Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
File: 0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa (raw, json)
Hash identifier: kovapGo7vdvnGSsYbqRglw4TctFt6bayjwDM2hFCv8w=
Subject key identifier: B7:71:66:6F:B9:79:75:A4:96:46:F8:54:85:07:A9:22:C8:D4:CF:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D917F57DCFE682557E2E147EB1CB2EE1CD14022
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:91:7f:57:dc:fe:68:25:57:e2:e1:47:eb:1c:b2:ee:1c:d1:40:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=207aad4c2fb3d25d3a3cb6bfc32d3f84f79cbf9f03991d65af406fd021462fa8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:21:55:da:28:d4:d2:17:93:90:19:ce:b6:2c:
49:5f:47:53:20:f1:f8:94:4c:20:87:a0:91:85:14:
14:3e:e3:bc:54:76:ad:bf:d3:c8:dc:76:12:f7:e6:
1d:93:a5:a4:30:bb:9e:f4:cb:9d:4b:8e:2c:93:e2:
a6:e6:2c:75:8d:6e:a4:31:86:4a:27:6a:06:66:85:
ae:57:02:59:f2:a7:74:37:57:a2:66:a1:8b:9c:d1:
cc:e1:96:41:12:2f:ea:44:70:f6:cf:4e:af:eb:8e:
33:f0:3c:99:32:7c:26:3d:20:2c:94:4e:bd:08:5d:
8b:ba:ac:0e:d4:9d:65:a8:b1:67:c1:c3:d2:41:c3:
c2:8d:5d:c3:64:57:19:cd:51:27:ce:85:35:53:d0:
0c:94:f3:fa:bf:dc:83:93:0c:45:c1:3b:a4:4e:ff:
91:9e:39:4f:ba:de:84:9a:6d:b1:b9:cb:f7:d7:cf:
36:12:16:a7:75:d3:70:84:77:7f:1f:07:92:18:94:
ac:92:f0:ca:6e:3d:22:7c:9e:54:43:fe:24:57:6f:
4e:29:35:f0:ab:44:99:f7:81:f6:cd:bc:8d:bb:9d:
27:b9:b7:a7:92:d0:76:a2:02:ab:38:de:bd:e7:7d:
37:2c:55:c9:0c:3d:8c:9b:f6:88:68:0e:53:44:d4:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:71:66:6F:B9:79:75:A4:96:46:F8:54:85:07:A9:22:C8:D4:CF:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0e6cf8cb-029b-41b8-aa05-7310f7f141d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:9d:da:27:e8:3b:fa:53:72:8f:d0:99:25:a6:a5:16:92:92:
ec:4e:00:37:6e:3a:b0:bc:24:c2:22:95:f5:56:de:73:15:a0:
b2:9c:4b:da:f3:6f:85:76:b3:0c:ae:95:d9:a2:71:21:40:f4:
ca:af:1c:60:53:b8:f1:b2:26:e8:f0:b0:18:a3:33:1d:fa:bd:
1e:5a:36:cd:5b:75:ae:00:26:42:42:b4:a0:ff:5b:20:71:3f:
fb:2e:44:5b:ce:b9:ce:44:23:2b:5e:28:67:35:5f:be:54:e5:
f6:cb:2b:99:05:ea:57:52:82:72:c6:e9:e7:33:53:44:87:e7:
68:17:f3:a4:a1:99:71:2e:0e:fe:27:b7:a0:2e:78:f9:0f:c9:
1e:9f:91:51:1a:59:72:09:1b:98:72:ca:93:00:f6:e5:59:a7:
0e:9f:d4:09:86:e5:0b:0a:a0:53:82:8c:0e:27:5b:c7:6f:03:
4c:71:32:5f:a0:5c:73:64:d4:07:9c:3c:82:a2:c7:e4:ad:ad:
61:24:c5:61:44:0b:62:56:f3:37:1a:79:6d:c1:f6:e3:00:8c:
05:10:fe:61:2f:5d:2d:71:ea:f4:a6:03:12:fd:a8:df:b4:07:
8d:26:fb:d2:20:3e:26:69:fe:75:02:75:e5:47:6b:f6:e2:fb:
a4:67:0e:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfZF/V9z+aCVX4uFH6xyy7hzRQCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwN2FhZDRjMmZiM2QyNWQzYTNjYjZiZmMzMmQzZjg0Zjc5Y2JmOWYwMzk5
MWQ2NWFmNDA2ZmQwMjE0NjJmYTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMchVdoo1NIXk5AZzrYsSV9HUyDx+JRMIIegkYUUFD7jvFR2rb/TyNx2Evfm
HZOlpDC7nvTLnUuOLJPipuYsdY1upDGGSidqBmaFrlcCWfKndDdXomahi5zRzOGW
QRIv6kRw9s9Or+uOM/A8mTJ8Jj0gLJROvQhdi7qsDtSdZaixZ8HD0kHDwo1dw2RX
Gc1RJ86FNVPQDJTz+r/cg5MMRcE7pE7/kZ45T7rehJptsbnL99fPNhIWp3XTcIR3
fx8HkhiUrJLwym49InyeVEP+JFdvTik18KtEmfeB9s28jbudJ7m3p5LQdqICqzje
ved9NyxVyQw9jJv2iGgOU0TUnXMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3cWZv
uXl1pJZG+FSFB6kiyNTP5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGU2Y2Y4Y2ItMDI5Yi00MWI4LWFhMDUtNzMxMGY3ZjE0MWQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQC9ndon6Dv6U3KP0JklpqUWkpLsTgA3bjqwvCTCIpX1
Vt5zFaCynEva82+FdrMMrpXZonEhQPTKrxxgU7jxsibo8LAYozMd+r0eWjbNW3Wu
ACZCQrSg/1sgcT/7LkRbzrnORCMrXihnNV++VOX2yyuZBepXUoJyxunnM1NEh+do
F/OkoZlxLg7+J7egLnj5D8ken5FRGllyCRuYcsqTAPblWacOn9QJhuULCqBTgowO
J1vHbwNMcTJfoFxzZNQHnDyCosfkra1hJMVhRAtiVvM3GnltwfbjAIwFEP5hL10t
cer0pgMS/ajftAeNJvvSID4maf51AnXlR2v24vukZw4j
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org