Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
File: 24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa (raw, json)
Hash identifier: MGdno5i9MZ1DqOpNHWsMrGFUwiAVg3B4PLFc1gCCR1k=
Subject key identifier: D6:48:29:50:7B:A8:B4:C1:42:92:08:BD:1E:A3:18:AC:F7:A3:1F:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 61FD3CD04A64C5314C1CCA6C6571929ADA303BD3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:fd:3c:d0:4a:64:c5:31:4c:1c:ca:6c:65:71:92:9a:da:30:3b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=fb6de80a51ca43a0ff30a00b66ea9702931fc2d24288fda2ba499e0b52b3301f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:24:90:f1:8b:61:f0:9a:83:c3:83:13:d9:69:
cd:54:39:b4:e1:8b:31:67:5b:09:95:21:98:f4:a9:
10:53:62:5d:8e:2f:1e:40:b5:fd:5a:cb:ca:9f:bb:
7c:7e:4a:53:c3:a3:bf:98:ed:fe:b8:67:26:4b:bc:
a0:91:5f:7a:9f:18:d9:ff:4b:a9:30:d6:7c:45:5b:
0c:56:91:e4:d0:1c:fb:0c:cf:ca:7f:b6:8d:4a:65:
af:6b:2c:5f:d0:7d:96:c4:7c:15:a6:09:b8:c4:ee:
19:56:a4:1b:3f:27:ee:de:ca:d5:72:58:8c:bd:6e:
b1:ed:f9:84:65:50:65:11:e7:0e:9e:df:f4:b1:03:
52:9b:e5:76:f7:5e:1c:d9:e7:70:50:d9:aa:45:54:
37:b7:bc:85:71:28:16:6a:3c:d8:b1:cb:39:04:1f:
7c:fd:89:33:48:ae:3d:e2:56:be:16:7f:45:8e:4d:
8a:eb:35:09:a4:12:2a:4e:6a:8f:fd:09:0b:0a:54:
3c:1f:a2:08:4e:25:36:12:fe:c3:ea:96:4f:2f:a8:
c8:73:b1:d7:e0:fa:c2:db:21:4f:33:5a:5c:6b:5a:
3f:fe:a0:8b:e2:b5:91:2c:30:b2:51:5d:09:a1:42:
b8:e4:82:e2:e5:87:d2:f9:da:17:b2:36:9b:22:df:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:48:29:50:7B:A8:B4:C1:42:92:08:BD:1E:A3:18:AC:F7:A3:1F:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/24c63b97-5b5e-449d-b86b-7e9e53b182bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
68:d5:24:ce:33:6f:bc:c1:72:37:df:f9:50:ea:d8:d8:57:26:
9b:4a:19:c8:12:b5:fd:54:f2:fd:e8:ce:23:65:f0:8f:58:a0:
96:91:a2:ac:02:04:9d:b9:f5:9c:bd:ec:87:db:5c:c5:2b:86:
57:23:d5:5f:27:a9:10:cf:f5:f3:c3:23:58:06:69:86:ea:cf:
cf:09:93:e0:03:84:b0:4c:0f:27:84:65:36:5d:42:ad:2f:43:
85:9b:81:e7:1e:77:c9:3b:b5:29:f6:e3:f8:3a:6e:db:ab:b9:
14:39:46:ad:b3:4c:83:cd:78:b8:08:e8:a5:65:8c:90:80:42:
7b:0e:81:1c:25:cb:bd:97:33:a6:ea:7a:68:1f:1c:fe:6e:f3:
34:62:a5:6f:7c:e3:2b:bc:c1:a0:51:3a:ba:29:67:00:b8:1b:
a0:64:13:16:04:05:e7:32:82:86:25:f4:2c:ce:50:8a:1d:1e:
15:63:41:17:b0:5d:c5:31:06:63:52:da:53:01:fb:90:59:56:
16:a0:f0:d4:d1:8c:84:2e:6e:e9:33:b6:18:a1:cb:84:3e:dc:
54:cd:7a:7b:67:28:78:c1:7a:85:08:98:ce:f3:07:8d:16:5f:
bf:d5:33:d9:9e:68:c0:9c:2a:9b:de:52:e9:81:20:6c:e8:d2:
58:d0:e8:22
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYf080EpkxTFMHMpsZXGSmtowO9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNmRlODBhNTFjYTQzYTBmZjMwYTAwYjY2ZWE5NzAyOTMxZmMyZDI0Mjg4
ZmRhMmJhNDk5ZTBiNTJiMzMwMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALckkPGLYfCag8ODE9lpzVQ5tOGLMWdbCZUhmPSpEFNiXY4vHkC1/VrLyp+7
fH5KU8Ojv5jt/rhnJku8oJFfep8Y2f9LqTDWfEVbDFaR5NAc+wzPyn+2jUplr2ss
X9B9lsR8FaYJuMTuGVakGz8n7t7K1XJYjL1use35hGVQZRHnDp7f9LEDUpvldvde
HNnncFDZqkVUN7e8hXEoFmo82LHLOQQffP2JM0iuPeJWvhZ/RY5Nius1CaQSKk5q
j/0JCwpUPB+iCE4lNhL+w+qWTy+oyHOx1+D6wtshTzNaXGtaP/6gi+K1kSwwslFd
CaFCuOSC4uWH0vnaF7I2myLf8wECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTWSClQ
e6i0wUKSCL0eoxis96MfWTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjRjNjNiOTctNWI1ZS00NDlkLWI4NmItN2U5ZTUzYjE4MmJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQBo1STOM2+8wXI33/lQ6tjYVyabShnIErX9VPL96M4j
ZfCPWKCWkaKsAgSdufWcveyH21zFK4ZXI9VfJ6kQz/XzwyNYBmmG6s/PCZPgA4Sw
TA8nhGU2XUKtL0OFm4HnHnfJO7Up9uP4Om7bq7kUOUats0yDzXi4COilZYyQgEJ7
DoEcJcu9lzOm6npoHxz+bvM0YqVvfOMrvMGgUTq6KWcAuBugZBMWBAXnMoKGJfQs
zlCKHR4VY0EXsF3FMQZjUtpTAfuQWVYWoPDU0YyELm7pM7YYocuEPtxUzXp7Zyh4
wXqFCJjO8weNFl+/1TPZnmjAnCqb3lLpgSBs6NJY0Ogi
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:49 2024 by rpki-client on console-ams.rpki-client.org