Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa
File: b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa (raw, json)
Hash identifier: qB57PtnC7IPqRJYIXILy8bzbzRrCatYBKgovCXNavik=
Subject key identifier: 8E:1B:56:C2:24:91:62:EA:56:3F:AC:D6:A3:C1:71:F5:C7:A5:F2:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 46DA8B98B43E6E147D215543862A785FB997E6F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa
Signing time: Sat 20 Apr 2024 00:00:00 +0000
ROA not before: Sat 20 Apr 2024 00:00:00 +0000
ROA not after: Sat 25 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:da:8b:98:b4:3e:6e:14:7d:21:55:43:86:2a:78:5f:b9:97:e6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 20 00:00:00 2024 GMT
Not After : May 25 23:59:59 2024 GMT
Subject: serialNumber=6973dadc6ee0cb6d5d3824a958aa3ef4b7308c046ec9c2ede9a3badb20f85025, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2f:a1:36:8b:88:9c:58:29:cc:a7:3c:00:8e:
a4:c8:1f:14:c3:80:9f:54:d4:67:c0:32:f6:f3:cf:
ba:f0:63:2f:f6:90:12:80:46:7c:ee:08:0c:c6:7c:
48:4e:8e:c2:33:91:b6:4b:db:b4:1c:58:d3:fb:cd:
24:d5:9f:41:90:57:c9:ac:d6:32:cb:a3:74:56:69:
b7:3d:66:17:db:33:bc:32:86:30:fd:2a:27:63:f3:
cf:64:67:8e:0c:58:52:ea:a6:dd:86:e4:c0:25:be:
98:14:19:30:6c:38:41:aa:fe:e4:51:e8:a5:6f:ce:
bc:5b:a9:85:c3:9b:20:4c:b7:20:8d:74:7e:94:9f:
73:e6:3f:f6:13:2d:a5:b4:44:d3:a2:67:62:a9:3f:
b7:8e:d5:52:44:5c:80:f7:03:38:cf:2e:46:4a:eb:
4c:dd:9a:9f:1a:b8:9c:a4:11:cf:90:67:a9:59:2b:
79:67:b9:26:56:ff:89:dd:be:61:97:ac:65:3e:6d:
ee:b0:da:b2:57:45:26:5b:3b:4d:f2:64:a7:c2:ef:
40:df:92:56:bb:ba:ff:19:33:06:c3:f2:7f:25:b9:
2a:d0:af:ea:f1:84:c2:a6:5c:1d:83:af:ec:ce:17:
2f:34:b5:3d:b1:f7:46:6c:94:2b:49:2b:3f:a0:be:
10:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1B:56:C2:24:91:62:EA:56:3F:AC:D6:A3:C1:71:F5:C7:A5:F2:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:b0:3f:de:2b:2a:86:90:d6:49:85:93:d7:78:de:67:c4:94:
78:f9:55:44:73:74:07:9c:2e:12:1a:8d:39:9a:c1:86:32:87:
77:3a:50:a2:88:3c:93:b3:4a:a0:d6:8e:cc:e5:6b:cb:b5:e7:
cb:63:ea:98:3a:cf:e8:9e:94:7c:51:d1:c9:dd:23:d8:6e:ee:
2d:08:a4:08:03:63:4c:0c:76:8f:36:51:92:b1:07:62:20:2c:
2b:2f:00:c6:dd:2c:8b:4e:39:81:73:9e:e1:1d:2c:64:bc:a5:
98:5c:8b:90:4b:99:3c:20:ad:0f:57:61:67:f1:1a:f7:14:1c:
98:a0:ac:ff:cc:83:cd:8e:63:28:b1:63:a9:42:12:67:ea:3a:
60:a3:3b:b8:60:00:7a:97:36:c5:45:ae:69:f2:04:8e:ed:61:
38:63:77:e4:29:77:81:52:cd:43:e7:61:59:81:8e:2c:08:fc:
07:a4:9e:4a:e9:09:5d:1c:2d:e1:4c:df:33:2e:5e:54:9f:38:
ec:a6:de:ee:88:5e:e8:b7:e4:32:45:55:5f:52:e5:72:ce:c5:
bb:7d:a7:39:92:7e:0e:36:88:90:3f:fe:41:8c:0c:7d:b6:4c:
00:f4:45:9a:c4:47:dc:6d:64:b1:c3:88:24:22:45:5f:7c:59:
16:1d:16:78
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURtqLmLQ+bhR9IVVDhip4X7mX5vkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjAwMDAwMDBaFw0yNDA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NzNkYWRjNmVlMGNiNmQ1ZDM4MjRhOTU4YWEzZWY0YjczMDhjMDQ2ZWM5
YzJlZGU5YTNiYWRiMjBmODUwMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEvoTaLiJxYKcynPACOpMgfFMOAn1TUZ8Ay9vPPuvBjL/aQEoBGfO4IDMZ8
SE6OwjORtkvbtBxY0/vNJNWfQZBXyazWMsujdFZptz1mF9szvDKGMP0qJ2Pzz2Rn
jgxYUuqm3YbkwCW+mBQZMGw4Qar+5FHopW/OvFuphcObIEy3II10fpSfc+Y/9hMt
pbRE06JnYqk/t47VUkRcgPcDOM8uRkrrTN2anxq4nKQRz5BnqVkreWe5Jlb/id2+
YZesZT5t7rDasldFJls7TfJkp8LvQN+SVru6/xkzBsPyfyW5KtCv6vGEwqZcHYOv
7M4XLzS1PbH3RmyUK0krP6C+EBsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSOG1bC
JJFi6lY/rNajwXH1x6XySzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjg4YzIyNmYtZTE5Yy00ZjM5LWJiYjMtMTkyOGJkMmNkZDYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQAWsD/eKyqGkNZJhZPXeN5nxJR4+VVEc3QHnC4SGo05
msGGMod3OlCiiDyTs0qg1o7M5WvLtefLY+qYOs/onpR8UdHJ3SPYbu4tCKQIA2NM
DHaPNlGSsQdiICwrLwDG3SyLTjmBc57hHSxkvKWYXIuQS5k8IK0PV2Fn8Rr3FByY
oKz/zIPNjmMosWOpQhJn6jpgozu4YAB6lzbFRa5p8gSO7WE4Y3fkKXeBUs1D52FZ
gY4sCPwHpJ5K6QldHC3hTN8zLl5Unzjspt7uiF7ot+QyRVVfUuVyzsW7fac5kn4O
NoiQP/5BjAx9tkwA9EWaxEfcbWSxw4gkIkVffFkWHRZ4
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org