Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: wg4kM9t/zbqv1DzQ+eVjb6rECmera0zIikOa5Gch8cE=
Subject key identifier: C8:26:B2:D9:05:A7:06:58:D9:FD:63:8E:6B:CF:E9:39:9A:BC:E2:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2098B98023CF11BFB5B17DA13349A6F59FA7394E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:98:b9:80:23:cf:11:bf:b5:b1:7d:a1:33:49:a6:f5:9f:a7:39:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=31b15c75a1af46b04efa87232572401f36c39f1a75f29a861ab979d08324a5ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6a:20:4d:88:6a:aa:17:48:44:2b:67:9e:95:
8c:0d:33:07:e7:f3:df:17:95:ef:85:38:94:1a:47:
ff:54:44:3c:1d:39:90:96:42:fb:03:d7:01:f6:54:
b0:4a:35:1d:fd:6e:14:cb:7b:de:8a:c6:4b:27:41:
fa:53:52:23:75:a0:b0:46:d1:a9:76:51:55:a9:58:
fd:a4:4f:bb:88:f3:1b:fb:73:72:6f:89:1f:f2:ed:
e1:13:2b:a1:0e:fc:ee:e8:5f:7f:a2:d1:16:8a:7b:
d0:27:bb:17:0d:17:79:4d:3c:98:b7:26:84:cd:c9:
05:41:b5:de:98:6f:5c:68:03:1b:79:37:09:e9:15:
4b:c9:f4:94:1e:8c:6d:4c:d4:09:13:df:fd:46:fa:
2a:c8:a4:7a:6e:67:7c:11:a8:d6:87:90:1f:1c:89:
55:09:63:6a:01:39:ba:ce:f0:ca:81:88:3e:23:07:
a9:7c:1a:1a:66:fe:6c:4b:9b:93:dc:5c:d2:c3:54:
b7:e0:09:b4:7f:8a:67:0c:89:f5:e0:4a:e5:c7:b9:
8d:7b:6e:04:05:1c:21:7f:25:83:25:86:36:3a:a4:
96:e2:8c:8c:f0:f4:4b:1d:e7:ce:a4:b0:c6:71:3e:
35:e6:36:14:b7:7f:ec:4c:90:93:74:6f:cc:68:1e:
21:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:26:B2:D9:05:A7:06:58:D9:FD:63:8E:6B:CF:E9:39:9A:BC:E2:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c9:cd:8a:e3:95:72:f4:d2:49:fb:bb:55:d2:76:b8:45:8e:ad:
9d:68:97:b6:0d:40:06:df:7a:5a:1a:56:0f:89:c9:18:38:4b:
53:ab:ea:eb:0e:03:d0:a6:73:84:4e:34:cf:5f:ce:5b:a9:d4:
cb:8d:b9:58:94:2e:ca:e2:d0:1e:fd:b0:27:67:c7:a4:b0:65:
70:24:8b:c6:44:cc:b9:df:cb:df:6a:b9:02:9b:eb:63:14:4b:
0a:27:ff:f0:f6:56:93:c7:e3:52:b5:9a:12:84:50:d0:2d:20:
43:91:a9:83:c6:6a:3c:13:55:8f:ff:06:d3:a1:44:30:d8:f2:
53:15:e1:2a:01:03:f6:56:a9:b0:90:a0:3c:83:97:9d:01:5f:
09:dd:3e:ce:09:f3:d5:d7:76:38:40:18:cb:52:42:10:c6:f7:
64:8d:df:10:da:dc:cb:82:55:c5:96:4d:81:0d:41:c9:c4:95:
78:c6:de:67:f4:0b:65:42:da:ed:0c:40:31:70:ee:c3:c2:53:
ce:46:7e:6a:4a:22:a6:a0:1d:0a:a3:cd:e0:eb:65:f5:3c:64:
fe:2f:42:62:98:48:37:68:e4:ad:6e:ff:a8:63:9c:ac:0f:d6:
7a:7b:f7:12:e0:bb:1a:80:73:69:21:60:4a:70:ba:92:6e:5c:
c1:53:d3:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIJi5gCPPEb+1sX2hM0mm9Z+nOU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxYjE1Yzc1YTFhZjQ2YjA0ZWZhODcyMzI1NzI0MDFmMzZjMzlmMWE3NWYy
OWE4NjFhYjk3OWQwODMyNGE1Y2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFqIE2IaqoXSEQrZ56VjA0zB+fz3xeV74U4lBpH/1REPB05kJZC+wPXAfZU
sEo1Hf1uFMt73orGSydB+lNSI3WgsEbRqXZRValY/aRPu4jzG/tzcm+JH/Lt4RMr
oQ787uhff6LRFop70Ce7Fw0XeU08mLcmhM3JBUG13phvXGgDG3k3CekVS8n0lB6M
bUzUCRPf/Ub6Ksikem5nfBGo1oeQHxyJVQljagE5us7wyoGIPiMHqXwaGmb+bEub
k9xc0sNUt+AJtH+KZwyJ9eBK5ce5jXtuBAUcIX8lgyWGNjqkluKMjPD0Sx3nzqSw
xnE+NeY2FLd/7EyQk3RvzGgeIa8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTIJrLZ
BacGWNn9Y45rz+k5mrziJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQDJzYrjlXL00kn7u1XSdrhFjq2daJe2DUAG33paGlYP
ickYOEtTq+rrDgPQpnOETjTPX85bqdTLjblYlC7K4tAe/bAnZ8eksGVwJIvGRMy5
38vfarkCm+tjFEsKJ//w9laTx+NStZoShFDQLSBDkamDxmo8E1WP/wbToUQw2PJT
FeEqAQP2VqmwkKA8g5edAV8J3T7OCfPV13Y4QBjLUkIQxvdkjd8Q2tzLglXFlk2B
DUHJxJV4xt5n9AtlQtrtDEAxcO7DwlPORn5qSiKmoB0Ko83g62X1PGT+L0JimEg3
aOStbv+oY5ysD9Z6e/cS4LsagHNpIWBKcLqSblzBU9Oa
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org