Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
File: 0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa (raw, json)
Hash identifier: 8pvsfvmrvF9oFJdh8y9ci70qAr3PIfhCdt1QpnsGqXM=
Subject key identifier: 92:8D:2F:77:78:57:A2:19:2A:F4:87:E8:D8:D3:BF:9D:D2:3C:47:ED
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33DAD041A6A9E71BAA641FD3352CB01F2D26B3AC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:da:d0:41:a6:a9:e7:1b:aa:64:1f:d3:35:2c:b0:1f:2d:26:b3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=b7d9f768e765601d22a5d230be486199f620209df193b0309282d50292981cc6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:e4:c7:a7:33:71:d8:42:6b:e0:f4:ea:d2:
47:ba:4c:12:51:70:1c:45:6a:96:96:15:bb:96:14:
c9:71:42:05:38:43:81:67:d9:e6:81:1c:ae:8e:84:
be:d2:68:7f:c2:c9:10:47:d2:de:fb:64:6d:29:0b:
dd:da:85:cf:e8:3d:5f:d2:ca:e0:54:ac:e6:56:03:
6d:df:97:76:08:fb:7b:8b:31:d5:df:b6:78:70:f7:
e4:e7:b4:d1:da:dd:62:4b:d5:69:96:86:a6:08:91:
c1:33:99:79:46:41:6a:ea:cb:ae:56:25:11:bd:f1:
b7:75:67:e3:3b:13:e8:cc:56:75:ea:f9:1b:62:7e:
53:7d:a3:9c:e1:9c:1f:5b:31:1e:5a:4d:d6:84:0c:
c3:f1:a5:ef:4f:fa:19:82:9b:e6:62:27:13:d7:99:
01:3e:a3:57:d4:f1:7f:5a:82:a1:bd:48:71:7e:fe:
8d:07:59:68:f9:b3:f6:f6:fd:8c:8f:3f:fb:d4:9b:
cc:c4:69:5a:3a:94:69:c5:d7:5d:34:1e:b7:15:e2:
2f:28:57:21:0b:41:17:5b:2a:ae:bb:69:a3:9a:ad:
a7:a2:4f:61:b5:38:cc:46:65:4c:41:4e:7c:53:81:
79:97:be:37:73:8d:bd:69:3d:a2:e0:f9:6d:e7:8d:
3a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8D:2F:77:78:57:A2:19:2A:F4:87:E8:D8:D3:BF:9D:D2:3C:47:ED
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
33:22:99:f5:81:dc:98:ad:b0:d6:a1:67:b0:c3:4c:99:20:9d:
f1:18:da:3d:51:c5:af:98:17:14:74:18:df:a8:85:7d:ad:3f:
23:54:f5:3b:02:05:8a:05:8e:69:05:2e:94:ad:b0:12:74:ca:
c8:5d:5b:eb:ce:cd:e0:b8:c4:23:9c:53:cc:5a:a7:4e:a5:63:
44:cb:7c:2f:c3:28:b0:35:6d:3c:0e:6b:b1:14:57:42:4b:a5:
e4:75:7c:d8:0e:c0:15:cd:6a:ad:fe:9e:a0:bc:77:16:5b:5d:
9e:0e:33:d7:f1:2a:62:59:f7:95:fc:01:e5:ab:f3:83:fa:10:
10:f3:01:4e:17:e7:ef:b1:08:68:2a:a7:62:f2:ee:e1:e6:d8:
6b:b8:02:e7:c2:d1:3e:66:a0:62:e3:0d:53:b1:d4:7d:b1:02:
22:0f:d0:53:64:b6:74:b8:da:dc:cc:02:64:c1:62:c4:8c:2d:
26:ab:c2:3a:ee:22:85:63:8d:90:26:b5:f6:c9:b8:84:7b:52:
0a:c1:48:93:ac:9f:d4:bf:ef:a2:4a:60:01:4a:d9:65:6a:2e:
d1:ec:2e:4b:2c:d9:67:1e:49:54:3f:0f:12:40:dd:d0:09:ee:
9d:d9:ec:7e:e9:15:66:f2:04:e8:b8:b8:38:da:ab:a2:ac:04:
17:5a:fb:5c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM9rQQaap5xuqZB/TNSywHy0ms6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3ZDlmNzY4ZTc2NTYwMWQyMmE1ZDIzMGJlNDg2MTk5ZjYyMDIwOWRmMTkz
YjAzMDkyODJkNTAyOTI5ODFjYzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMc5MenM3HYQmvg9OrSR7pMElFwHEVqlpYVu5YUyXFCBThDgWfZ5oEcro6E
vtJof8LJEEfS3vtkbSkL3dqFz+g9X9LK4FSs5lYDbd+Xdgj7e4sx1d+2eHD35Oe0
0drdYkvVaZaGpgiRwTOZeUZBaurLrlYlEb3xt3Vn4zsT6MxWder5G2J+U32jnOGc
H1sxHlpN1oQMw/Gl70/6GYKb5mInE9eZAT6jV9Txf1qCob1IcX7+jQdZaPmz9vb9
jI8/+9SbzMRpWjqUacXXXTQetxXiLyhXIQtBF1sqrrtpo5qtp6JPYbU4zEZlTEFO
fFOBeZe+N3ONvWk9ouD5beeNOgkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSSjS93
eFeiGSr0h+jY07+d0jxH7TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGE1OGNlZjctNWZhNS00NTZkLTljZDctZDk2YmUxZjJmYWFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQAzIpn1gdyYrbDWoWeww0yZIJ3xGNo9UcWvmBcUdBjf
qIV9rT8jVPU7AgWKBY5pBS6UrbASdMrIXVvrzs3guMQjnFPMWqdOpWNEy3wvwyiw
NW08DmuxFFdCS6XkdXzYDsAVzWqt/p6gvHcWW12eDjPX8SpiWfeV/AHlq/OD+hAQ
8wFOF+fvsQhoKqdi8u7h5thruALnwtE+ZqBi4w1TsdR9sQIiD9BTZLZ0uNrczAJk
wWLEjC0mq8I67iKFY42QJrX2ybiEe1IKwUiTrJ/Uv++iSmABStllai7R7C5LLNln
HklUPw8SQN3QCe6d2ex+6RVm8gTouLg42quirAQXWvtc
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org