Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
File: 018d1278-2c0d-467a-ae97-a69101b9f274.roa (raw, json)
Hash identifier: fi7RwBF77Cslpr6EYiYj1ehUT8D4GzRKGk7eKvt3s3E=
Subject key identifier: 86:51:35:77:3C:E8:A6:3F:A6:97:D9:44:EB:F7:12:82:23:11:20:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 304416C3FC002619D4E6B9D6684352AC7884C2C4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:44:16:c3:fc:00:26:19:d4:e6:b9:d6:68:43:52:ac:78:84:c2:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5b21695975b35e045a447d23260ee75b85f2f15e30d208e8c5aa6995f883615e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:28:84:db:96:fa:d4:53:81:d1:7a:60:8c:5f:
5c:95:83:b4:4e:71:23:b1:05:1d:ba:44:d2:7b:d4:
89:cb:7a:d8:a9:c5:e7:6c:91:9f:1a:98:6a:a3:27:
a9:bb:9b:f9:64:d5:ea:2c:66:cd:22:c1:ed:89:a9:
28:35:b3:76:b7:9f:bf:45:43:39:0e:ec:60:b5:a8:
fa:73:bb:02:b3:d5:73:da:69:eb:6d:c2:d4:9b:a2:
2b:6b:a1:72:1f:9e:19:f1:a7:38:a0:41:34:61:1d:
9a:4b:9d:76:b2:04:4e:cf:d6:d8:3a:07:62:62:11:
b0:86:c2:25:b6:b4:ab:2b:dd:a0:a5:5b:65:b3:47:
09:cd:4f:d9:71:97:d9:9a:a0:3b:81:a5:60:65:5a:
86:83:eb:8c:7a:5c:6b:05:c8:29:4a:f5:02:83:7f:
42:82:8a:0b:f3:f8:c0:f9:42:55:53:a9:70:a0:2e:
8f:ca:b9:42:18:76:ce:54:2e:67:5a:f3:9c:b6:c5:
76:ea:f3:89:ed:bd:45:18:5e:4b:1d:15:99:37:33:
50:97:dc:1a:0e:57:30:ff:1a:23:24:4e:72:ae:fb:
75:84:df:3e:4f:0b:51:0e:91:48:08:99:6e:f1:a4:
a3:b0:d3:eb:e2:67:68:b2:dd:9f:ba:7f:31:30:67:
ca:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:51:35:77:3C:E8:A6:3F:A6:97:D9:44:EB:F7:12:82:23:11:20:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/018d1278-2c0d-467a-ae97-a69101b9f274.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:fa:65:d8:ce:92:e6:ce:b4:81:62:b2:71:83:b1:e6:74:0d:
d2:79:58:0e:34:df:c3:2f:4f:80:15:b7:74:db:68:64:e9:a7:
21:bb:a7:ff:2c:e2:c8:e8:08:5a:cf:63:71:96:32:71:ef:78:
5a:84:9a:a8:67:69:da:62:dc:39:ec:77:d8:2e:f2:e3:e9:c2:
59:58:fa:48:03:89:26:ee:8b:77:d8:cc:64:da:c4:e5:70:c2:
bc:36:c5:ef:9f:66:1a:40:01:0a:3d:2d:3c:be:2b:3f:ea:b2:
5a:e8:3d:19:15:62:38:9e:2d:26:20:21:e8:e1:32:2d:47:38:
8d:a6:d2:f0:24:b9:4a:8e:1d:74:00:fc:2d:64:a4:9a:0e:ce:
0b:b8:99:3d:72:31:f5:26:19:8a:f3:0f:77:00:89:2b:77:f5:
2f:d0:c5:d5:23:d2:7c:b1:7f:d8:fd:c2:cc:9b:0a:1e:e3:e2:
fe:14:21:3d:20:a7:57:f9:3c:66:06:31:45:7a:5a:af:fa:3e:
cb:db:6e:04:b9:7c:5c:41:08:95:33:c5:60:91:5e:8c:8b:9d:
32:5f:82:b1:ce:ff:f2:9d:e1:97:f0:b6:b1:e0:db:ca:56:3b:
22:b7:32:37:7c:c8:6d:7c:4a:09:a8:70:a3:0c:0d:a0:c2:19:
84:17:82:c4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMEQWw/wAJhnU5rnWaENSrHiEwsQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMjE2OTU5NzViMzVlMDQ1YTQ0N2QyMzI2MGVlNzViODVmMmYxNWUzMGQy
MDhlOGM1YWE2OTk1Zjg4MzYxNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0ohNuW+tRTgdF6YIxfXJWDtE5xI7EFHbpE0nvUict62KnF52yRnxqYaqMn
qbub+WTV6ixmzSLB7YmpKDWzdrefv0VDOQ7sYLWo+nO7ArPVc9pp623C1JuiK2uh
ch+eGfGnOKBBNGEdmkuddrIETs/W2DoHYmIRsIbCJba0qyvdoKVbZbNHCc1P2XGX
2ZqgO4GlYGVahoPrjHpcawXIKUr1AoN/QoKKC/P4wPlCVVOpcKAuj8q5Qhh2zlQu
Z1rznLbFdurzie29RRheSx0VmTczUJfcGg5XMP8aIyROcq77dYTfPk8LUQ6RSAiZ
bvGko7DT6+JnaLLdn7p/MTBnylsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSGUTV3
POimP6aX2UTr9xKCIxEgDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDE4ZDEyNzgtMmMwZC00NjdhLWFlOTctYTY5MTAxYjlmMjc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQAr+mXYzpLmzrSBYrJxg7HmdA3SeVgONN/DL0+AFbd0
22hk6achu6f/LOLI6Ahaz2NxljJx73hahJqoZ2naYtw57HfYLvLj6cJZWPpIA4km
7ot32Mxk2sTlcMK8NsXvn2YaQAEKPS08vis/6rJa6D0ZFWI4ni0mICHo4TItRziN
ptLwJLlKjh10APwtZKSaDs4LuJk9cjH1JhmK8w93AIkrd/Uv0MXVI9J8sX/Y/cLM
mwoe4+L+FCE9IKdX+TxmBjFFelqv+j7L224EuXxcQQiVM8VgkV6Mi50yX4Kxzv/y
neGX8Lax4NvKVjsitzI3fMhtfEoJqHCjDA2gwhmEF4LE
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org