Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
File: 156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa (raw, json)
Hash identifier: GznUhInZxTlAUYWWebbuT04CnAjyAFmSKku6l8B4yYw=
Subject key identifier: EA:36:A1:3B:A3:30:E5:5B:91:66:2C:3F:BB:CF:3F:09:89:7B:52:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3705E3208258EB4557F8349F0A6F1022A34E19E2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:05:e3:20:82:58:eb:45:57:f8:34:9f:0a:6f:10:22:a3:4e:19:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=e43bc2e9add4c923534cd6e36a9f4b501c1ee5d0c4d744b7406059fab297a006, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4e:ae:42:46:ef:0a:fb:b1:65:fa:65:b1:6a:
d0:f5:70:9b:06:72:77:df:5e:ab:b5:3d:4f:e6:4e:
e9:4d:c2:91:4e:f2:27:9e:55:7c:bf:15:b5:5f:6c:
17:31:6e:00:c5:6f:7b:41:9b:40:b6:e5:06:96:45:
61:93:11:5d:21:42:9f:7b:38:bd:8f:73:18:e8:7d:
fa:35:89:7c:98:dd:8c:5e:f3:77:61:49:f9:61:41:
a8:8d:e9:69:c1:23:cc:ba:1e:03:b6:90:0e:ea:c0:
18:66:7e:52:27:60:28:9e:59:2d:f8:ff:eb:77:ab:
cf:46:89:f7:53:76:cf:8d:94:bd:f6:47:6e:8d:cc:
8e:5c:06:df:a2:4d:02:63:f4:ca:64:1e:fa:95:d6:
e1:22:ec:28:2d:1f:90:93:09:1e:85:01:7d:f5:41:
33:51:2c:19:63:b7:ae:4c:ca:5e:f7:1e:c1:d0:7c:
6b:ae:90:f0:cc:c9:91:dd:f5:81:f4:4b:3b:4e:3a:
c2:4d:c6:5b:53:7a:48:02:5c:85:c8:eb:a8:c5:1a:
10:92:b5:1a:99:f2:d9:16:4e:87:c0:4a:08:55:b3:
d9:c8:58:b0:a2:14:a8:5f:e2:21:ca:10:0e:e0:ff:
3a:d7:f5:c5:d2:e3:f5:50:56:05:2c:39:09:56:3b:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:36:A1:3B:A3:30:E5:5B:91:66:2C:3F:BB:CF:3F:09:89:7B:52:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/156cb8b7-b25d-44ed-8f7a-44e741154b2e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
2b:39:42:b6:26:02:9b:27:9e:d2:71:d1:2c:fd:df:6d:e3:f3:
19:cd:5e:81:c4:cb:d7:28:90:9f:ec:89:4a:d1:5e:cc:4b:75:
c6:e9:8e:9f:d3:35:2b:63:25:68:21:e6:70:fd:23:e0:e7:2a:
a9:28:18:c8:9e:01:f1:d6:72:ba:2e:13:83:f9:f2:b6:e6:05:
da:fe:17:41:32:db:a5:11:0e:a5:57:ca:b3:47:53:b8:dc:47:
4e:c6:29:a9:9f:7d:a5:17:4c:ac:ca:3b:a0:90:cb:9d:3e:c8:
5e:f5:34:bc:5d:5c:85:04:3f:dc:cb:04:18:d4:50:d6:60:c6:
e9:74:21:e4:3a:da:ab:5e:b7:9a:4a:ec:41:03:c4:f1:ca:98:
94:da:4e:32:1f:33:5e:87:df:d6:f6:41:1b:14:37:19:b0:28:
a1:42:9e:ff:3b:41:9e:f9:13:22:7d:c9:76:c6:f9:47:4e:03:
2c:94:d3:63:7e:c2:e9:9c:33:37:29:53:d4:ee:63:81:bf:9d:
d1:52:85:af:57:2a:6f:69:9a:ee:dc:bb:3f:57:e6:57:9b:c8:
aa:f8:6b:83:6d:a1:ba:ea:cd:38:2f:d1:67:33:a4:b8:38:12:
ef:24:52:e5:a2:18:87:a3:2a:98:2e:4a:e4:70:25:f9:7b:0c:
f9:23:9a:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNwXjIIJY60VX+DSfCm8QIqNOGeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0M2JjMmU5YWRkNGM5MjM1MzRjZDZlMzZhOWY0YjUwMWMxZWU1ZDBjNGQ3
NDRiNzQwNjA1OWZhYjI5N2EwMDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1OrkJG7wr7sWX6ZbFq0PVwmwZyd99eq7U9T+ZO6U3CkU7yJ55VfL8VtV9s
FzFuAMVve0GbQLblBpZFYZMRXSFCn3s4vY9zGOh9+jWJfJjdjF7zd2FJ+WFBqI3p
acEjzLoeA7aQDurAGGZ+UidgKJ5ZLfj/63erz0aJ91N2z42UvfZHbo3MjlwG36JN
AmP0ymQe+pXW4SLsKC0fkJMJHoUBffVBM1EsGWO3rkzKXvcewdB8a66Q8MzJkd31
gfRLO046wk3GW1N6SAJchcjrqMUaEJK1Gpny2RZOh8BKCFWz2chYsKIUqF/iIcoQ
DuD/Otf1xdLj9VBWBSw5CVY7XFkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqNqE7
ozDlW5FmLD+7zz8JiXtS7jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU2Y2I4YjctYjI1ZC00NGVkLThmN2EtNDRlNzQxMTU0YjJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQArOUK2JgKbJ57ScdEs/d9t4/MZzV6BxMvXKJCf7IlK
0V7MS3XG6Y6f0zUrYyVoIeZw/SPg5yqpKBjIngHx1nK6LhOD+fK25gXa/hdBMtul
EQ6lV8qzR1O43EdOximpn32lF0ysyjugkMudPshe9TS8XVyFBD/cywQY1FDWYMbp
dCHkOtqrXreaSuxBA8TxypiU2k4yHzNeh9/W9kEbFDcZsCihQp7/O0Ge+RMifcl2
xvlHTgMslNNjfsLpnDM3KVPU7mOBv53RUoWvVypvaZru3Ls/V+ZXm8iq+GuDbaG6
6s04L9FnM6S4OBLvJFLlohiHoyqYLkrkcCX5ewz5I5rd
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org