Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
File: 2d0b0f83-8102-46aa-aad9-aae539204639.roa (raw, json)
Hash identifier: FGyyguIG7dpKjBy7AVpKc/niqnW5YXU2PMq4GGTItq8=
Subject key identifier: BB:50:7B:A7:E5:A1:C6:38:D4:55:42:A0:BA:15:98:36:65:64:72:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C84BBF192D7C13317B009A20A70461CC6D7780C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:84:bb:f1:92:d7:c1:33:17:b0:09:a2:0a:70:46:1c:c6:d7:78:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=a1c287d0189e953883accdf234c5bf10df1b34972c3363df824bbbbce3a55c06, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a3:aa:d0:49:42:2a:d9:51:b1:70:3d:36:2e:
fc:59:d7:05:9e:1d:1a:0d:68:e4:3f:b1:da:2e:62:
5e:dd:82:6b:66:83:f3:84:4d:64:b2:86:d6:f9:2b:
33:f6:44:5f:c6:2e:25:28:4c:30:91:da:99:f4:98:
5f:76:f4:73:cb:1d:ef:f8:37:f8:bc:83:71:a0:8e:
0b:23:55:a7:78:e5:e6:cf:45:25:ff:c4:8b:c1:7d:
e9:03:b9:93:ce:10:a4:ce:99:54:18:05:fe:df:4e:
6d:3d:66:24:7b:7c:3c:ae:a9:38:a1:ee:48:ca:11:
71:e1:33:d1:9e:8c:dc:49:3b:bb:4e:ad:41:1b:bf:
78:92:55:af:77:85:6b:90:6b:6f:10:6d:52:f7:e0:
54:8b:e8:38:f2:04:19:c9:c7:35:4d:4b:e3:e2:e1:
78:61:78:eb:f5:5b:63:cd:0e:30:3c:6a:04:9d:21:
9e:5e:39:08:13:b2:b1:52:31:9d:df:da:8f:0a:6b:
e2:68:3c:66:7f:a2:a9:17:68:2b:d7:fd:1a:66:0c:
39:cf:cc:78:53:c4:c7:6a:1e:45:54:47:96:f5:32:
de:c6:9f:c1:f3:24:dd:b4:a0:db:67:0a:c2:27:81:
73:83:88:f7:13:a1:fb:78:54:a3:aa:b8:fb:29:3f:
29:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:50:7B:A7:E5:A1:C6:38:D4:55:42:A0:BA:15:98:36:65:64:72:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d0b0f83-8102-46aa-aad9-aae539204639.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
73:76:99:b7:ba:dc:c3:e6:78:26:45:d9:a4:1c:b2:28:2e:88:
93:0d:28:63:02:38:92:ed:37:43:6d:27:58:0b:79:23:ba:4d:
f7:75:84:b2:eb:1d:8d:9c:6f:23:05:d4:9c:29:52:8e:03:0a:
ab:3c:89:68:3d:f5:44:23:62:36:24:9c:4d:38:7c:f2:59:30:
3b:89:a0:de:c8:c6:89:36:6e:57:12:ca:7b:db:5b:c1:9d:25:
cd:9a:cc:81:9b:b1:da:39:09:1e:dc:7e:d3:a1:d9:98:7f:d1:
31:95:b6:13:49:01:fd:6f:97:bd:90:32:82:07:79:21:bb:a7:
e4:4c:e6:84:8e:c4:9c:59:3b:5e:1d:59:4c:ab:20:45:db:c6:
9a:51:d0:81:80:f6:f7:b8:51:e8:c9:3f:ce:9e:a6:4e:54:fc:
74:bf:29:34:f5:f3:c0:f6:2c:2b:2a:9c:b4:2f:10:60:4b:23:
37:88:9e:32:ff:36:a2:74:b8:02:bb:d4:eb:54:15:1f:0c:51:
b3:b4:b8:f1:5c:5e:fa:2a:02:9c:45:63:ad:e5:62:01:20:8f:
c4:e9:36:ac:17:df:c5:cf:a9:91:c0:66:b6:95:27:cc:52:67:
e3:ac:50:0f:0e:8b:9d:a6:97:8b:e1:0c:7b:d8:3e:c1:c2:ec:
63:b9:8e:61
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTIS78ZLXwTMXsAmiCnBGHMbXeAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYzI4N2QwMTg5ZTk1Mzg4M2FjY2RmMjM0YzViZjEwZGYxYjM0OTcyYzMz
NjNkZjgyNGJiYmJjZTNhNTVjMDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANijqtBJQirZUbFwPTYu/FnXBZ4dGg1o5D+x2i5iXt2Ca2aD84RNZLKG1vkr
M/ZEX8YuJShMMJHamfSYX3b0c8sd7/g3+LyDcaCOCyNVp3jl5s9FJf/Ei8F96QO5
k84QpM6ZVBgF/t9ObT1mJHt8PK6pOKHuSMoRceEz0Z6M3Ek7u06tQRu/eJJVr3eF
a5BrbxBtUvfgVIvoOPIEGcnHNU1L4+LheGF46/VbY80OMDxqBJ0hnl45CBOysVIx
nd/ajwpr4mg8Zn+iqRdoK9f9GmYMOc/MeFPEx2oeRVRHlvUy3safwfMk3bSg22cK
wieBc4OI9xOh+3hUo6q4+yk/KWMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7UHun
5aHGONRVQqC6FZg2ZWRyITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQwYjBmODMtODEwMi00NmFhLWFhZDktYWFlNTM5MjA0NjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBzdpm3utzD5ngmRdmkHLIoLoiTDShjAjiS7TdDbSdY
C3kjuk33dYSy6x2NnG8jBdScKVKOAwqrPIloPfVEI2I2JJxNOHzyWTA7iaDeyMaJ
Nm5XEsp721vBnSXNmsyBm7HaOQke3H7TodmYf9ExlbYTSQH9b5e9kDKCB3khu6fk
TOaEjsScWTteHVlMqyBF28aaUdCBgPb3uFHoyT/OnqZOVPx0vyk09fPA9iwrKpy0
LxBgSyM3iJ4y/zaidLgCu9TrVBUfDFGztLjxXF76KgKcRWOt5WIBII/E6TasF9/F
z6mRwGa2lSfMUmfjrFAPDoudppeL4Qx72D7BwuxjuY5h
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org