Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ddf83d-549f-48cd-bafd-e338188fa878.roa
File: a2ddf83d-549f-48cd-bafd-e338188fa878.roa (raw, json)
Hash identifier: OIuQAUJIHeXtJtD8R/KdpzN3wqwE8euEQcCj/FcLOEk=
Subject key identifier: 62:8B:24:15:7A:40:C7:D1:D7:F4:05:69:52:03:9D:F3:2F:17:7A:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F835B69A8F2FB6EE55D6384D8B5156BDE7742D4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ddf83d-549f-48cd-bafd-e338188fa878.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:83:5b:69:a8:f2:fb:6e:e5:5d:63:84:d8:b5:15:6b:de:77:42:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3b51104d5d5b7ec96ffa66cbeb92b39655317d975368bcbcfa78ff5322a50569, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5a:3d:5f:ed:cf:fa:71:45:e3:68:52:6e:d2:
1d:81:41:24:23:d1:f4:a1:61:82:61:4d:8d:39:07:
d3:76:85:63:00:6b:38:ab:48:27:bf:f4:6b:40:f8:
1d:e4:bc:4a:9e:0e:ca:6e:1d:a1:d5:2f:8e:d2:66:
b3:c5:b6:21:da:28:f6:d8:fa:91:a3:97:02:59:45:
13:67:b4:52:c6:50:57:23:e2:0c:ea:b0:08:38:76:
b8:eb:fc:4b:1d:1f:45:5d:70:90:9c:52:bf:09:41:
20:9e:36:87:77:47:80:1b:65:af:3d:95:3a:2d:4e:
3e:e1:95:41:62:a4:91:db:18:bf:25:02:01:52:f4:
e0:63:6a:4b:c5:17:6f:ae:c7:d9:25:47:6d:2f:11:
f0:c6:d6:a8:a7:a0:57:86:f6:90:61:cf:d1:cf:c5:
11:6f:3e:d4:86:91:eb:79:82:b6:0d:25:34:91:3c:
d0:f5:cf:b7:ae:eb:77:b1:75:78:9b:a5:81:50:a9:
98:dc:9c:b0:5a:ff:89:21:c5:8b:43:d3:03:6c:ec:
e9:92:20:37:06:1d:59:51:27:32:f6:3d:ba:bb:8e:
6f:54:fb:70:da:92:5f:3f:30:d5:45:0b:18:41:b4:
f5:2c:4e:16:73:44:9d:de:3c:5c:9a:4b:2a:cb:28:
bf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:8B:24:15:7A:40:C7:D1:D7:F4:05:69:52:03:9D:F3:2F:17:7A:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ddf83d-549f-48cd-bafd-e338188fa878.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:67:d8:5a:7e:db:9d:03:a0:89:8f:5b:50:54:07:cf:a4:9d:
0f:85:9f:b3:cb:48:33:ec:85:25:dd:e4:32:d4:0a:2d:ad:42:
9f:71:4b:a3:27:90:7b:e2:33:99:d2:70:35:ff:cb:f3:a4:9a:
af:5a:b1:9d:4a:75:48:62:bb:aa:33:96:69:a2:e0:6f:aa:11:
6b:6a:84:48:3f:e5:69:34:8f:08:cf:96:b6:48:d3:32:5b:b0:
62:95:15:d6:f1:df:6d:f5:7f:fc:36:59:20:5a:05:eb:7b:71:
cc:d0:c2:ed:6e:d9:5b:9a:00:d3:07:f2:12:97:ff:99:21:f7:
8b:18:2a:85:c1:ea:12:83:48:8a:a6:c6:58:41:fe:57:61:47:
b0:c4:14:30:1c:8a:cf:db:37:13:4d:e6:1e:d0:01:a3:58:f2:
3f:7a:60:3e:f7:a9:ac:dd:aa:82:a8:fe:9e:bc:3e:97:3c:1f:
21:e6:3e:10:8f:19:a3:2a:3f:67:99:be:8c:fd:5b:a2:65:1f:
09:d4:63:87:6a:45:b2:a8:7a:f6:69:d8:d2:2c:60:d0:10:91:
e4:0a:e5:ea:b0:e2:24:a6:82:01:04:53:6c:66:a8:11:fd:0a:
f1:dd:49:6d:5b:d0:2f:06:2a:03:23:9f:ad:93:01:06:6f:4e:
ea:c6:35:b4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX4Nbaajy+27lXWOE2LUVa953QtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiNTExMDRkNWQ1YjdlYzk2ZmZhNjZjYmViOTJiMzk2NTUzMTdkOTc1MzY4
YmNiY2ZhNzhmZjUzMjJhNTA1NjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5aPV/tz/pxReNoUm7SHYFBJCPR9KFhgmFNjTkH03aFYwBrOKtIJ7/0a0D4
HeS8Sp4Oym4dodUvjtJms8W2Idoo9tj6kaOXAllFE2e0UsZQVyPiDOqwCDh2uOv8
Sx0fRV1wkJxSvwlBIJ42h3dHgBtlrz2VOi1OPuGVQWKkkdsYvyUCAVL04GNqS8UX
b67H2SVHbS8R8MbWqKegV4b2kGHP0c/FEW8+1IaR63mCtg0lNJE80PXPt67rd7F1
eJulgVCpmNycsFr/iSHFi0PTA2zs6ZIgNwYdWVEnMvY9uruOb1T7cNqSXz8w1UUL
GEG09SxOFnNEnd48XJpLKssov3cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRiiyQV
ekDH0df0BWlSA53zLxd6GTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkZGY4M2QtNTQ5Zi00OGNkLWJhZmQtZTMzODE4OGZhODc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQB1Z9haftudA6CJj1tQVAfPpJ0PhZ+zy0gz7IUl3eQy
1AotrUKfcUujJ5B74jOZ0nA1/8vzpJqvWrGdSnVIYruqM5ZpouBvqhFraoRIP+Vp
NI8Iz5a2SNMyW7BilRXW8d9t9X/8NlkgWgXre3HM0MLtbtlbmgDTB/ISl/+ZIfeL
GCqFweoSg0iKpsZYQf5XYUewxBQwHIrP2zcTTeYe0AGjWPI/emA+96ms3aqCqP6e
vD6XPB8h5j4QjxmjKj9nmb6M/VuiZR8J1GOHakWyqHr2adjSLGDQEJHkCuXqsOIk
poIBBFNsZqgR/Qrx3UltW9AvBioDI5+tkwEGb07qxjW0
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org