ce:89:83:f4:81:e9:45:ff:2a:6f:
4f:d9:9f:da:a3:a6:e6:34:57:78:81:c9:99:87:97:af:0e:fc:
22:18:91:3d:66:25:a0:9a:14:e1:50:d0:3a:5d:70:7d:1e:c6:
c8:ea:90:a5:7f:81:40:00:2f:39:82:92:6d:6a:69:f8:2a:77:
06:99:78:19:54:e6:62:17:ee:41:85:eb:3c:b5:69:8f:f0:c9:
d8:05:8c:bb:76:0a:be:c9:e7:fe:1b:07:a8:dc:eb:17:ec:65:
72:66:b2:06:a9:12:a3:d6:bf:f9:34:00:a5:29:39:c3:fd:c1:
6c:4e:50:6f:dc:ca:6b:af:fd:31:11:c3:83:44:e8:50:2f:2c:
c2:66:53:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ5z87J2Mw00MaZoSgIwMHeLbfewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MmE2ZDNiNzBjODIzNjk0YmI0ODllMjlmM2Y3ODcyNTJiY2FlMzMxN2Uw
OGU2MzJhYmMzZGExZjQ3YjI4NmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0wHLukEaF3lF2j4Tcw3p/Ze2hGq0KsB9e8pRQXkXqukebde3MLV9fXVfD2
XKFw4TV/MarbbCAI1BoZMSgFaQtUjaSTSd/NeVCiJbgoqTbDWrm5TwkRhMlw5Lc2
boedBDULA55noK3Y2MfEiff/i9BT8eyRtyKZ2sdxZfVuwVjXmAymRQnqq0iYN5WQ
dSgIdCJ7aS2nfi6s1qT1MIaKS8F+lZHBQ3cL3IlXpZawmlu4B/wgXOnD5nSjdeci
HP2P+nEJ/g0yvvGUvrX8zLLbLyGgjdk4BpeW+dCuaEt2qj/uosO+8h6+nDifYSgY
kERimY9vD/Kxm++dj0cpe+EHuXkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTnLQIf
KDVSFD9960lEb0b31YIacjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Q2OWRjYTctYWFiZC00YWEwLThhZTctYTBhYmQ0MDUwZWNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQBAmBPW3SxTTKL3PNjmMd+JASdVFAE/SBVJHdD07yhM
lRj4aMzWvD2032WcGrtAfq2cYLnsmhWzPEbT+hvGRrbEgQ23c65cvuIa2Nr6xxsq
uZaBp4KxhlVICwcXtiiU0iW1NMKpv9mJ0R3yn0Cil2YzYCj0ec6Jg/SB6UX/Km9P
2Z/ao6bmNFd4gcmZh5evDvwiGJE9ZiWgmhThUNA6XXB9HsbI6pClf4FAAC85gpJt
amn4KncGmXgZVOZiF+5Bhes8tWmP8MnYBYy7dgq+yef+Gweo3OsX7GVyZrIGqRKj
1r/5NAClKTnD/cFsTlBv3Mprr/0xEcODROhQLyzCZlPy
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:10:10 2024 by rpki-client on console-fra.rpki-client.org