Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
File: 88f52aa4-587a-4c53-908e-056e9d4b7bca.roa (raw, json)
Hash identifier: v+xuw5x8tnezuevkz40isN8xvHbz7DBKLH1zkblGHFs=
Subject key identifier: AF:5D:CA:70:7D:29:94:73:1D:22:A9:57:0A:D3:9A:8C:F0:41:8F:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20FA6E8A1801775DDB28E7F49723C129490D66B9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:fa:6e:8a:18:01:77:5d:db:28:e7:f4:97:23:c1:29:49:0d:66:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=e93871602d1f526f0d72c393764dd268ebc52a8972151f9764294b54d57bdb91, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f9:7d:f4:85:b6:cb:5b:20:c6:83:ab:0a:3f:
33:0d:02:56:c0:2d:2e:e8:d8:2f:4a:43:69:27:76:
21:c6:2a:ff:c7:0f:12:ea:31:ef:47:a1:e8:64:97:
bf:31:44:34:3c:98:48:3a:63:47:2d:2a:19:90:9e:
23:fa:69:9b:35:0a:b1:58:45:80:67:9a:53:cb:72:
58:b4:8c:7f:d0:df:1c:ee:ed:5c:cd:74:dc:36:ec:
34:b4:90:c2:7f:84:82:5d:95:e9:93:8b:2b:19:cb:
79:e6:ee:04:24:06:31:f3:2d:78:ae:56:07:f9:60:
27:c3:32:c0:08:c7:69:94:a3:f2:90:25:74:c3:84:
14:35:9b:f6:72:c7:9c:75:dd:57:38:62:8b:a4:41:
7d:65:2b:0c:66:aa:b4:ba:91:31:be:dc:b6:f0:7b:
74:67:ec:00:95:06:21:fd:ad:eb:a0:28:6a:e2:30:
b0:b7:e3:de:2b:42:0b:4a:6c:5c:5f:a9:4f:f3:02:
c6:ef:21:57:63:30:4e:1c:fa:e0:92:6c:0b:c9:20:
47:8a:a9:ed:4b:9a:c0:aa:b2:11:96:96:53:6b:04:
20:c3:b4:97:bf:99:0b:4f:81:49:48:01:db:89:28:
24:70:7f:a6:71:c1:a0:a0:49:c3:45:05:d9:6a:38:
3b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5D:CA:70:7D:29:94:73:1D:22:A9:57:0A:D3:9A:8C:F0:41:8F:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
74:10:70:f5:e8:f3:6b:72:80:a6:b8:ac:a2:f2:ba:23:75:e9:
70:50:70:10:74:3f:61:2b:27:17:ed:d9:31:e1:33:f8:09:86:
6e:be:bc:9b:6a:11:2e:ab:4a:43:a3:1e:3b:60:57:76:97:bf:
32:e0:57:c3:b7:f9:74:7f:81:cb:5f:f0:d2:48:f1:ed:bb:18:
80:ac:f0:d4:d3:36:1a:02:26:1d:24:30:31:fa:81:0f:3a:f8:
c7:8a:b1:90:43:38:59:6d:2a:dd:48:0d:b2:42:99:22:b0:e7:
30:4d:6b:b9:cd:bf:05:7f:c4:b2:39:79:43:66:c5:c0:75:61:
37:e0:d8:b1:23:c0:51:78:c9:99:a7:61:6a:20:ee:10:f5:99:
b7:a2:29:ed:df:97:1b:e9:2e:c0:fb:3f:24:75:bf:73:37:c0:
98:80:b9:e9:18:8f:17:a9:1b:6f:fa:04:09:be:5e:f5:f3:2f:
cc:ad:a0:c7:15:64:26:80:56:5d:97:26:b1:11:94:c2:f5:9f:
ac:ec:9e:ae:08:46:76:67:6c:f8:37:3d:ab:cc:1a:7a:bd:ee:
46:1d:d8:60:01:4f:da:7a:c3:93:3f:d8:83:4a:d7:1c:2a:92:
31:c2:29:ae:35:ef:5d:30:36:4f:53:2c:e3:42:6a:73:6e:a8:
5b:c8:c0:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIPpuihgBd13bKOf0lyPBKUkNZrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5Mzg3MTYwMmQxZjUyNmYwZDcyYzM5Mzc2NGRkMjY4ZWJjNTJhODk3MjE1
MWY5NzY0Mjk0YjU0ZDU3YmRiOTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/5ffSFtstbIMaDqwo/Mw0CVsAtLujYL0pDaSd2IcYq/8cPEuox70eh6GSX
vzFENDyYSDpjRy0qGZCeI/ppmzUKsVhFgGeaU8tyWLSMf9DfHO7tXM103DbsNLSQ
wn+Egl2V6ZOLKxnLeebuBCQGMfMteK5WB/lgJ8MywAjHaZSj8pAldMOEFDWb9nLH
nHXdVzhii6RBfWUrDGaqtLqRMb7ctvB7dGfsAJUGIf2t66AoauIwsLfj3itCC0ps
XF+pT/MCxu8hV2MwThz64JJsC8kgR4qp7UuawKqyEZaWU2sEIMO0l7+ZC0+BSUgB
24koJHB/pnHBoKBJw0UF2Wo4O8UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvXcpw
fSmUcx0iqVcK05qM8EGPPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhmNTJhYTQtNTg3YS00YzUzLTkwOGUtMDU2ZTlkNGI3YmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQB0EHD16PNrcoCmuKyi8rojdelwUHAQdD9hKycX7dkx
4TP4CYZuvrybahEuq0pDox47YFd2l78y4FfDt/l0f4HLX/DSSPHtuxiArPDU0zYa
AiYdJDAx+oEPOvjHirGQQzhZbSrdSA2yQpkisOcwTWu5zb8Ff8SyOXlDZsXAdWE3
4NixI8BReMmZp2FqIO4Q9Zm3oint35cb6S7A+z8kdb9zN8CYgLnpGI8XqRtv+gQJ
vl718y/MraDHFWQmgFZdlyaxEZTC9Z+s7J6uCEZ2Z2z4Nz2rzBp6ve5GHdhgAU/a
esOTP9iDStccKpIxwimuNe9dMDZPUyzjQmpzbqhbyMB1
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org