Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1225cc34-f5d1-422d-9202-634bc8e5a66b.roa
File: 1225cc34-f5d1-422d-9202-634bc8e5a66b.roa (raw, json)
Hash identifier: bYhpZQFVXjvhNWbIbdrfxQmK2ilDGx1aLl1+QCi1yfE=
Subject key identifier: 57:6E:81:2E:78:7E:83:57:8E:42:C0:DC:72:D2:F1:C3:08:1A:8B:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20D39D63B720438A1CC4BB7E5A108EE15C9F4083
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1225cc34-f5d1-422d-9202-634bc8e5a66b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:d3:9d:63:b7:20:43:8a:1c:c4:bb:7e:5a:10:8e:e1:5c:9f:40:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d95a16afe324aa09f91837c9d888a36e94a2a254d3d21cb75ab6a828dc64e5b9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:38:ac:b5:0f:88:55:cf:e7:d3:bb:68:fe:2a:
65:b3:f3:a3:f4:01:3c:f7:f2:e4:5a:5b:02:34:d8:
f2:c2:0b:93:0f:9c:cd:c0:f9:6a:37:ac:44:32:7d:
61:62:63:85:e0:d8:b1:b4:51:93:c5:0d:73:cf:8e:
ab:17:22:27:33:94:68:b0:cd:3d:d2:76:3e:1b:c7:
15:38:10:25:ee:08:be:25:de:16:41:4c:33:ad:cc:
c4:6b:38:ec:a6:9b:aa:af:bf:63:5b:3e:bf:9b:5d:
e9:af:af:2e:0a:c2:7f:31:d2:78:25:bf:13:c0:74:
37:68:06:b5:43:bc:a1:51:1c:f0:6b:15:f9:81:ec:
20:16:dc:cc:cf:18:35:1c:76:95:b1:d4:83:57:88:
23:89:b2:e8:3c:17:43:94:84:aa:0e:08:4a:bf:cb:
e2:78:4c:79:30:39:79:d4:03:35:2f:6a:f8:fc:6e:
dd:23:1a:a9:86:49:4f:f3:7e:cb:d7:cf:2c:5f:46:
ac:9c:6d:d0:ab:fa:20:78:01:2b:eb:24:5f:f1:ea:
bd:0e:5e:74:b3:50:88:5a:61:c4:a9:4a:81:29:ad:
7b:5c:ed:ad:f7:41:82:cc:6c:f0:62:6b:e5:6f:d2:
27:10:1a:b1:7f:2e:1b:3b:9b:45:1b:35:29:f5:5a:
94:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:6E:81:2E:78:7E:83:57:8E:42:C0:DC:72:D2:F1:C3:08:1A:8B:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1225cc34-f5d1-422d-9202-634bc8e5a66b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:02:00:7e:c5:4c:00:b2:97:77:c3:61:c0:0c:1b:dc:4e:c7:
26:98:4b:89:1f:6d:66:40:7c:00:94:ad:86:42:82:d6:90:d8:
d5:2c:1e:c2:dc:4d:c0:21:88:e6:b5:09:f6:06:22:61:45:29:
fd:aa:49:9f:65:0e:a4:e8:11:07:db:20:7c:12:3c:60:aa:08:
d8:f2:0f:72:e7:67:0e:5f:1d:35:91:f5:be:20:59:cc:36:a5:
8b:64:b1:23:9e:ed:65:b7:f0:5b:ab:11:16:b3:ea:fa:dc:ad:
57:e4:c3:ec:ca:8f:3e:ad:24:91:a8:6e:f2:22:1a:cc:e5:c7:
f7:fe:8a:64:2e:fb:23:e9:d6:de:70:a7:28:73:80:95:28:82:
11:d9:a4:de:97:f6:75:1f:2a:fa:bb:b4:e5:7f:67:d1:8f:74:
78:ab:be:8e:e8:e0:0f:56:b4:05:97:0d:c8:a2:9f:88:10:25:
9f:46:f4:40:67:00:c0:1a:de:83:6d:ca:1f:c6:d9:30:8c:ce:
90:a9:b1:7f:34:37:78:59:e3:c2:a6:79:27:14:4a:f8:7a:ff:
e4:7f:f9:5a:f0:db:15:10:e9:d1:04:4e:59:47:91:e4:02:f4:
a4:74:05:c3:b9:e8:ec:87:07:7c:5b:3c:ed:15:7e:c1:21:3d:
27:5f:3a:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUINOdY7cgQ4ocxLt+WhCO4VyfQIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5NWExNmFmZTMyNGFhMDlmOTE4MzdjOWQ4ODhhMzZlOTRhMmEyNTRkM2Qy
MWNiNzVhYjZhODI4ZGM2NGU1YjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJk4rLUPiFXP59O7aP4qZbPzo/QBPPfy5FpbAjTY8sILkw+czcD5ajesRDJ9
YWJjheDYsbRRk8UNc8+OqxciJzOUaLDNPdJ2PhvHFTgQJe4IviXeFkFMM63MxGs4
7Kabqq+/Y1s+v5td6a+vLgrCfzHSeCW/E8B0N2gGtUO8oVEc8GsV+YHsIBbczM8Y
NRx2lbHUg1eII4my6DwXQ5SEqg4ISr/L4nhMeTA5edQDNS9q+Pxu3SMaqYZJT/N+
y9fPLF9GrJxt0Kv6IHgBK+skX/HqvQ5edLNQiFphxKlKgSmte1ztrfdBgsxs8GJr
5W/SJxAasX8uGzubRRs1KfValH0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRXboEu
eH6DV45CwNxy0vHDCBqLzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIyNWNjMzQtZjVkMS00MjJkLTkyMDItNjM0YmM4ZTVhNjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQCFAgB+xUwAspd3w2HADBvcTscmmEuJH21mQHwAlK2G
QoLWkNjVLB7C3E3AIYjmtQn2BiJhRSn9qkmfZQ6k6BEH2yB8EjxgqgjY8g9y52cO
Xx01kfW+IFnMNqWLZLEjnu1lt/BbqxEWs+r63K1X5MPsyo8+rSSRqG7yIhrM5cf3
/opkLvsj6dbecKcoc4CVKIIR2aTel/Z1Hyr6u7Tlf2fRj3R4q76O6OAPVrQFlw3I
op+IECWfRvRAZwDAGt6DbcofxtkwjM6QqbF/NDd4WePCpnknFEr4ev/kf/la8NsV
EOnRBE5ZR5HkAvSkdAXDuejshwd8WzztFX7BIT0nXzqD
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org