Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
File: 1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa (raw, json)
Hash identifier: FbTNsKHVACci43gCME7ZXa7iYmjT8aBPTL3I+BXGTqE=
Subject key identifier: 12:80:48:7B:C5:49:8C:5E:8D:B4:13:52:01:8F:DD:E0:27:1D:19:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F5836B6F4C1D78FF7402A92E9E2F95F5F226335
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:58:36:b6:f4:c1:d7:8f:f7:40:2a:92:e9:e2:f9:5f:5f:22:63:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=b42ed2198634051aef387afb95864e3e6ebc514c4cec7b5251d9838a6e0d7918, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:07:87:c6:b3:0b:b8:08:58:71:d7:b7:e4:
f4:b0:4c:8d:74:8f:5a:c7:02:73:b0:8f:4e:d4:92:
4f:3c:c9:0f:e3:a6:fa:58:5b:38:30:b6:b7:28:7b:
d1:8e:f7:63:e7:e2:c1:b9:38:c0:c4:4e:7d:e3:6b:
91:ac:09:25:63:72:f5:9f:64:59:db:1a:23:d4:5f:
33:36:1d:45:81:93:18:11:55:4f:63:9d:6e:fb:1d:
b3:e2:08:8a:5b:de:10:9c:7d:6a:67:cd:ea:7f:e3:
97:56:2a:f0:de:6f:a8:f1:a6:cd:ae:f3:68:e4:e5:
16:06:11:d8:44:d9:fa:12:d8:7c:34:2f:e1:9f:d9:
fa:22:91:8a:f0:d1:50:7d:51:e3:11:7f:20:e1:8d:
b6:2b:c0:8e:6b:7e:5e:11:8e:11:90:a4:27:24:cd:
69:e8:e2:83:01:cc:05:99:5f:ca:d7:15:24:73:25:
e9:2b:ef:64:0a:b8:de:82:b1:f2:79:6f:19:60:13:
83:c6:cf:0e:bc:11:15:33:ef:11:b1:00:cf:e7:88:
71:13:59:ae:b6:dd:0b:0f:82:11:9b:33:fe:84:72:
d5:37:92:ba:2b:41:f1:6a:de:bf:92:7a:8e:2a:51:
8f:59:66:d6:aa:cc:b6:de:a7:d0:73:5e:41:d6:a0:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:80:48:7B:C5:49:8C:5E:8D:B4:13:52:01:8F:DD:E0:27:1D:19:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1f695b88-30e9-49f2-9e00-4f3fa3d354b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ce:60:96:ae:8c:4f:4f:9f:89:a8:e1:97:91:6d:eb:72:3b:72:
9a:38:e0:10:bd:22:dd:d3:2b:78:b8:cb:33:96:35:f9:1a:5c:
17:52:c8:d8:24:01:83:b2:33:0a:1a:75:b5:c7:7d:df:7c:a9:
b3:06:d7:cd:ff:e6:66:2d:26:7d:d0:b8:44:89:e4:9c:a4:85:
08:2f:17:80:a9:6a:51:f2:32:79:3f:b2:fd:d4:1c:b0:01:c2:
8b:79:3f:ef:28:19:c8:b0:f9:70:d3:fa:63:ef:07:b8:87:9d:
a3:fa:52:4e:f8:b1:66:3e:5d:10:23:d4:46:7f:0e:50:e7:12:
cf:f2:38:e1:01:96:28:01:ab:77:4d:88:c7:a7:54:94:f7:e8:
0a:df:e9:df:77:54:88:24:ff:96:eb:3e:4c:27:d9:7a:96:06:
3b:27:6a:f3:41:36:2a:f0:1c:bb:99:35:ca:01:2f:01:0e:a1:
27:b8:ac:b7:b2:41:88:2d:71:90:74:6c:c1:97:da:db:f1:0b:
e3:e1:da:45:6c:4a:85:c0:c9:04:73:5f:6f:cf:15:0c:39:8d:
da:3d:ee:6d:b1:56:84:ce:11:ab:8c:ae:58:dc:7b:5e:82:9f:
86:0f:f5:1b:cd:a5:57:96:59:59:cc:7c:40:1b:9d:38:a7:87:
5d:06:77:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP1g2tvTB14/3QCqS6eL5X18iYzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0MmVkMjE5ODYzNDA1MWFlZjM4N2FmYjk1ODY0ZTNlNmViYzUxNGM0Y2Vj
N2I1MjUxZDk4MzhhNmUwZDc5MTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK73B4fGswu4CFhx17fk9LBMjXSPWscCc7CPTtSSTzzJD+Om+lhbODC2tyh7
0Y73Y+fiwbk4wMROfeNrkawJJWNy9Z9kWdsaI9RfMzYdRYGTGBFVT2Odbvsds+II
ilveEJx9amfN6n/jl1Yq8N5vqPGmza7zaOTlFgYR2ETZ+hLYfDQv4Z/Z+iKRivDR
UH1R4xF/IOGNtivAjmt+XhGOEZCkJyTNaejigwHMBZlfytcVJHMl6SvvZAq43oKx
8nlvGWATg8bPDrwRFTPvEbEAz+eIcRNZrrbdCw+CEZsz/oRy1TeSuitB8Wrev5J6
jipRj1lm1qrMtt6n0HNeQdagmAMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQSgEh7
xUmMXo20E1IBj93gJx0ZfDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWY2OTViODgtMzBlOS00OWYyLTllMDAtNGYzZmEzZDM1NGI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQDOYJaujE9Pn4mo4ZeRbetyO3KaOOAQvSLd0yt4uMsz
ljX5GlwXUsjYJAGDsjMKGnW1x33ffKmzBtfN/+ZmLSZ90LhEieScpIUILxeAqWpR
8jJ5P7L91BywAcKLeT/vKBnIsPlw0/pj7we4h52j+lJO+LFmPl0QI9RGfw5Q5xLP
8jjhAZYoAat3TYjHp1SU9+gK3+nfd1SIJP+W6z5MJ9l6lgY7J2rzQTYq8By7mTXK
AS8BDqEnuKy3skGILXGQdGzBl9rb8Qvj4dpFbEqFwMkEc19vzxUMOY3aPe5tsVaE
zhGrjK5Y3Htegp+GD/UbzaVXlllZzHxAG504p4ddBnd1
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org