Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
File: 06aca655-45be-4c1b-a8aa-1f048326385e.roa (raw, json)
Hash identifier: /+mV0C/YZukDQbD/pDInYzr0WqJQ6DaeykKgUHJX7o0=
Subject key identifier: 58:36:C0:DC:AA:AC:A6:12:99:DA:CD:86:F1:F1:32:90:93:82:93:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49C9273031CEFE5A58186A6F88F595A209FAEFDB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:c9:27:30:31:ce:fe:5a:58:18:6a:6f:88:f5:95:a2:09:fa:ef:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=61bd08190651da100cd534691f9558c757ba8fcd930703753c8d006ada148beb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2f:7a:03:b0:13:7a:90:aa:10:ac:4d:fd:35:
dc:ff:48:91:ed:56:4b:47:c3:b2:b0:ee:54:36:89:
6b:50:b8:14:22:a6:7b:d2:67:87:f5:e3:1f:06:95:
4c:06:93:11:df:96:f0:6f:44:bb:a9:d4:f6:a8:de:
8a:d1:3a:91:df:e4:50:a3:3c:34:7b:4c:74:bc:d5:
8f:22:96:29:a8:05:5b:10:53:76:78:f1:f0:32:d0:
d7:5d:ea:29:c7:f3:79:1a:01:77:7b:8d:4d:41:df:
c0:e5:05:fa:60:61:14:22:6f:eb:35:ef:08:ff:73:
dc:58:d1:6f:e1:c4:e6:42:2e:bc:31:9e:23:73:9d:
70:68:8d:d2:a6:f4:a1:a6:10:d0:02:6f:76:1d:8b:
de:04:c6:74:a7:c9:38:03:4d:1d:25:36:21:8d:d3:
62:dc:d3:28:4a:34:52:66:37:81:f9:52:14:5a:05:
bf:08:d7:52:99:08:24:ac:be:fd:32:74:60:fd:39:
d0:6f:eb:62:1f:bc:5e:09:e4:21:bb:ed:e7:30:44:
fa:17:c7:2f:43:b0:19:d6:b3:44:cc:47:8a:9e:cb:
db:1c:8e:81:e6:e9:35:90:b4:c6:02:f7:03:a2:8b:
af:1f:75:ac:08:ad:cd:96:78:12:b4:84:c3:0f:98:
04:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:36:C0:DC:AA:AC:A6:12:99:DA:CD:86:F1:F1:32:90:93:82:93:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06aca655-45be-4c1b-a8aa-1f048326385e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
68:aa:43:c6:ca:4e:4d:6b:d4:e7:15:5b:19:fa:c0:cf:26:34:
30:2d:f4:f1:a4:36:d6:fe:2a:ba:c0:b9:1c:91:cb:48:6c:e3:
90:8a:41:6f:24:da:bf:9f:cc:ca:77:1f:bd:01:66:70:c4:7f:
70:51:9f:7c:65:98:d6:8f:ec:68:c7:c7:55:2a:dd:b3:e5:25:
ed:9d:7b:31:5b:be:10:69:14:31:e3:4f:11:de:3c:1c:7a:ba:
5a:ba:66:56:3c:ff:81:aa:46:56:08:71:3d:55:ee:38:62:02:
93:db:1a:c5:53:1f:22:e0:67:e5:7c:54:33:f2:0f:82:af:c9:
17:a0:d0:90:57:6e:b4:53:55:44:d7:23:b7:04:1a:42:a2:89:
87:41:df:c9:ba:78:56:48:d7:9c:54:cc:65:34:2c:b8:ee:9f:
77:8f:0e:22:29:29:05:f5:78:33:ef:b1:11:c4:ba:fb:32:72:
65:58:fd:b7:ca:f3:84:2e:6b:da:2e:06:8b:2c:d8:e2:7c:ae:
97:47:a5:9a:55:f6:8a:fc:95:ed:85:22:30:7d:02:59:4f:ca:
ff:54:54:3e:00:de:10:34:6f:d8:1d:79:25:90:d9:55:f2:83:
31:8b:85:e2:a2:ac:8b:3b:ee:27:78:f8:db:f4:dd:70:f5:38:
5d:b8:de:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUScknMDHO/lpYGGpviPWVogn679swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxYmQwODE5MDY1MWRhMTAwY2Q1MzQ2OTFmOTU1OGM3NTdiYThmY2Q5MzA3
MDM3NTNjOGQwMDZhZGExNDhiZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsvegOwE3qQqhCsTf013P9Ike1WS0fDsrDuVDaJa1C4FCKme9Jnh/XjHwaV
TAaTEd+W8G9Eu6nU9qjeitE6kd/kUKM8NHtMdLzVjyKWKagFWxBTdnjx8DLQ113q
KcfzeRoBd3uNTUHfwOUF+mBhFCJv6zXvCP9z3FjRb+HE5kIuvDGeI3OdcGiN0qb0
oaYQ0AJvdh2L3gTGdKfJOANNHSU2IY3TYtzTKEo0UmY3gflSFFoFvwjXUpkIJKy+
/TJ0YP050G/rYh+8XgnkIbvt5zBE+hfHL0OwGdazRMxHip7L2xyOgebpNZC0xgL3
A6KLrx91rAitzZZ4ErSEww+YBBUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYNsDc
qqymEpnazYbx8TKQk4KTPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZhY2E2NTUtNDViZS00YzFiLWE4YWEtMWYwNDgzMjYzODVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQBoqkPGyk5Na9TnFVsZ+sDPJjQwLfTxpDbW/iq6wLkc
kctIbOOQikFvJNq/n8zKdx+9AWZwxH9wUZ98ZZjWj+xox8dVKt2z5SXtnXsxW74Q
aRQx408R3jwcerpaumZWPP+BqkZWCHE9Ve44YgKT2xrFUx8i4GflfFQz8g+Cr8kX
oNCQV260U1VE1yO3BBpCoomHQd/JunhWSNecVMxlNCy47p93jw4iKSkF9Xgz77ER
xLr7MnJlWP23yvOELmvaLgaLLNjifK6XR6WaVfaK/JXthSIwfQJZT8r/VFQ+AN4Q
NG/YHXklkNlV8oMxi4XioqyLO+4nePjb9N1w9ThduN6x
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org