Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa
File: f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa (raw, json)
Hash identifier: gziBn9n0z3OloKmSWdCIENmSns6pHmNjBvMBv/oj+Wk=
Subject key identifier: BA:89:30:69:34:AC:2D:88:95:EC:97:7E:4C:AF:1A:FC:C2:8B:C5:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F2E5316087787A5A50CC531A741469A5FF6784B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa
Signing time: Sat 13 Apr 2024 00:00:00 +0000
ROA not before: Sat 13 Apr 2024 00:00:00 +0000
ROA not after: Sat 18 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:2e:53:16:08:77:87:a5:a5:0c:c5:31:a7:41:46:9a:5f:f6:78:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 13 00:00:00 2024 GMT
Not After : May 18 23:59:59 2024 GMT
Subject: serialNumber=fe8a28f59b6664c18fd34528ef749a54af6cc237108aaa6d0da0eb1803fc9b0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:4e:76:ed:18:6e:4c:1f:8f:b6:e9:7b:1c:
14:43:1f:9d:07:88:ef:69:14:1c:3f:d1:af:bb:b4:
9e:14:49:f7:2a:fb:9d:17:65:59:fd:1c:e6:15:d0:
57:03:4f:6a:1a:fb:ff:82:ff:68:5e:ba:1c:b0:b0:
7a:dc:74:02:1b:23:ee:35:2f:6f:70:92:3e:28:61:
48:96:f4:56:ae:c2:2a:6b:1a:0e:ec:89:31:39:b5:
1a:f8:1d:24:65:d0:79:ce:a8:01:15:ef:4c:98:b2:
1a:df:e2:7d:35:d5:e7:06:2a:fb:0a:a5:a0:98:e6:
20:74:e0:df:0a:45:fe:eb:ca:66:ad:92:41:58:02:
8c:96:8e:d1:f4:e1:99:e0:7f:44:9b:d2:f7:94:0f:
f7:28:93:a1:a9:a2:35:de:2f:4b:4a:88:bf:52:22:
ca:e5:7d:02:85:4e:32:e5:d1:5a:41:19:52:ab:90:
1e:f2:a5:47:67:fd:83:7b:98:40:c7:a8:b6:82:94:
c6:97:e6:fa:ac:53:79:52:e0:97:49:b9:19:26:f2:
fd:3e:22:65:3f:f7:f6:73:9d:2b:9b:22:92:15:2b:
3c:f7:75:96:e5:09:ac:2f:98:46:f8:ad:12:b0:de:
1d:08:9a:2d:4b:35:f6:45:b2:b7:de:f9:96:c6:e1:
d2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:89:30:69:34:AC:2D:88:95:EC:97:7E:4C:AF:1A:FC:C2:8B:C5:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.80.0/21
Signature Algorithm: sha256WithRSAEncryption
60:59:81:58:5c:25:dc:07:ce:1d:72:3c:a8:72:a2:9b:71:2a:
70:d8:ff:f7:85:90:6c:9b:1a:4b:2f:08:0c:5f:ba:59:31:15:
d8:5c:77:9b:23:be:47:28:98:3d:32:09:8a:f9:bd:55:f1:d7:
85:79:df:b0:0e:d3:2b:b5:4b:66:9f:9f:b4:8b:a6:04:f3:f2:
ee:c5:8d:11:86:d2:cd:01:5b:7d:40:ab:e2:86:2f:be:ce:d6:
ab:a4:d0:46:a2:7c:65:7a:10:81:a6:8d:ad:b5:3c:56:48:28:
94:f4:b6:04:9a:6b:85:a9:1b:b2:7a:dc:a7:b1:d2:66:cf:bc:
d1:98:cb:c0:9a:b7:ea:e6:1b:94:2d:59:75:6b:26:a0:f4:9c:
25:61:14:62:9f:77:77:fd:23:89:b2:1f:fe:43:a7:51:c7:c4:
a6:d0:b8:36:d4:77:12:79:86:ed:ae:a3:b1:6a:d8:4f:62:90:
b7:3a:13:cf:35:67:91:53:7f:09:bf:59:3e:4f:05:39:c0:54:
e5:e7:cd:0a:00:90:70:c9:13:69:f8:fc:ec:eb:25:0e:41:f3:
70:5e:8e:7d:f0:1a:7d:b9:43:0b:57:6b:9c:bc:1a:aa:58:bb:
9d:42:18:7d:89:89:c1:9f:bc:a9:4c:c5:7c:c4:20:3a:48:76:
23:03:cd:a9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfy5TFgh3h6WlDMUxp0FGml/2eEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MTMwMDAwMDBaFw0yNDA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlOGEyOGY1OWI2NjY0YzE4ZmQzNDUyOGVmNzQ5YTU0YWY2Y2MyMzcxMDhh
YWE2ZDBkYTBlYjE4MDNmYzliMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS3TnbtGG5MH4+26XscFEMfnQeI72kUHD/Rr7u0nhRJ9yr7nRdlWf0c5hXQ
VwNPahr7/4L/aF66HLCwetx0Ahsj7jUvb3CSPihhSJb0Vq7CKmsaDuyJMTm1Gvgd
JGXQec6oARXvTJiyGt/ifTXV5wYq+wqloJjmIHTg3wpF/uvKZq2SQVgCjJaO0fTh
meB/RJvS95QP9yiToamiNd4vS0qIv1IiyuV9AoVOMuXRWkEZUquQHvKlR2f9g3uY
QMeotoKUxpfm+qxTeVLgl0m5GSby/T4iZT/39nOdK5sikhUrPPd1luUJrC+YRvit
ErDeHQiaLUs19kWyt975lsbh0hcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS6iTBp
NKwtiJXsl35Mrxr8wovF/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjZmNTM1M2YtZDhmYS00YWNhLWI5YzItMDZhOWI3NzE2ZGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAUDAN
BgkqhkiG9w0BAQsFAAOCAQEAYFmBWFwl3AfOHXI8qHKim3EqcNj/94WQbJsaSy8I
DF+6WTEV2Fx3myO+RyiYPTIJivm9VfHXhXnfsA7TK7VLZp+ftIumBPPy7sWNEYbS
zQFbfUCr4oYvvs7Wq6TQRqJ8ZXoQgaaNrbU8VkgolPS2BJprhakbsnrcp7HSZs+8
0ZjLwJq36uYblC1ZdWsmoPScJWEUYp93d/0jibIf/kOnUcfEptC4NtR3EnmG7a6j
sWrYT2KQtzoTzzVnkVN/Cb9ZPk8FOcBU5efNCgCQcMkTafj87OslDkHzcF6OffAa
fblDC1drnLwaqli7nUIYfYmJwZ+8qUzFfMQgOkh2IwPNqQ==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:30 2024 by rpki-client on console-fra.rpki-client.org