Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
File: 1988904e-7fdf-4bdf-b594-825eb95caf68.roa (raw, json)
Hash identifier: ijOZ2190UPmmoY6l0mACm99JxTu6WEsHWdrg/j+lQ0E=
Subject key identifier: 17:AC:08:DD:E4:C1:51:3A:B0:7B:63:22:8B:88:91:CE:A4:B4:E4:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B40A71B3685F386BFF23E03AEC40CB4D64349BD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:40:a7:1b:36:85:f3:86:bf:f2:3e:03:ae:c4:0c:b4:d6:43:49:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=803abc721768fdab882306442c538cab47b3382ccd41c611b3c035c7a60f5929, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:35:1f:4e:0b:fa:13:8f:d0:08:c3:f2:6f:e6:
c9:e2:4d:a5:fe:d0:8c:f4:77:fa:37:4c:95:84:be:
f3:f0:ce:28:99:56:67:53:55:0b:6f:9c:77:51:b9:
19:12:0a:0b:46:f6:de:de:18:1a:d6:70:85:e6:f6:
60:d6:66:2e:1c:84:0e:6e:3e:3f:c6:27:4f:27:24:
dc:71:63:a8:75:d3:00:6a:67:1a:47:af:e5:89:06:
be:cc:a8:7e:f6:7c:96:f7:eb:25:8d:30:4c:0a:95:
9b:49:d5:b0:99:f9:95:d4:72:47:da:f4:7d:64:15:
71:fe:7e:ee:26:ee:34:55:60:6a:ab:80:b9:87:94:
4e:56:55:68:db:80:53:e6:46:de:b1:66:7d:d3:ad:
44:1b:49:4d:a8:93:fa:87:e0:0b:d9:74:d4:9e:4b:
c0:19:5d:61:06:f7:a4:e0:68:cb:5e:c1:85:fa:24:
0b:c3:1e:a2:e2:61:49:c0:1e:74:e4:e1:e9:b2:e9:
f1:a5:e5:f0:46:c7:84:10:8f:1e:cd:eb:43:6e:8b:
fb:fe:18:fd:49:80:fd:32:16:95:6b:e3:98:15:05:
2a:da:93:c3:bc:c8:c4:8d:36:bf:92:ca:f1:50:d0:
37:e9:38:78:dd:5d:ef:45:02:ee:7f:2c:b3:f0:26:
6e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AC:08:DD:E4:C1:51:3A:B0:7B:63:22:8B:88:91:CE:A4:B4:E4:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1988904e-7fdf-4bdf-b594-825eb95caf68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
11:dd:79:95:47:51:71:91:6e:23:a0:b8:e3:ed:1b:00:19:37:
36:b9:71:65:7f:f6:52:63:84:c4:7d:b6:ec:7c:aa:10:e7:f3:
2f:87:d6:e7:49:e3:81:82:69:a5:a1:ea:8e:4b:c7:97:e6:12:
3a:64:36:42:d1:a3:68:bf:54:9a:5f:47:f5:34:ee:3f:68:b5:
08:2f:24:dc:c4:eb:03:7b:05:05:8f:bf:3b:6b:53:7d:b2:c0:
4f:fd:67:28:27:33:af:2a:a9:33:72:bf:0d:f7:b0:33:09:6e:
9f:d5:a9:76:bb:e8:f6:84:b6:cc:c3:07:ed:27:17:c2:2a:1a:
f3:34:28:bb:28:f9:0c:b8:79:6c:da:74:d5:40:3d:15:b6:1e:
96:82:54:61:66:81:27:d7:ad:41:e8:1a:74:87:18:b4:47:09:
8c:a8:8c:9e:dc:22:e8:16:c5:48:cb:a9:13:e8:df:15:7e:4f:
17:98:fd:d5:d5:4a:fb:25:18:b7:60:4c:c3:48:58:45:4a:07:
2b:04:a5:53:ff:9c:fe:ce:7e:d0:d0:ea:6a:4c:48:af:2f:e7:
b9:11:60:46:cf:e6:86:9f:82:c6:17:16:ba:13:a7:4e:a9:08:
d2:68:dd:70:91:fd:3f:f8:86:ac:3b:6d:60:29:e0:b6:8e:6b:
38:5f:fa:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO0CnGzaF84a/8j4DrsQMtNZDSb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwM2FiYzcyMTc2OGZkYWI4ODIzMDY0NDJjNTM4Y2FiNDdiMzM4MmNjZDQx
YzYxMWIzYzAzNWM3YTYwZjU5MjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALM1H04L+hOP0AjD8m/myeJNpf7QjPR3+jdMlYS+8/DOKJlWZ1NVC2+cd1G5
GRIKC0b23t4YGtZwheb2YNZmLhyEDm4+P8YnTyck3HFjqHXTAGpnGkev5YkGvsyo
fvZ8lvfrJY0wTAqVm0nVsJn5ldRyR9r0fWQVcf5+7ibuNFVgaquAuYeUTlZVaNuA
U+ZG3rFmfdOtRBtJTaiT+ofgC9l01J5LwBldYQb3pOBoy17BhfokC8MeouJhScAe
dOTh6bLp8aXl8EbHhBCPHs3rQ26L+/4Y/UmA/TIWlWvjmBUFKtqTw7zIxI02v5LK
8VDQN+k4eN1d70UC7n8ss/AmbnECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXrAjd
5MFROrB7YyKLiJHOpLTk1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTk4ODkwNGUtN2ZkZi00YmRmLWI1OTQtODI1ZWI5NWNhZjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQAR3XmVR1FxkW4joLjj7RsAGTc2uXFlf/ZSY4TEfbbs
fKoQ5/Mvh9bnSeOBgmmloeqOS8eX5hI6ZDZC0aNov1SaX0f1NO4/aLUILyTcxOsD
ewUFj787a1N9ssBP/WcoJzOvKqkzcr8N97AzCW6f1al2u+j2hLbMwwftJxfCKhrz
NCi7KPkMuHls2nTVQD0Vth6WglRhZoEn161B6Bp0hxi0RwmMqIye3CLoFsVIy6kT
6N8Vfk8XmP3V1Ur7JRi3YEzDSFhFSgcrBKVT/5z+zn7Q0OpqTEivL+e5EWBGz+aG
n4LGFxa6E6dOqQjSaN1wkf0/+IasO21gKeC2jms4X/qu
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org