Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
File: b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa (raw, json)
Hash identifier: h55olcrxt2CrWRZghIacXX7nNtCOVEmAwauO20TrxbI=
Subject key identifier: FC:42:A1:FE:19:69:8B:2D:D2:62:D6:16:9D:B2:F2:13:E9:4B:01:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 42323B3407144544C3A33F0DE31AC5F01F8A26B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
Signing time: Tue 23 Apr 2024 00:00:00 +0000
ROA not before: Tue 23 Apr 2024 00:00:00 +0000
ROA not after: Tue 28 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:32:3b:34:07:14:45:44:c3:a3:3f:0d:e3:1a:c5:f0:1f:8a:26:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 23 00:00:00 2024 GMT
Not After : May 28 23:59:59 2024 GMT
Subject: serialNumber=91251737b58033804e90f6da1ba0d9739c93412b5259cf18048a23d738a9bcc9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f1:79:06:9b:81:fe:24:81:69:27:02:ff:be:
11:b5:bf:3d:5c:18:f7:0a:19:42:50:4e:88:d5:74:
f6:15:52:d0:89:a9:e8:78:ea:a2:a7:ee:09:88:07:
d7:fd:15:76:19:a8:d9:2e:b2:a4:18:e5:b4:55:55:
9a:a7:b8:b9:5d:82:4f:22:da:7d:3e:60:13:de:49:
70:97:45:e1:42:9a:e8:70:43:26:c0:58:3f:7e:66:
f8:a8:f1:15:db:fa:bf:ac:92:44:35:ce:95:72:df:
29:e9:d8:c4:3d:95:41:93:dd:29:67:26:6f:67:06:
f3:cc:e4:87:f4:5c:27:8e:11:78:f4:8d:49:a6:04:
6a:2e:59:ad:f6:74:fa:e6:43:e8:7d:8a:c0:42:37:
7c:b1:c4:1d:6b:c1:47:ff:ae:d6:53:1c:e4:3b:59:
f5:1b:37:4d:11:fe:97:26:c7:ad:e6:ee:97:bf:29:
35:fa:2d:93:37:e9:01:c8:95:a5:e6:39:dc:10:4a:
22:1f:50:02:42:cb:c3:d4:e9:e9:86:e5:f9:5a:19:
6d:1d:0a:08:6a:57:c4:37:c3:fa:59:b1:a4:3b:07:
1d:7a:d3:fd:9b:10:48:e4:03:49:e8:57:31:e0:9d:
86:9f:47:6b:3f:c9:4b:0c:27:52:7e:6e:c7:97:dc:
1b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:42:A1:FE:19:69:8B:2D:D2:62:D6:16:9D:B2:F2:13:E9:4B:01:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:0a:55:a9:ab:be:66:19:40:c9:24:f4:d6:12:14:26:17:e8:
7b:46:a3:ac:0d:3f:c1:9f:fb:a8:4a:67:5a:e3:3f:bb:19:8b:
44:2e:1c:c9:52:1b:f5:29:fd:a3:f0:ae:f4:dc:e7:7c:d6:b3:
33:41:09:c0:5a:9c:f7:09:92:36:f6:4f:4f:c4:57:e1:5a:a8:
7a:a9:c1:0b:74:17:4f:26:6c:66:77:88:91:99:12:03:e4:c2:
4b:fa:a6:02:52:97:c7:56:eb:9e:67:ce:d8:18:14:09:2e:28:
3e:c6:2f:a2:31:e2:49:e5:91:31:e9:5f:08:c2:cf:4e:74:6b:
a2:03:da:4f:ac:95:05:84:e7:74:f5:2a:7a:3a:29:82:d3:4f:
ec:bd:24:d7:92:25:e1:71:9d:03:c3:b9:71:4b:42:41:fb:0b:
de:6e:6a:8a:da:91:d7:88:cf:29:74:d7:37:a9:dd:61:f2:ac:
9c:43:12:6b:6d:35:8b:45:62:b5:b8:6c:1b:39:47:79:5d:23:
c9:4f:95:e2:1a:6b:c5:b3:50:cd:4b:6b:68:80:fa:5c:8d:d7:
12:e4:44:cf:13:3b:ef:b1:ff:62:4a:1b:ce:3e:b5:a6:cb:00:
30:de:04:c1:07:5f:d2:36:65:bc:f7:2b:b3:74:79:13:2b:c4:
31:e2:c1:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQjI7NAcURUTDoz8N4xrF8B+KJrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjMwMDAwMDBaFw0yNDA1MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxMjUxNzM3YjU4MDMzODA0ZTkwZjZkYTFiYTBkOTczOWM5MzQxMmI1MjU5
Y2YxODA0OGEyM2Q3MzhhOWJjYzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTxeQabgf4kgWknAv++EbW/PVwY9woZQlBOiNV09hVS0Imp6HjqoqfuCYgH
1/0Vdhmo2S6ypBjltFVVmqe4uV2CTyLafT5gE95JcJdF4UKa6HBDJsBYP35m+Kjx
Fdv6v6ySRDXOlXLfKenYxD2VQZPdKWcmb2cG88zkh/RcJ44RePSNSaYEai5ZrfZ0
+uZD6H2KwEI3fLHEHWvBR/+u1lMc5DtZ9Rs3TRH+lybHrebul78pNfotkzfpAciV
peY53BBKIh9QAkLLw9Tp6Ybl+VoZbR0KCGpXxDfD+lmxpDsHHXrT/ZsQSOQDSehX
MeCdhp9Haz/JSwwnUn5ux5fcG+sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8QqH+
GWmLLdJi1hadsvIT6UsBzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmOGZhODMtNTRmMS00NGNjLWE5MTUtNjI0OWE2ZjZhMjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBKClWpq75mGUDJJPTWEhQmF+h7RqOsDT/Bn/uoSmda
4z+7GYtELhzJUhv1Kf2j8K703Od81rMzQQnAWpz3CZI29k9PxFfhWqh6qcELdBdP
Jmxmd4iRmRID5MJL+qYCUpfHVuueZ87YGBQJLig+xi+iMeJJ5ZEx6V8Iws9OdGui
A9pPrJUFhOd09Sp6OimC00/svSTXkiXhcZ0Dw7lxS0JB+wvebmqK2pHXiM8pdNc3
qd1h8qycQxJrbTWLRWK1uGwbOUd5XSPJT5XiGmvFs1DNS2togPpcjdcS5ETPEzvv
sf9iShvOPrWmywAw3gTBB1/SNmW89yuzdHkTK8Qx4sGP
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:31 2024 by rpki-client on console-fra.rpki-client.org