Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa
File: 88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa (raw, json)
Hash identifier: /tBfFAhlawrAdilVSvGcrS3bub3FvkQxTg/uGwua9r8=
Subject key identifier: 17:6D:6D:90:2C:6E:0B:63:22:0A:A4:63:02:19:75:EC:44:80:E9:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 475467DA5E5F6D43F5757D3C0C4BBF07F12F6767
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa
Signing time: Tue 30 Apr 2024 00:00:00 +0000
ROA not before: Tue 30 Apr 2024 00:00:00 +0000
ROA not after: Tue 04 Jun 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:54:67:da:5e:5f:6d:43:f5:75:7d:3c:0c:4b:bf:07:f1:2f:67:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 30 00:00:00 2024 GMT
Not After : Jun 4 23:59:59 2024 GMT
Subject: serialNumber=9c8b9ec1ddaea5eaaeac504155ba301722a47d51bf2518b9f2c4ee3fad677ddd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:b3:1c:ed:82:c7:ce:8d:69:c5:5e:7d:cf:
21:61:b6:c9:80:71:bf:2c:72:9d:99:91:f1:ae:eb:
48:f2:6d:b5:5e:ad:08:7a:dc:03:0c:64:ca:82:4b:
b0:84:ab:f7:19:63:50:f8:f9:95:39:b1:f6:3b:52:
3e:18:94:e4:9a:43:b8:ce:21:36:36:b2:46:72:ae:
88:04:49:28:41:ed:03:00:66:69:3b:d3:58:bf:df:
ad:7f:2b:b9:59:14:c8:f4:28:45:44:f9:36:d5:6f:
64:3f:12:95:bc:d5:e2:73:ca:76:bc:4c:f5:f5:e0:
41:4c:ae:8b:45:94:9a:4b:f4:6c:9c:42:d0:dc:9f:
aa:8a:49:a4:ff:1b:16:e0:a2:48:a6:51:e6:64:f2:
7b:29:c4:16:98:58:cd:8c:55:d5:7e:c9:db:d7:22:
ed:24:13:68:ec:67:3f:9f:d0:e6:9f:39:4e:3e:7c:
07:24:3b:3c:ac:de:72:b1:82:4a:dc:57:28:93:02:
7f:54:5c:15:15:3e:3f:e4:c1:14:06:73:01:22:c7:
19:ec:e8:05:77:f4:bc:8c:4b:bf:6c:ff:0f:9a:16:
71:27:91:0f:fd:d7:98:34:fb:8f:2a:10:61:d8:d3:
d3:fa:47:b9:94:cb:e0:0e:da:af:3e:31:b6:2b:c0:
b5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6D:6D:90:2C:6E:0B:63:22:0A:A4:63:02:19:75:EC:44:80:E9:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88ba3d30-157d-4964-8f1d-fb8f9726c40f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:ea:8b:10:93:02:f9:8f:3d:f2:d2:f4:00:36:7e:11:e7:eb:
79:74:43:5c:dd:9a:08:dd:70:56:23:31:b8:19:62:97:9c:e1:
db:f0:b5:c7:89:f1:b1:e8:da:ec:8a:e7:d4:2a:3a:12:af:c1:
c1:76:c5:d9:4d:99:58:f7:60:b8:5e:ad:97:f6:40:ce:1a:8e:
bb:ea:c3:d8:20:e6:9e:15:82:51:b1:c8:3f:31:5c:b2:85:b1:
f9:7b:4b:cb:21:a6:5a:98:b5:3f:fc:46:44:51:0c:c7:7e:68:
64:74:e7:0a:41:17:aa:3b:08:75:ac:37:99:02:f4:12:58:10:
86:75:84:d9:bb:4e:cf:35:77:94:b0:57:1c:9a:0b:1d:65:9c:
c8:1e:8d:54:f2:2c:57:37:bd:24:07:6f:21:40:9e:3c:c8:d1:
c5:0a:47:80:6b:e0:2d:e2:dd:c7:00:39:ed:b9:75:78:85:39:
f3:8f:3b:52:42:b5:ba:c5:24:93:ba:59:f5:05:a5:d4:08:78:
ea:a6:78:41:b5:7c:ce:1d:f6:dc:57:fc:b3:8a:0d:8c:5d:36:
37:9b:50:ef:1e:2e:f4:ec:9d:ad:5b:65:48:38:43:a7:dc:27:
56:e8:79:22:b8:67:03:25:91:68:9c:0c:88:d3:57:e9:23:ef:
9d:33:d1:15
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR1Rn2l5fbUP1dX08DEu/B/EvZ2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MzAwMDAwMDBaFw0yNDA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDljOGI5ZWMxZGRhZWE1ZWFhZWFjNTA0MTU1YmEzMDE3MjJhNDdkNTFiZjI1
MThiOWYyYzRlZTNmYWQ2NzdkZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuDsxztgsfOjWnFXn3PIWG2yYBxvyxynZmR8a7rSPJttV6tCHrcAwxkyoJL
sISr9xljUPj5lTmx9jtSPhiU5JpDuM4hNjayRnKuiARJKEHtAwBmaTvTWL/frX8r
uVkUyPQoRUT5NtVvZD8SlbzV4nPKdrxM9fXgQUyui0WUmkv0bJxC0NyfqopJpP8b
FuCiSKZR5mTyeynEFphYzYxV1X7J29ci7SQTaOxnP5/Q5p85Tj58ByQ7PKzecrGC
StxXKJMCf1RcFRU+P+TBFAZzASLHGezoBXf0vIxLv2z/D5oWcSeRD/3XmDT7jyoQ
YdjT0/pHuZTL4A7arz4xtivAtdMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXbW2Q
LG4LYyIKpGMCGXXsRIDpeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhiYTNkMzAtMTU3ZC00OTY0LThmMWQtZmI4Zjk3MjZjNDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQCs6osQkwL5jz3y0vQANn4R5+t5dENc3ZoI3XBWIzG4
GWKXnOHb8LXHifGx6NrsiufUKjoSr8HBdsXZTZlY92C4Xq2X9kDOGo676sPYIOae
FYJRscg/MVyyhbH5e0vLIaZamLU//EZEUQzHfmhkdOcKQReqOwh1rDeZAvQSWBCG
dYTZu07PNXeUsFccmgsdZZzIHo1U8ixXN70kB28hQJ48yNHFCkeAa+At4t3HADnt
uXV4hTnzjztSQrW6xSSTuln1BaXUCHjqpnhBtXzOHfbcV/yzig2MXTY3m1DvHi70
7J2tW2VIOEOn3CdW6HkiuGcDJZFonAyI01fpI++dM9EV
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:02:50 2024 by rpki-client on console-fra.rpki-client.org