Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
File: 132c7518-dddd-4506-8c53-640411d8120f.roa (raw, json)
Hash identifier: tzEevayMSJw1QeBx5ePjEH3ZP0dmsV6f4f0CDeANx1Q=
Subject key identifier: 34:70:68:DF:53:04:65:D5:A8:01:04:25:99:7D:E9:2D:BF:08:9E:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 573DB3B8276983095B1A34B045934BE07916C9C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:3d:b3:b8:27:69:83:09:5b:1a:34:b0:45:93:4b:e0:79:16:c9:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=4eb486d2155e4779821c47051963f59f9fa7510f7354adf486dcaf706efbcd4e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:be:fb:68:76:9e:00:04:55:91:2b:2b:6c:01:
ae:a2:0f:6d:a2:39:a5:15:40:ea:1a:83:d6:47:69:
86:11:45:1e:cc:d0:f7:22:8a:ee:27:31:a6:a1:4d:
b2:ed:c7:fa:92:2f:3c:2d:8a:60:ac:23:a7:01:68:
56:58:97:fd:fa:54:c1:fa:fc:a5:c2:75:b3:f3:52:
ad:d3:ff:df:6e:5f:84:6d:6d:f8:bc:ff:41:3d:af:
05:7f:b8:9c:e5:ad:26:d2:73:55:c2:62:88:8c:a8:
c0:8e:f9:81:6c:2b:b5:58:59:f1:94:29:4b:3e:40:
9b:61:33:06:95:ce:57:dd:2d:9a:0b:34:19:12:14:
7f:16:8b:b1:3d:71:22:72:8c:25:89:40:51:58:9d:
7a:e1:81:7b:14:3d:f1:79:de:73:b8:2d:a9:ec:c6:
f7:5d:ae:19:2e:09:c3:26:b9:15:75:8b:3d:47:83:
4d:55:4a:4c:ec:50:dc:20:96:f2:d3:33:fb:e3:54:
b9:1d:64:00:9c:2c:25:cf:84:d6:c2:9f:7d:70:ba:
99:5d:de:6f:f0:74:83:95:5b:6c:af:56:b4:75:6e:
06:4d:c3:33:70:3e:28:15:83:0c:ed:a0:e0:c0:76:
25:3d:c0:ab:c6:b5:2c:0a:05:08:77:6d:db:f7:19:
99:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:70:68:DF:53:04:65:D5:A8:01:04:25:99:7D:E9:2D:BF:08:9E:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/132c7518-dddd-4506-8c53-640411d8120f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
24:17:89:6f:53:f5:df:44:89:b4:d2:da:22:36:a0:1b:3f:1f:
65:82:91:2f:d1:22:b8:bc:b7:53:83:fc:1f:db:12:e6:75:0a:
60:e2:3b:61:a8:5c:cd:5d:a2:28:9f:1d:d8:b1:1f:0f:5b:f0:
37:55:38:20:4f:64:e7:9b:a5:3a:1c:5b:76:e5:79:92:1b:de:
38:bd:40:3c:dc:40:2b:e8:17:88:97:b6:e4:92:df:cc:ad:b2:
56:64:bd:f5:29:b9:d4:24:74:ee:6b:cd:60:d1:ef:a4:08:7b:
37:8f:33:67:c4:ed:fd:59:4e:c3:81:f8:b6:24:89:8a:86:88:
69:b1:72:20:3f:63:1f:86:3d:4b:0c:bc:53:7c:ef:d6:d3:93:
ce:14:11:3d:9b:2f:03:19:da:0e:11:58:c2:fd:42:cc:25:e6:
10:22:51:19:a0:63:aa:88:9d:d1:ba:ce:c5:72:2c:5d:cc:a5:
fb:cb:1f:c5:80:2b:3f:99:52:c1:01:ee:04:10:34:fe:bb:99:
b9:3d:02:d4:ba:28:9e:5e:4d:47:f5:69:2c:0d:a4:d3:0b:20:
a5:87:69:3f:9a:01:ad:38:e5:ac:26:fb:77:96:38:95:a1:3f:
17:20:ed:e2:30:17:66:5b:5b:4a:53:ab:88:8b:ff:92:0d:ea:
47:05:9f:eb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVz2zuCdpgwlbGjSwRZNL4HkWycgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlYjQ4NmQyMTU1ZTQ3Nzk4MjFjNDcwNTE5NjNmNTlmOWZhNzUxMGY3MzU0
YWRmNDg2ZGNhZjcwNmVmYmNkNGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2++2h2ngAEVZErK2wBrqIPbaI5pRVA6hqD1kdphhFFHszQ9yKK7icxpqFN
su3H+pIvPC2KYKwjpwFoVliX/fpUwfr8pcJ1s/NSrdP/325fhG1t+Lz/QT2vBX+4
nOWtJtJzVcJiiIyowI75gWwrtVhZ8ZQpSz5Am2EzBpXOV90tmgs0GRIUfxaLsT1x
InKMJYlAUVideuGBexQ98Xnec7gtqezG912uGS4Jwya5FXWLPUeDTVVKTOxQ3CCW
8tMz++NUuR1kAJwsJc+E1sKffXC6mV3eb/B0g5VbbK9WtHVuBk3DM3A+KBWDDO2g
4MB2JT3Aq8a1LAoFCHdt2/cZmWsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0cGjf
UwRl1agBBCWZfektvwiedDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTMyYzc1MTgtZGRkZC00NTA2LThjNTMtNjQwNDExZDgxMjBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQAkF4lvU/XfRIm00toiNqAbPx9lgpEv0SK4vLdTg/wf
2xLmdQpg4jthqFzNXaIonx3YsR8PW/A3VTggT2Tnm6U6HFt25XmSG944vUA83EAr
6BeIl7bkkt/MrbJWZL31KbnUJHTua81g0e+kCHs3jzNnxO39WU7Dgfi2JImKhohp
sXIgP2Mfhj1LDLxTfO/W05POFBE9my8DGdoOEVjC/ULMJeYQIlEZoGOqiJ3Rus7F
cixdzKX7yx/FgCs/mVLBAe4EEDT+u5m5PQLUuiieXk1H9WksDaTTCyClh2k/mgGt
OOWsJvt3ljiVoT8XIO3iMBdmW1tKU6uIi/+SDepHBZ/r
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org