Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa
File: e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa (raw, json)
Hash identifier: M2LGOgZ6qvtBEKzCY5w6JxEcQ17vEZClpEgnJomOGhU=
Subject key identifier: ED:D9:35:D2:E8:3B:F1:76:2D:2E:90:EC:25:E5:0C:9B:0E:7D:BB:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6034121D987D47E136C386A1CA52090D0EDF0F24
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:34:12:1d:98:7d:47:e1:36:c3:86:a1:ca:52:09:0d:0e:df:0f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=e3d7f956561ecfd1ee6b777d27fb4f1c2b0104aaa6cd8002f0d2ff1a5527dc22, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:ea:fc:c0:c8:7f:bd:2e:75:ff:fd:59:6c:
a1:ec:2b:28:a0:a5:3b:be:41:23:7e:37:2a:d0:b2:
db:ce:96:5c:ca:1a:db:d9:15:e6:84:20:51:3a:f4:
12:67:b2:b2:9b:c2:ae:85:fc:92:ca:5f:b6:e9:08:
7b:1d:ab:17:7f:e9:2c:04:08:97:53:88:b8:16:33:
cf:33:2c:89:fc:a5:e7:67:b8:35:c0:35:1b:5f:43:
e3:56:fd:34:9c:16:10:6a:e4:5f:19:21:9c:8a:7b:
5d:d8:a0:6c:de:35:66:b5:89:0f:73:d4:bd:70:66:
1a:77:d4:aa:91:47:c4:3f:2f:82:f1:11:5e:35:aa:
6a:7f:ae:9f:1d:7d:9f:e8:43:29:56:a9:0e:ab:b7:
32:b0:b1:82:82:26:7b:44:a1:d8:12:33:0b:6e:4f:
bc:81:d8:d9:69:0a:57:94:c1:f6:17:11:4f:19:99:
07:fd:9f:27:1f:c9:bf:20:6f:3a:3d:ca:3c:ad:78:
ff:1e:3a:0a:bc:bd:82:8b:f4:32:cc:76:1c:cd:87:
42:d4:dc:68:89:ba:60:a0:2c:c6:26:60:e3:e7:95:
73:bf:fd:d9:9e:c5:c4:af:f1:04:c6:6f:b1:07:1e:
5e:4e:25:81:63:93:74:aa:6b:81:76:44:c1:2b:aa:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D9:35:D2:E8:3B:F1:76:2D:2E:90:EC:25:E5:0C:9B:0E:7D:BB:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b7:0a:ff:e2:56:54:06:45:dc:73:79:2c:86:55:71:c9:c3:27:
da:7d:e0:0a:2f:e6:d5:6f:49:e6:b7:b9:a8:14:1f:5d:d3:96:
44:9e:b8:ab:3a:81:af:84:47:cf:2b:f7:84:35:ce:34:f7:c2:
a1:8d:e4:46:c5:86:c9:21:92:d4:83:12:b5:4f:af:0e:b9:87:
a2:ad:05:82:1e:bd:95:f0:9a:2b:65:7a:be:da:28:9c:4d:4e:
49:6a:8b:1e:19:da:7b:a9:d8:22:92:33:50:39:30:06:89:a7:
fe:fe:77:5d:69:0b:62:61:8a:43:c9:12:a4:b4:bc:92:6f:59:
c0:f8:1e:3c:f2:4a:35:0c:d8:34:49:73:02:60:6f:50:a9:c0:
7b:76:fe:2e:ce:a1:e7:ba:cd:45:da:7c:74:04:56:c8:53:be:
6e:76:ed:c7:c6:86:cf:d7:cb:25:6c:21:1b:e7:43:9a:63:0f:
09:37:3c:57:70:a9:5c:a5:cf:eb:79:94:44:6b:74:f7:9e:51:
db:70:f1:46:5b:b1:f3:d1:02:5a:5e:1f:de:ab:b4:3f:37:e9:
e6:82:cd:1c:4c:ec:69:b5:d9:6f:88:f2:e5:f1:75:70:d6:43:
53:4d:bb:c4:f5:a3:d1:08:41:bd:60:d1:e2:81:e2:32:63:16:
40:e5:ef:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYDQSHZh9R+E2w4ahylIJDQ7fDyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzZDdmOTU2NTYxZWNmZDFlZTZiNzc3ZDI3ZmI0ZjFjMmIwMTA0YWFhNmNk
ODAwMmYwZDJmZjFhNTUyN2RjMjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL56vzAyH+9LnX//VlsoewrKKClO75BI343KtCy286WXMoa29kV5oQgUTr0
EmeyspvCroX8kspftukIex2rF3/pLAQIl1OIuBYzzzMsifyl52e4NcA1G19D41b9
NJwWEGrkXxkhnIp7XdigbN41ZrWJD3PUvXBmGnfUqpFHxD8vgvERXjWqan+unx19
n+hDKVapDqu3MrCxgoIme0Sh2BIzC25PvIHY2WkKV5TB9hcRTxmZB/2fJx/JvyBv
Oj3KPK14/x46Cry9gov0Msx2HM2HQtTcaIm6YKAsxiZg4+eVc7/92Z7FxK/xBMZv
sQceXk4lgWOTdKprgXZEwSuqKbMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTt2TXS
6Dvxdi0ukOwl5QybDn27FDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTAwMzBiOGItYTBmNC00YzliLTgwMTAtZTFiZDY5ZDIxMWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQC3Cv/iVlQGRdxzeSyGVXHJwyfafeAKL+bVb0nmt7mo
FB9d05ZEnrirOoGvhEfPK/eENc4098KhjeRGxYbJIZLUgxK1T68OuYeirQWCHr2V
8JorZXq+2iicTU5JaoseGdp7qdgikjNQOTAGiaf+/nddaQtiYYpDyRKktLySb1nA
+B488ko1DNg0SXMCYG9QqcB7dv4uzqHnus1F2nx0BFbIU75udu3HxobP18slbCEb
50OaYw8JNzxXcKlcpc/reZREa3T3nlHbcPFGW7Hz0QJaXh/eq7Q/N+nmgs0cTOxp
tdlviPLl8XVw1kNTTbvE9aPRCEG9YNHigeIyYxZA5e/7
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org