Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: Qjcl/Pr8PSuqVmNwx2NnEqUzJxCEjA6zS/9wMKtzkBk=
Subject key identifier: D5:83:CB:7D:F0:05:D2:4D:B1:10:3A:96:7D:7E:FF:0C:E8:AC:D9:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31365800CCBF147CE10F7371ABC596815C8250DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:36:58:00:cc:bf:14:7c:e1:0f:73:71:ab:c5:96:81:5c:82:50:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2a7cf36efea60b335bb245f330810c0285f5c4cfcc17d29e93d451b324b53e61, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:25:60:ef:4d:55:8b:10:95:a3:03:d5:56:74:
54:02:06:3a:54:67:9b:33:6d:ec:f7:bd:ae:75:2e:
85:37:2d:5c:b5:80:c9:34:db:3c:b7:57:9e:d0:22:
58:b9:07:8d:d1:42:d3:82:26:5f:bc:10:12:ee:84:
c8:3d:e0:cf:fb:fc:10:29:d0:19:e8:8b:43:62:e3:
fb:75:d0:88:a2:b4:86:e1:2e:ca:85:8b:70:85:ea:
41:ae:5f:bb:2e:82:23:d1:75:69:70:a3:2e:0e:6d:
60:20:4e:9d:51:f0:14:ce:00:b7:b3:ec:47:13:f0:
24:50:ce:d7:be:23:ea:33:2a:de:2a:51:46:7e:d7:
1c:9e:96:ed:c0:7b:81:01:ac:a5:fe:68:1d:45:aa:
8f:58:5b:1e:d7:94:c5:cb:91:50:d9:e1:69:2a:74:
6a:50:ff:e7:19:51:09:05:0f:8a:2a:8e:be:00:84:
c8:56:72:fb:5d:69:c9:bc:d7:1e:53:ee:e6:d7:22:
d2:51:b1:1b:d5:a3:7b:cd:f5:34:f4:dc:a6:7c:3d:
84:e2:31:a1:54:0c:ae:bd:86:71:fd:af:39:bc:39:
2b:bc:5a:57:cf:ca:78:38:0f:00:57:f1:bf:eb:c8:
33:68:d7:95:d8:26:2c:e9:89:15:ec:be:e1:aa:cc:
33:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:83:CB:7D:F0:05:D2:4D:B1:10:3A:96:7D:7E:FF:0C:E8:AC:D9:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:3f:df:77:1c:02:17:c0:c4:c8:94:48:da:ac:a0:68:0d:54:
f4:95:40:03:6b:b0:65:69:4b:d2:a8:c0:85:3f:8c:98:24:91:
e3:24:3c:98:c6:0e:78:fa:05:bb:42:95:6f:6d:62:ba:6a:f9:
3f:2e:76:32:4b:3d:8b:89:2c:4d:c7:45:fa:9c:26:27:0a:e9:
8d:29:6e:a9:91:7a:c3:d5:58:64:77:ba:14:1c:42:81:17:b0:
85:3b:a0:f3:08:50:90:a8:16:ab:7c:20:f6:f3:c1:47:bd:5c:
3a:7c:19:a8:4a:cf:ec:98:ba:b0:18:45:69:05:11:fa:3f:67:
7d:6a:6c:f1:70:8a:d0:6c:dc:0e:57:f2:7e:b9:b6:be:fc:8e:
38:9c:2d:0a:22:23:f8:94:26:77:5e:d0:5e:69:07:d4:ce:1d:
7b:3c:71:d9:b1:ce:3e:bc:3d:00:6a:41:3e:17:03:fa:e8:1f:
76:b8:69:40:97:09:e6:99:9e:7c:a2:81:3e:45:e4:b4:38:de:
9d:a9:e7:f6:38:a1:0f:66:ad:a4:f0:e2:84:21:20:d7:4f:06:
8c:6e:c4:e6:62:b1:3c:49:e6:19:00:8d:19:01:b6:53:d5:19:
d9:92:dd:d4:a1:08:79:4d:07:9d:bc:08:dd:ee:1d:3c:1f:64:
c7:dd:65:e9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMTZYAMy/FHzhD3Nxq8WWgVyCUN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhN2NmMzZlZmVhNjBiMzM1YmIyNDVmMzMwODEwYzAyODVmNWM0Y2ZjYzE3
ZDI5ZTkzZDQ1MWIzMjRiNTNlNjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAlYO9NVYsQlaMD1VZ0VAIGOlRnmzNt7Pe9rnUuhTctXLWAyTTbPLdXntAi
WLkHjdFC04ImX7wQEu6EyD3gz/v8ECnQGeiLQ2Lj+3XQiKK0huEuyoWLcIXqQa5f
uy6CI9F1aXCjLg5tYCBOnVHwFM4At7PsRxPwJFDO174j6jMq3ipRRn7XHJ6W7cB7
gQGspf5oHUWqj1hbHteUxcuRUNnhaSp0alD/5xlRCQUPiiqOvgCEyFZy+11pybzX
HlPu5tci0lGxG9Wje831NPTcpnw9hOIxoVQMrr2Gcf2vObw5K7xaV8/KeDgPAFfx
v+vIM2jXldgmLOmJFey+4arMMyUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTVg8t9
8AXSTbEQOpZ9fv8M6KzZHzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQAMP993HAIXwMTIlEjarKBoDVT0lUADa7BlaUvSqMCF
P4yYJJHjJDyYxg54+gW7QpVvbWK6avk/LnYySz2LiSxNx0X6nCYnCumNKW6pkXrD
1Vhkd7oUHEKBF7CFO6DzCFCQqBarfCD288FHvVw6fBmoSs/smLqwGEVpBRH6P2d9
amzxcIrQbNwOV/J+uba+/I44nC0KIiP4lCZ3XtBeaQfUzh17PHHZsc4+vD0AakE+
FwP66B92uGlAlwnmmZ58ooE+ReS0ON6dqef2OKEPZq2k8OKEISDXTwaMbsTmYrE8
SeYZAI0ZAbZT1RnZkt3UoQh5TQedvAjd7h08H2TH3WXp
-----END CERTIFICATE-----
Generated at Thu Apr 25 16:40:22 2024 by rpki-client on console-ams.rpki-client.org