Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bee56394-d0ee-4578-8df3-6c45679cffb6.roa
File: bee56394-d0ee-4578-8df3-6c45679cffb6.roa (raw, json)
Hash identifier: Z8hSNit4U2HdjmR7pQXQVJYNTD8XgTgCJsqCIZonnWg=
Subject key identifier: 51:69:7A:80:62:1C:F7:4B:04:D3:FB:02:F1:C9:B8:A4:29:BD:1F:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AD4A12F910140995B512A0AA4FC97EA10FE9F05
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bee56394-d0ee-4578-8df3-6c45679cffb6.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 19:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:d4:a1:2f:91:01:40:99:5b:51:2a:0a:a4:fc:97:ea:10:fe:9f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=c944162d657007f8051b7f5bfd8f76727775f562293face5d4bbb3d034cd9f17, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:97:80:c7:cb:ff:a3:f5:ce:13:a9:e5:3c:6c:
a9:73:55:4b:8e:05:fc:af:c9:34:07:73:79:b4:d9:
18:1c:0d:34:89:55:ea:09:ea:9a:32:37:0e:ab:75:
ce:a4:b9:3d:75:1c:42:20:ed:5e:4d:47:5d:da:ce:
47:b3:42:ab:32:dd:3b:7b:6a:9c:9f:8a:6a:a5:96:
92:b5:20:af:0d:32:6a:7c:54:e9:e2:7f:e2:2a:8e:
9a:4c:2b:63:af:91:37:27:81:b7:0b:9f:9c:64:ce:
11:79:f7:2f:cd:14:27:6e:aa:e6:60:aa:77:9f:51:
c8:cf:7b:65:58:82:d4:be:f1:5e:26:1a:06:7a:84:
ca:34:53:85:de:fb:a2:13:3a:be:2d:63:ad:70:f1:
7c:d4:5d:77:1d:01:69:2f:66:12:4d:ad:83:e9:bc:
6f:3b:38:bb:13:de:35:c3:84:48:c1:da:c6:6f:3b:
0d:4b:cf:cc:2b:fd:d5:29:44:d2:cd:53:15:86:e6:
38:b2:ef:85:74:ed:7e:76:e3:ac:13:58:d9:dc:91:
5d:2a:6c:71:4c:01:74:68:3f:ef:46:94:fd:4a:d9:
c7:3a:30:05:58:ff:78:fe:cf:34:18:58:06:57:b5:
fd:c5:71:0b:46:1c:1c:68:0b:f1:a8:f6:ea:af:5b:
e6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:69:7A:80:62:1C:F7:4B:04:D3:FB:02:F1:C9:B8:A4:29:BD:1F:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bee56394-d0ee-4578-8df3-6c45679cffb6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:77:e4:3a:88:24:73:d4:d3:cf:0b:fe:ee:9e:78:84:97:1f:
91:f0:6b:2a:22:70:4b:13:6d:69:3c:08:92:24:b4:46:70:2a:
db:48:f5:f6:b3:79:d5:ea:2c:bd:e8:39:eb:94:cf:6b:73:96:
87:92:52:5d:ce:00:9f:04:8b:b7:ae:09:87:9a:5f:f8:9f:8e:
ee:a3:fe:0d:3f:92:50:9f:31:c2:68:26:b8:a2:d1:bd:f2:5b:
c1:01:7d:91:f5:5e:8c:54:45:fd:3f:f0:1d:10:0f:cf:cb:18:
73:03:77:ba:32:03:2d:d2:a1:0c:4c:48:8b:72:0a:3c:86:09:
14:0e:dd:2a:b3:2e:1c:d8:a2:7c:c8:88:29:b9:4d:28:83:13:
29:30:82:2f:4a:31:55:4c:46:49:e1:7b:48:76:35:d5:3e:6e:
6c:73:2d:32:0e:b8:98:ea:c4:8e:e1:ab:2d:2e:73:23:23:cc:
57:df:15:a9:29:ce:38:32:47:39:88:73:13:6c:c8:20:ea:b2:
9d:b7:f3:82:23:46:d1:3a:80:8c:f5:73:2a:05:4f:98:36:86:
6d:d1:4a:58:fa:34:88:8e:8d:0d:e7:08:b3:51:08:b1:9e:01:
1e:cd:31:91:5a:6f:6e:6f:9b:2c:c7:14:be:4b:31:0d:85:4e:
5f:20:27:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOtShL5EBQJlbUSoKpPyX6hD+nwUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5NDQxNjJkNjU3MDA3ZjgwNTFiN2Y1YmZkOGY3NjcyNzc3NWY1NjIyOTNm
YWNlNWQ0YmJiM2QwMzRjZDlmMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyXgMfL/6P1zhOp5TxsqXNVS44F/K/JNAdzebTZGBwNNIlV6gnqmjI3Dqt1
zqS5PXUcQiDtXk1HXdrOR7NCqzLdO3tqnJ+KaqWWkrUgrw0yanxU6eJ/4iqOmkwr
Y6+RNyeBtwufnGTOEXn3L80UJ26q5mCqd59RyM97ZViC1L7xXiYaBnqEyjRThd77
ohM6vi1jrXDxfNRddx0BaS9mEk2tg+m8bzs4uxPeNcOESMHaxm87DUvPzCv91SlE
0s1TFYbmOLLvhXTtfnbjrBNY2dyRXSpscUwBdGg/70aU/UrZxzowBVj/eP7PNBhY
Ble1/cVxC0YcHGgL8aj26q9b5ocCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRRaXqA
Yhz3SwTT+wLxybikKb0fVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVlNTYzOTQtZDBlZS00NTc4LThkZjMtNmM0NTY3OWNmZmI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAod+Q6iCRz1NPPC/7unniElx+R8GsqInBLE21pPAiS
JLRGcCrbSPX2s3nV6iy96DnrlM9rc5aHklJdzgCfBIu3rgmHml/4n47uo/4NP5JQ
nzHCaCa4otG98lvBAX2R9V6MVEX9P/AdEA/PyxhzA3e6MgMt0qEMTEiLcgo8hgkU
Dt0qsy4c2KJ8yIgpuU0ogxMpMIIvSjFVTEZJ4XtIdjXVPm5scy0yDriY6sSO4ast
LnMjI8xX3xWpKc44Mkc5iHMTbMgg6rKdt/OCI0bROoCM9XMqBU+YNoZt0UpY+jSI
jo0N5wizUQixngEezTGRWm9ub5ssxxS+SzENhU5fICdx
-----END CERTIFICATE-----
Generated at Tue Apr 30 01:02:50 2024 by rpki-client on console-fra.rpki-client.org