Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
File: f71d7429-ef0b-424d-9e36-741d62d1968a.roa (raw, json)
Hash identifier: YjNo9CxqAUBWb+Yt6WPQUdQv6glavuWmSYVQJUD7B+s=
Subject key identifier: 18:D7:3F:F1:16:33:8D:18:59:90:F4:3F:D3:94:B0:C4:CB:E0:77:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1557884DD4D12FD5358EC07DE66AD447E5174BA6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:57:88:4d:d4:d1:2f:d5:35:8e:c0:7d:e6:6a:d4:47:e5:17:4b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3f9fd3ff74eba0589d3ba9e932df15bd5ca5c902b013e8ab8db34b21e5532c3f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6c:2c:d8:e4:5c:28:12:be:33:23:6d:63:b3:
dc:af:ee:90:db:f9:15:95:35:3e:65:4f:5e:49:8c:
a9:49:f9:4d:c2:42:a9:81:bd:1b:29:ca:9e:b7:aa:
7b:94:7a:a4:b9:38:f8:fb:ed:c0:ee:0d:0a:4a:ec:
b6:18:62:65:8f:29:88:47:31:5b:4a:27:dc:20:bc:
b1:f7:3a:12:43:13:b0:46:96:b0:e6:b2:66:4f:18:
5a:c3:2e:d7:2e:9e:b7:bc:de:53:4a:14:19:74:29:
0d:10:05:18:6f:bf:7b:28:44:71:18:cb:fe:ac:6f:
d7:06:b2:af:88:23:df:18:91:7b:e9:f0:98:98:ba:
b3:88:dd:f6:a9:2e:a5:d1:1c:25:cc:f0:ce:8b:1a:
49:be:dc:42:e1:45:5a:91:9b:63:0f:b1:ae:57:a3:
f3:72:2a:47:b4:91:b7:a1:c7:8d:6c:66:5c:22:4e:
99:20:7b:1c:72:0c:7f:f3:df:0f:13:00:d1:f8:25:
05:a1:ff:24:b9:e5:b0:88:c0:2f:cd:af:6b:c4:fb:
15:f4:aa:e1:a3:95:f5:80:b1:d9:b6:9f:85:64:92:
b5:fd:40:df:9d:7f:77:8c:c0:29:46:75:c1:30:10:
e6:8f:ea:31:9a:48:39:0f:20:33:58:59:f7:37:7d:
91:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D7:3F:F1:16:33:8D:18:59:90:F4:3F:D3:94:B0:C4:CB:E0:77:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f71d7429-ef0b-424d-9e36-741d62d1968a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ab:fe:69:46:80:f7:f2:b4:21:62:73:71:69:b9:8d:00:21:25:
c0:40:fd:06:47:50:28:d9:76:93:fa:f5:8c:a8:cd:a4:d8:28:
3b:76:a0:d8:bc:6b:4b:23:56:63:90:a1:50:74:1c:a4:e2:60:
73:74:80:3f:98:08:c8:35:3e:ab:a3:ae:2a:dc:5e:62:22:b7:
ea:5d:06:d8:b0:a9:21:d1:83:12:09:3e:ea:2e:ba:16:50:c6:
93:30:08:48:fa:d7:1e:70:e0:0b:ed:39:08:9f:b2:36:28:d9:
e7:3b:63:4d:0e:89:31:74:cb:d8:70:d0:75:b2:f4:67:f2:8c:
37:c0:df:ae:40:45:db:7c:b1:c1:d3:72:ab:d2:70:ea:76:84:
5b:5d:2b:11:8d:f0:ff:c2:b1:98:1c:33:1b:a6:1e:d8:2c:34:
ca:e9:cc:a2:4e:e2:74:21:94:6c:63:cb:b9:64:c8:63:17:36:
e6:37:1a:7b:2e:b5:74:d6:bf:bf:55:9e:26:72:40:b9:3c:b0:
ab:63:de:ab:e0:e4:55:6b:4b:6b:31:e5:4a:fa:37:83:dc:c7:
d4:05:2a:e6:20:e9:d8:0b:b9:f8:f2:a9:bb:df:05:0d:ee:f7:
bd:2f:79:15:86:3c:2a:b7:17:10:10:bf:4e:31:36:16:e2:51:
2b:dd:6c:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFVeITdTRL9U1jsB95mrUR+UXS6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmOWZkM2ZmNzRlYmEwNTg5ZDNiYTllOTMyZGYxNWJkNWNhNWM5MDJiMDEz
ZThhYjhkYjM0YjIxZTU1MzJjM2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIpsLNjkXCgSvjMjbWOz3K/ukNv5FZU1PmVPXkmMqUn5TcJCqYG9GynKnreq
e5R6pLk4+PvtwO4NCkrsthhiZY8piEcxW0on3CC8sfc6EkMTsEaWsOayZk8YWsMu
1y6et7zeU0oUGXQpDRAFGG+/eyhEcRjL/qxv1wayr4gj3xiRe+nwmJi6s4jd9qku
pdEcJczwzosaSb7cQuFFWpGbYw+xrlej83IqR7SRt6HHjWxmXCJOmSB7HHIMf/Pf
DxMA0fglBaH/JLnlsIjAL82va8T7FfSq4aOV9YCx2bafhWSStf1A351/d4zAKUZ1
wTAQ5o/qMZpIOQ8gM1hZ9zd9kc8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQY1z/x
FjONGFmQ9D/TlLDEy+B3ZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjcxZDc0MjktZWYwYi00MjRkLTllMzYtNzQxZDYyZDE5NjhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCr/mlGgPfytCFic3FpuY0AISXAQP0GR1Ao2XaT+vWM
qM2k2Cg7dqDYvGtLI1ZjkKFQdByk4mBzdIA/mAjINT6ro64q3F5iIrfqXQbYsKkh
0YMSCT7qLroWUMaTMAhI+tcecOAL7TkIn7I2KNnnO2NNDokxdMvYcNB1svRn8ow3
wN+uQEXbfLHB03Kr0nDqdoRbXSsRjfD/wrGYHDMbph7YLDTK6cyiTuJ0IZRsY8u5
ZMhjFzbmNxp7LrV01r+/VZ4mckC5PLCrY96r4ORVa0trMeVK+jeD3MfUBSrmIOnY
C7n48qm73wUN7ve9L3kVhjwqtxcQEL9OMTYW4lEr3WwP
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org