Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cbe95385-fe81-4c34-adbd-731e6cec5432.roa
File: cbe95385-fe81-4c34-adbd-731e6cec5432.roa (raw, json)
Hash identifier: ilBDAbfDhfGbNeRQDWjqMGCqqLMBolLqen6ou2CI0Vw=
Subject key identifier: 18:C5:CD:1A:1F:89:6B:0D:44:F4:8E:ED:9E:36:3B:D2:91:7D:E7:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78C7CA3F00F2E5EAF8EC67A05E94EB684804FDA0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cbe95385-fe81-4c34-adbd-731e6cec5432.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c7:ca:3f:00:f2:e5:ea:f8:ec:67:a0:5e:94:eb:68:48:04:fd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2b12fe9d29612b1146453acdd46e5f84c84afbcc06080064496dff9cdca2992a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:98:f6:41:b6:20:b5:9b:9c:09:7c:50:d5:
be:b4:00:82:50:8c:9c:52:5c:c8:d0:0a:66:ee:89:
ac:23:bb:c7:c8:24:a8:89:a4:39:de:95:6f:a0:de:
e9:9e:9c:cd:25:87:f0:28:9f:95:47:77:ef:c4:62:
aa:8f:d0:ab:18:47:33:af:7e:34:d7:ff:24:ae:f4:
e2:09:91:4e:b1:cf:e8:f1:89:c1:37:40:0e:ab:7c:
4b:ef:a0:3c:71:6a:64:c8:f8:96:1a:66:ed:61:a0:
4a:5b:25:8b:a3:51:0e:88:4c:53:3d:cf:51:a8:1b:
51:8e:f4:54:ec:ad:3e:c3:58:53:7d:0b:84:54:fe:
db:86:6a:7d:b7:49:22:3b:62:1f:fc:4e:f4:43:31:
66:44:c6:04:1f:89:c8:ae:f7:0e:12:29:13:71:ca:
47:c5:50:f8:53:aa:d1:f7:89:98:11:82:8c:32:12:
a2:06:ba:11:8f:c3:5f:46:fb:12:9e:b0:36:f0:d8:
d5:05:23:2e:ee:92:50:09:b3:39:70:96:03:fd:ee:
b5:d5:99:d4:f4:f0:00:20:28:be:e9:0c:1c:9d:23:
b9:f5:7d:55:b0:5e:f9:81:2a:f6:6c:b1:66:ae:f4:
47:34:72:15:26:1f:5e:c2:73:9d:e9:6d:2e:07:67:
fa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C5:CD:1A:1F:89:6B:0D:44:F4:8E:ED:9E:36:3B:D2:91:7D:E7:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cbe95385-fe81-4c34-adbd-731e6cec5432.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8e:51:a1:07:30:ae:9b:41:04:2a:f7:93:b8:fd:fc:a4:30:6d:
b0:83:12:2a:6d:63:33:5b:bf:3e:78:45:de:bb:61:15:ea:29:
f1:15:d1:66:62:cc:df:19:01:a2:b3:d8:73:bc:c2:37:a6:8e:
bb:93:7d:b5:f7:6f:ef:e1:00:d3:79:24:12:2d:fd:6c:33:1f:
30:87:af:55:c6:4d:e1:3d:75:97:3f:e7:f9:5d:12:10:8c:56:
2a:7f:89:13:c0:6b:74:0b:bc:62:a6:7f:d1:44:12:8c:e2:f0:
f7:eb:dd:fd:96:b4:fb:e2:90:47:bd:49:4a:5d:26:fb:ce:25:
9b:2b:de:b7:b4:26:ac:06:d0:98:af:ea:e0:46:04:ce:5e:7f:
07:f7:12:67:f9:99:4f:0e:59:53:b2:52:a4:34:ca:51:f2:6b:
19:0f:39:af:f6:81:e9:75:e7:4c:75:ac:8e:3b:1d:64:e3:b2:
68:32:c6:bf:48:da:4c:65:58:90:b1:d2:d2:11:2c:f6:b0:bc:
30:79:a6:6f:7a:54:bb:a3:d0:77:64:c1:aa:1e:79:ff:ff:7b:
a4:12:e4:b6:87:d4:4b:cf:9d:3a:b8:6a:b3:86:b9:c4:dd:02:
bd:12:81:bc:35:07:d2:e2:c1:13:45:52:8f:68:d5:76:19:71:
cb:3e:a3:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeMfKPwDy5er47GegXpTraEgE/aAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiMTJmZTlkMjk2MTJiMTE0NjQ1M2FjZGQ0NmU1Zjg0Yzg0YWZiY2MwNjA4
MDA2NDQ5NmRmZjljZGNhMjk5MmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjUmPZBtiC1m5wJfFDVvrQAglCMnFJcyNAKZu6JrCO7x8gkqImkOd6Vb6De
6Z6czSWH8CiflUd378Riqo/QqxhHM69+NNf/JK704gmRTrHP6PGJwTdADqt8S++g
PHFqZMj4lhpm7WGgSlsli6NRDohMUz3PUagbUY70VOytPsNYU30LhFT+24ZqfbdJ
IjtiH/xO9EMxZkTGBB+JyK73DhIpE3HKR8VQ+FOq0feJmBGCjDISoga6EY/DX0b7
Ep6wNvDY1QUjLu6SUAmzOXCWA/3utdWZ1PTwACAovukMHJ0jufV9VbBe+YEq9myx
Zq70RzRyFSYfXsJzneltLgdn+nECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYxc0a
H4lrDUT0ju2eNjvSkX3n1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2JlOTUzODUtZmU4MS00YzM0LWFkYmQtNzMxZTZjZWM1NDMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCOUaEHMK6bQQQq95O4/fykMG2wgxIqbWMzW78+eEXe
u2EV6inxFdFmYszfGQGis9hzvMI3po67k32192/v4QDTeSQSLf1sMx8wh69Vxk3h
PXWXP+f5XRIQjFYqf4kTwGt0C7xipn/RRBKM4vD36939lrT74pBHvUlKXSb7ziWb
K963tCasBtCYr+rgRgTOXn8H9xJn+ZlPDllTslKkNMpR8msZDzmv9oHpdedMdayO
Ox1k47JoMsa/SNpMZViQsdLSESz2sLwweaZvelS7o9B3ZMGqHnn//3ukEuS2h9RL
z506uGqzhrnE3QK9EoG8NQfS4sETRVKPaNV2GXHLPqMr
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org