Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
File: bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa (raw, json)
Hash identifier: sc+SD3Cv3DWQIPoV1AUI4ljTRD1Okc5dC/Fm2mmeCtg=
Subject key identifier: 37:E4:38:D0:7C:1C:71:54:F1:FC:94:03:EB:7D:7B:F9:15:58:44:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6648A89DA6B5EC27D8275B3748AFA6AC0D113942
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:48:a8:9d:a6:b5:ec:27:d8:27:5b:37:48:af:a6:ac:0d:11:39:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=6fc0f2606f8a66d7313260b877a9ac3e07b49d390d23a663d2bbd046ffe0af2a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e0:97:fb:02:3f:85:75:43:7f:98:80:0b:ab:
46:43:2a:f1:dd:62:dc:52:c1:a9:1a:4f:94:32:2e:
a6:6c:aa:03:fd:3a:65:43:6c:ab:0e:05:06:f7:97:
51:c2:96:55:ec:a1:51:0b:78:bc:e6:d0:4a:58:74:
ac:2f:b3:f2:a3:a3:9d:78:48:da:70:9f:99:37:fb:
74:2a:14:76:09:37:6c:1a:9d:8c:cd:f8:bb:8d:d7:
fa:49:3b:b3:57:c7:ce:19:52:5b:78:4c:ad:82:75:
f4:b6:9b:a5:06:35:1b:26:23:11:f6:f9:6b:64:6e:
ef:13:67:3d:5d:2b:df:02:3c:6c:58:18:08:ce:2c:
96:6b:89:d3:28:c9:35:f6:d7:e2:19:69:62:7a:d4:
7c:ba:6d:6e:d1:36:c2:4d:78:47:48:fe:72:f2:66:
d4:7c:40:77:52:ec:4c:a6:e3:ac:b0:79:a5:4d:7d:
30:aa:ed:1e:9e:68:14:29:82:57:e5:12:3c:9d:79:
dd:35:bf:8d:bb:fd:ef:25:ef:c2:6d:dd:bb:e8:db:
aa:60:e3:22:a0:45:5c:a0:62:d4:70:2b:b1:a3:ee:
8f:24:83:72:42:a3:de:52:72:a0:ed:b0:dd:02:aa:
d7:bb:42:02:b6:f5:cb:d8:05:53:e3:86:5e:d9:fa:
c6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E4:38:D0:7C:1C:71:54:F1:FC:94:03:EB:7D:7B:F9:15:58:44:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d3:5b:e3:10:f4:64:07:ea:08:cf:c0:c6:3a:39:96:06:6f:97:
89:41:eb:28:d0:c7:d1:8d:6e:df:27:06:15:7d:98:0d:b5:01:
73:86:d6:be:d5:2b:79:5f:6b:da:c2:89:8f:2c:24:9b:6c:ad:
f5:8a:e5:9b:6a:0f:77:7c:4c:d5:fe:af:31:02:05:1c:5a:a4:
f6:3c:f5:00:6a:75:58:4c:e3:0f:ed:f7:08:b1:8e:17:d2:9e:
64:c4:ad:3d:0a:1f:1e:60:44:9e:16:67:8b:e6:eb:0c:09:82:
5c:b3:65:35:5f:4d:bd:a6:60:8e:b1:dd:ed:80:99:52:70:b8:
83:56:f8:9e:cb:fe:48:82:2d:78:50:3b:90:9f:69:1f:c1:63:
41:15:df:7a:3a:6f:f3:a5:b9:31:22:09:7f:bb:25:54:e1:c9:
97:7a:ca:31:f1:0e:88:b4:2c:fe:12:4e:07:7a:75:9f:0a:77:
21:77:22:c1:a5:f3:60:99:c9:99:d3:38:d1:97:71:2a:04:d8:
bf:41:4c:41:0d:9c:ac:76:1a:60:f2:b3:40:b6:7b:ac:f8:e9:
2f:28:9e:14:12:71:a5:94:7c:f6:77:17:40:ca:4d:c9:ef:0f:
1e:54:b9:7d:d2:92:e2:36:d1:13:36:11:1c:3b:19:60:d5:af:
69:59:fa:64
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZkionaa17CfYJ1s3SK+mrA0ROUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmYzBmMjYwNmY4YTY2ZDczMTMyNjBiODc3YTlhYzNlMDdiNDlkMzkwZDIz
YTY2M2QyYmJkMDQ2ZmZlMGFmMmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHgl/sCP4V1Q3+YgAurRkMq8d1i3FLBqRpPlDIupmyqA/06ZUNsqw4FBveX
UcKWVeyhUQt4vObQSlh0rC+z8qOjnXhI2nCfmTf7dCoUdgk3bBqdjM34u43X+kk7
s1fHzhlSW3hMrYJ19LabpQY1GyYjEfb5a2Ru7xNnPV0r3wI8bFgYCM4slmuJ0yjJ
NfbX4hlpYnrUfLptbtE2wk14R0j+cvJm1HxAd1LsTKbjrLB5pU19MKrtHp5oFCmC
V+USPJ153TW/jbv97yXvwm3du+jbqmDjIqBFXKBi1HArsaPujySDckKj3lJyoO2w
3QKq17tCArb1y9gFU+OGXtn6xlsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ35DjQ
fBxxVPH8lAPrfXv5FVhEKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmMyZjRmOWYtNjJhYi00ZDUzLTg5NWMtMjI0NjlmNWNiZWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQDTW+MQ9GQH6gjPwMY6OZYGb5eJQeso0MfRjW7fJwYV
fZgNtQFzhta+1St5X2vawomPLCSbbK31iuWbag93fEzV/q8xAgUcWqT2PPUAanVY
TOMP7fcIsY4X0p5kxK09Ch8eYESeFmeL5usMCYJcs2U1X029pmCOsd3tgJlScLiD
Vviey/5Igi14UDuQn2kfwWNBFd96Om/zpbkxIgl/uyVU4cmXesox8Q6ItCz+Ek4H
enWfCnchdyLBpfNgmcmZ0zjRl3EqBNi/QUxBDZysdhpg8rNAtnus+OkvKJ4UEnGl
lHz2dxdAyk3J7w8eVLl90pLiNtETNhEcOxlg1a9pWfpk
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:21 2024 by rpki-client on console-fra.rpki-client.org