Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
File: 1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa (raw, json)
Hash identifier: e2Txi8AZqSmDYHHb1xz/5xY6lQeiVUwtQprL8PQ7pMs=
Subject key identifier: 4E:CA:62:AF:C6:ED:A7:B5:0A:D5:5D:B0:1D:E9:93:0F:2F:B8:8F:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38F3D6DE11C31E9809487B41F17023FB84CBFEC4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:f3:d6:de:11:c3:1e:98:09:48:7b:41:f1:70:23:fb:84:cb:fe:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=afc5461c121d0cf234c774b881788f048544199dc6128cdfc752f66cf28bf77a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f8:fd:fb:de:11:c4:45:0c:4b:28:e1:ac:d9:
f4:f8:f2:df:ad:78:78:5a:1c:fb:7a:1b:90:77:b2:
40:e7:99:19:bf:14:94:48:83:d6:c9:0d:ed:44:e1:
b4:2b:92:5c:2d:5c:5f:9c:aa:8c:81:b4:ad:54:cf:
ae:a3:89:e0:fd:2c:be:dc:df:41:65:03:45:7a:2c:
42:88:17:e7:da:7a:86:b6:75:f3:13:d0:0f:d2:26:
ff:2c:80:34:b5:4e:b6:07:ef:7d:53:47:1d:b9:a7:
97:b4:30:04:a5:97:ba:86:3e:8b:15:0b:3e:eb:1c:
04:4c:0c:19:1f:cb:66:a5:f8:e0:7b:3a:b3:5e:b0:
89:8e:5d:d5:35:c1:31:91:9c:ac:72:2e:f1:82:c8:
b5:46:dd:b7:81:7c:1e:10:42:95:74:2f:89:a2:58:
6f:bd:40:58:47:85:4f:05:56:66:b8:98:8f:e0:1c:
eb:e8:96:4d:d5:e3:9f:21:6b:c4:40:38:b7:bd:da:
64:4b:e5:00:d1:35:4a:a9:01:be:f0:40:45:fb:68:
10:d1:dd:23:56:71:46:b4:7a:2c:dc:94:4c:6f:90:
87:ab:e9:34:f5:75:7c:ee:48:37:89:db:57:fc:8d:
49:fd:a9:18:bd:ad:01:0a:c2:9d:71:c7:91:96:85:
ea:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CA:62:AF:C6:ED:A7:B5:0A:D5:5D:B0:1D:E9:93:0F:2F:B8:8F:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1034a10f-29ad-43d5-9d62-abfa393cb0a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:6a:6b:4a:42:66:1b:73:16:3f:60:72:21:2d:09:59:b0:ff:
8a:34:c5:d1:96:4a:f5:a4:81:e9:17:a5:ea:42:e1:69:3b:49:
3c:2f:78:3f:21:85:c7:13:b4:0c:7c:c2:4f:a1:27:2e:ef:da:
cc:02:0b:8e:b6:e3:d0:af:26:7b:a3:09:34:01:fb:71:2e:30:
89:69:7e:de:63:a1:98:6f:4b:6e:6e:c8:80:ce:ae:0a:cc:82:
39:21:7c:5c:1e:9c:2c:64:83:fc:9e:af:68:e7:e3:ad:49:53:
cf:a9:8d:2f:7c:77:c1:29:c6:db:d9:17:da:05:84:61:5d:61:
10:76:92:8c:c7:bf:4f:d9:16:bd:c0:13:17:92:2f:d1:f0:7d:
66:85:83:91:ad:4d:14:93:cb:29:7c:71:ee:ee:67:b0:ef:fe:
2c:b2:b5:46:99:a6:4f:b0:df:66:4c:0b:7a:e5:42:7d:e0:93:
96:18:16:dd:fc:fc:06:54:68:6a:bd:cf:55:6d:cd:1c:3c:41:
01:ed:7b:c0:b3:87:58:df:62:a8:64:f3:5c:8b:a3:68:65:7b:
e1:a2:fd:d4:83:48:6d:2c:51:ca:43:7a:f5:d0:1c:eb:02:a1:
8c:6c:9f:28:14:e2:06:27:d5:8d:86:3a:6c:3e:93:b6:c9:bf:
78:d2:36:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOPPW3hHDHpgJSHtB8XAj+4TL/sQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmYzU0NjFjMTIxZDBjZjIzNGM3NzRiODgxNzg4ZjA0ODU0NDE5OWRjNjEy
OGNkZmM3NTJmNjZjZjI4YmY3N2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJL4/fveEcRFDEso4azZ9Pjy3614eFoc+3obkHeyQOeZGb8UlEiD1skN7UTh
tCuSXC1cX5yqjIG0rVTPrqOJ4P0svtzfQWUDRXosQogX59p6hrZ18xPQD9Im/yyA
NLVOtgfvfVNHHbmnl7QwBKWXuoY+ixULPuscBEwMGR/LZqX44Hs6s16wiY5d1TXB
MZGcrHIu8YLItUbdt4F8HhBClXQviaJYb71AWEeFTwVWZriYj+Ac6+iWTdXjnyFr
xEA4t73aZEvlANE1SqkBvvBARftoENHdI1ZxRrR6LNyUTG+Qh6vpNPV1fO5IN4nb
V/yNSf2pGL2tAQrCnXHHkZaF6usCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROymKv
xu2ntQrVXbAd6ZMPL7iPQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTAzNGExMGYtMjlhZC00M2Q1LTlkNjItYWJmYTM5M2NiMGEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQBVamtKQmYbcxY/YHIhLQlZsP+KNMXRlkr1pIHpF6Xq
QuFpO0k8L3g/IYXHE7QMfMJPoScu79rMAguOtuPQryZ7owk0AftxLjCJaX7eY6GY
b0tubsiAzq4KzII5IXxcHpwsZIP8nq9o5+OtSVPPqY0vfHfBKcbb2RfaBYRhXWEQ
dpKMx79P2Ra9wBMXki/R8H1mhYORrU0Uk8spfHHu7mew7/4ssrVGmaZPsN9mTAt6
5UJ94JOWGBbd/PwGVGhqvc9Vbc0cPEEB7XvAs4dY32KoZPNci6NoZXvhov3Ug0ht
LFHKQ3r10BzrAqGMbJ8oFOIGJ9WNhjpsPpO2yb940jZP
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org