Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: VVswnIs5O1m6H7NhsacgjC4Cmn2DFBr7MDpDVu8KvQM=
Subject key identifier: AF:91:A3:13:2B:3C:C3:F7:A8:9B:4D:5E:2A:A1:CE:3E:ED:84:9E:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6076BA4D6CD966CCB9253A4B7CA85D83B67C72E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 01 Dec 2024 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:76:ba:4d:6c:d9:66:cc:b9:25:3a:4b:7c:a8:5d:83:b6:7c:72:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=7193c0f7960937047ed53ea16378250cb21950781a0ca1813ff26a9c816d2311, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:88:0c:e0:57:11:8c:40:c6:a7:1c:ea:4c:
f2:03:15:14:56:08:e1:ca:4f:e3:d9:eb:6f:ae:41:
b3:02:ef:7e:c1:42:97:8b:04:03:b5:ad:85:68:3a:
94:4f:95:9c:25:b6:89:76:0a:53:34:20:1d:26:b4:
b2:41:7c:2e:d4:e0:96:c1:61:73:1d:28:2b:a1:67:
61:d7:46:46:f8:6c:9e:17:c2:45:ae:4b:b9:16:4c:
2e:30:55:0b:bd:6a:b5:79:b5:47:6d:5c:05:92:70:
b0:71:3c:b2:cf:42:22:58:22:f1:b6:58:81:00:be:
a8:21:0d:d4:25:5f:8b:23:c5:4f:81:1a:d1:3b:65:
72:7f:c0:65:5b:0c:e7:34:ab:21:47:36:90:b4:d7:
fe:cb:6c:26:c6:91:ce:07:72:f6:3e:83:0a:fa:df:
da:c4:64:fc:3c:18:9b:c6:0f:ee:eb:d5:cd:01:be:
40:12:da:5a:11:9b:aa:17:93:59:1b:fb:01:77:72:
af:74:aa:ca:92:b4:db:83:27:b7:1b:aa:fc:e8:18:
c8:46:01:c5:05:e0:ed:60:1f:de:93:e0:c3:fa:15:
20:4a:3e:bf:f8:ea:b5:a1:8f:b3:67:ff:7d:17:a9:
fc:71:84:37:f5:df:ae:9b:1c:3c:6b:ee:53:aa:cf:
35:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:91:A3:13:2B:3C:C3:F7:A8:9B:4D:5E:2A:A1:CE:3E:ED:84:9E:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
13:2a:10:4e:1a:b4:36:0c:96:aa:79:0c:dc:5d:14:26:52:e3:
e5:c0:27:21:f2:65:4a:46:07:a5:fd:5b:31:ad:09:84:53:b5:
f6:cd:9c:3f:5e:9a:fe:92:79:75:8c:a7:d5:69:79:53:6b:aa:
7a:d5:75:f9:5d:0a:c4:2d:d6:42:35:db:ab:b9:ac:17:c0:57:
37:af:8c:93:4e:d0:44:56:87:12:0c:a5:b5:28:d3:41:eb:c5:
78:0b:53:99:4e:49:b4:17:5a:56:27:47:cb:23:98:63:32:23:
5c:b1:55:d5:fa:ae:9c:0f:25:67:1e:78:ba:09:b1:0e:96:ec:
5c:d8:97:f5:da:06:ac:bd:ed:b5:3a:78:b9:ed:50:40:33:4b:
2d:45:c2:d7:da:74:03:76:d0:97:ce:41:cb:62:87:4d:e9:6e:
22:c3:52:be:74:66:e4:17:7b:03:3e:f6:50:9b:f9:94:a0:50:
2f:e0:46:6c:8c:56:b0:3f:29:bf:ba:8f:46:68:85:57:02:0b:
8a:60:e7:aa:02:4a:46:fb:18:a9:ee:ae:5a:d0:e4:a9:40:d6:
be:69:3a:f7:aa:6f:3c:74:37:4a:21:ea:e1:dc:99:17:ac:34:
7a:d4:9b:4b:02:bb:38:01:cc:4b:df:2e:0b:b1:14:00:8a:0b:
24:a0:bd:73
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYHa6TWzZZsy5JTpLfKhdg7Z8cukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxOTNjMGY3OTYwOTM3MDQ3ZWQ1M2VhMTYzNzgyNTBjYjIxOTUwNzgxYTBj
YTE4MTNmZjI2YTljODE2ZDIzMTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFaiAzgVxGMQManHOpM8gMVFFYI4cpP49nrb65BswLvfsFCl4sEA7WthWg6
lE+VnCW2iXYKUzQgHSa0skF8LtTglsFhcx0oK6FnYddGRvhsnhfCRa5LuRZMLjBV
C71qtXm1R21cBZJwsHE8ss9CIlgi8bZYgQC+qCEN1CVfiyPFT4Ea0Ttlcn/AZVsM
5zSrIUc2kLTX/stsJsaRzgdy9j6DCvrf2sRk/DwYm8YP7uvVzQG+QBLaWhGbqheT
WRv7AXdyr3SqypK024Mntxuq/OgYyEYBxQXg7WAf3pPgw/oVIEo+v/jqtaGPs2f/
fRep/HGEN/XfrpscPGvuU6rPNdUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvkaMT
KzzD96ibTV4qoc4+7YSeRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQATKhBOGrQ2DJaqeQzcXRQmUuPlwCch8mVKRgel/Vsx
rQmEU7X2zZw/Xpr+knl1jKfVaXlTa6p61XX5XQrELdZCNduruawXwFc3r4yTTtBE
VocSDKW1KNNB68V4C1OZTkm0F1pWJ0fLI5hjMiNcsVXV+q6cDyVnHni6CbEOluxc
2Jf12gasve21Oni57VBAM0stRcLX2nQDdtCXzkHLYodN6W4iw1K+dGbkF3sDPvZQ
m/mUoFAv4EZsjFawPym/uo9GaIVXAguKYOeqAkpG+xip7q5a0OSpQNa+aTr3qm88
dDdKIerh3JkXrDR61JtLArs4AcxL3y4LsRQAigskoL1z
-----END CERTIFICATE-----
Generated at Sat Nov 30 19:05:42 2024 by rpki-client on console-fra.rpki-client.org