Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: Nk4Tc5KiZU2fP/Kc+pZxCM3BYA91nYkCEkweIPMl0vo=
Subject key identifier: CC:33:D3:A2:22:91:53:5C:12:AF:18:94:62:EB:DF:1C:3D:03:16:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 177AF97DB204599066AE146D35F66AC5F589386B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Tue 05 Mar 2024 00:00:00 +0000
ROA not before: Tue 05 Mar 2024 00:00:00 +0000
ROA not after: Tue 09 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:7a:f9:7d:b2:04:59:90:66:ae:14:6d:35:f6:6a:c5:f5:89:38:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 5 00:00:00 2024 GMT
Not After : Apr 9 23:59:59 2024 GMT
Subject: serialNumber=11815889c43a385c61172b9d78be061ab1ee60dd60b3f3145fd76a16296e48a4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:51:1f:ea:1d:88:74:d1:dd:24:c6:f5:93:
23:8b:5a:74:bf:03:1e:20:1f:a2:4e:e3:0d:12:87:
f3:3e:69:0b:bf:e6:23:9c:98:9b:7d:d6:a5:24:fd:
70:a9:bd:69:15:0a:1d:0f:f7:2d:37:c5:89:e3:b2:
74:f2:37:73:1e:23:25:38:0c:e4:29:b5:f5:8e:3b:
92:d3:c3:86:27:d9:51:4b:0e:9f:2e:0a:42:1c:69:
32:81:91:6a:fb:70:fa:fb:71:ab:ee:8c:c4:b8:52:
4c:9d:0f:db:4e:61:38:20:28:07:b0:48:9c:2f:ff:
7d:fb:8c:00:cb:0e:d3:bc:65:3c:15:35:0a:7c:10:
0f:8b:1d:66:4a:cd:f6:8a:fb:72:fa:29:d9:a9:6d:
41:b8:92:2a:eb:62:f8:00:f0:7d:5d:b9:42:4c:a6:
0f:d0:0c:8b:bb:70:50:7b:66:e0:7c:2d:36:86:0f:
84:33:f7:b3:a2:14:6c:de:55:c9:da:7c:2c:22:b4:
a8:24:1d:24:37:d8:22:65:9f:73:5b:f2:46:c9:f5:
c3:30:92:46:63:46:46:86:73:93:75:47:85:f8:cf:
00:68:38:23:5b:15:9f:68:bd:0e:05:2a:7f:ec:55:
96:81:7d:f1:f9:d6:b0:fc:e9:ae:b1:f6:7c:de:b2:
6b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:33:D3:A2:22:91:53:5C:12:AF:18:94:62:EB:DF:1C:3D:03:16:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0e:ab:6d:4d:86:e8:ca:21:2e:e6:b2:1c:9c:2f:86:da:fa:50:
80:86:ed:8a:7d:d7:68:87:be:ca:4b:35:b6:55:6a:8c:6a:17:
42:87:f9:b8:e2:b7:d6:fa:2d:c4:a2:9f:d1:5a:24:cd:99:9e:
a5:c2:07:59:0b:08:c1:04:76:08:60:3b:87:5f:74:73:5b:ad:
3c:42:a1:49:db:cb:a4:37:36:b9:94:16:e1:22:15:c8:11:a1:
10:40:0c:d1:9b:9b:78:a4:87:b5:73:17:3d:5e:42:9a:57:8d:
de:3d:d3:ac:d7:f6:0d:37:3f:4a:cc:c1:82:bf:5d:65:8d:8b:
01:69:6b:41:27:6c:33:fb:db:5c:83:50:b8:ca:04:aa:5f:a1:
99:53:72:13:6d:8e:bf:a9:62:b3:f9:a4:31:94:b3:a7:75:9c:
33:17:64:6d:0f:e2:45:96:b3:b4:07:ec:e1:8c:13:d3:0a:7a:
80:ff:1a:fd:61:7e:dc:fe:19:a8:f8:3e:b2:36:9a:26:de:3c:
56:d6:67:b6:95:b1:e9:a6:b0:2e:d4:19:3a:3c:52:91:58:4f:
51:63:bb:c1:4b:bd:5a:58:cf:23:e2:0e:d8:59:83:5a:1f:9d:
fe:5c:53:7f:7c:03:b1:1d:86:c3:9e:27:6d:4f:b5:00:f4:59:
30:96:1c:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF3r5fbIEWZBmrhRtNfZqxfWJOGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMDUwMDAwMDBaFw0yNDA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDExODE1ODg5YzQzYTM4NWM2MTE3MmI5ZDc4YmUwNjFhYjFlZTYwZGQ2MGIz
ZjMxNDVmZDc2YTE2Mjk2ZTQ4YTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkzUR/qHYh00d0kxvWTI4tadL8DHiAfok7jDRKH8z5pC7/mI5yYm33WpST9
cKm9aRUKHQ/3LTfFieOydPI3cx4jJTgM5Cm19Y47ktPDhifZUUsOny4KQhxpMoGR
avtw+vtxq+6MxLhSTJ0P205hOCAoB7BInC//ffuMAMsO07xlPBU1CnwQD4sdZkrN
9or7cvop2altQbiSKuti+ADwfV25QkymD9AMi7twUHtm4HwtNoYPhDP3s6IUbN5V
ydp8LCK0qCQdJDfYImWfc1vyRsn1wzCSRmNGRoZzk3VHhfjPAGg4I1sVn2i9DgUq
f+xVloF98fnWsPzprrH2fN6ya68CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMM9Oi
IpFTXBKvGJRi698cPQMWKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQAOq21NhujKIS7mshycL4ba+lCAhu2Kfddoh77KSzW2
VWqMahdCh/m44rfW+i3Eop/RWiTNmZ6lwgdZCwjBBHYIYDuHX3RzW608QqFJ28uk
Nza5lBbhIhXIEaEQQAzRm5t4pIe1cxc9XkKaV43ePdOs1/YNNz9KzMGCv11ljYsB
aWtBJ2wz+9tcg1C4ygSqX6GZU3ITbY6/qWKz+aQxlLOndZwzF2RtD+JFlrO0B+zh
jBPTCnqA/xr9YX7c/hmo+D6yNpom3jxW1me2lbHpprAu1Bk6PFKRWE9RY7vBS71a
WM8j4g7YWYNaH53+XFN/fAOxHYbDnidtT7UA9FkwlhxP
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:28 2024 by rpki-client on console-ams.rpki-client.org