Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: YTc3H/zhGHp8tg/ygHysIDL+V49BtoJRiGGUCrQdu74=
Subject key identifier: 5A:95:C8:62:7C:46:4A:F6:29:DA:9A:CB:7D:38:17:FA:3A:1F:48:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67B32121FF29B7873F23208C1C854152881058CD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:b3:21:21:ff:29:b7:87:3f:23:20:8c:1c:85:41:52:88:10:58:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=24b9b0381cd0fdd5349a05a656545bb397fa6aace13bdf0160c8bf70d8c4a4f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:a4:c4:c5:42:44:75:20:0b:0c:c9:9c:88:
88:59:df:ec:70:ec:58:54:e9:6c:61:2c:c2:17:2e:
58:8b:ec:7e:5e:3a:c6:dd:5a:10:06:7d:82:3c:53:
fa:4d:78:7a:7e:43:e6:2a:db:0c:78:69:84:ee:d0:
a3:8c:2b:21:7d:86:03:07:4a:3f:1f:83:12:5b:f4:
a9:f4:c5:73:bd:08:0c:2f:57:95:43:9d:b2:9e:47:
ce:52:11:ff:6c:f2:16:b2:1e:6b:63:f9:e6:03:9b:
cc:2e:56:a1:bc:11:1c:d6:d8:5a:56:c7:49:75:c0:
d1:32:b0:03:66:91:a9:1b:0f:38:e8:40:bb:8f:e7:
81:31:44:b9:48:99:55:f2:99:9a:41:6a:37:53:32:
99:86:1e:36:56:90:cb:9f:b2:22:a7:53:de:bc:df:
2c:12:1c:67:a4:66:47:2c:bd:7b:63:74:fd:c9:71:
09:ed:4f:5d:b5:04:de:bc:dc:f2:b3:a1:88:8f:d8:
40:da:61:66:bc:9a:28:58:ab:13:55:81:ea:b9:82:
9f:41:23:cc:17:5b:b7:7c:de:b0:17:11:5d:af:72:
5d:f4:34:bf:39:26:78:4d:b9:f7:12:45:3c:c6:b7:
fb:6e:60:58:08:63:d1:19:80:09:3d:42:14:2d:82:
8e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:95:C8:62:7C:46:4A:F6:29:DA:9A:CB:7D:38:17:FA:3A:1F:48:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:f1:b7:5f:57:24:c9:b5:92:6f:07:06:e4:ed:ff:13:f0:49:
8b:56:26:75:e3:de:5d:af:fe:9d:06:f1:50:3e:04:6a:a0:7f:
0d:3d:23:d2:37:e9:27:f0:d4:f6:ff:5d:47:2a:10:49:90:47:
e8:7b:19:46:31:83:2c:48:71:48:e3:57:4f:31:66:44:66:76:
12:8e:c9:44:ab:ec:51:9c:62:de:d6:a7:be:25:3e:d8:34:47:
1c:5a:c1:bf:71:23:06:41:66:6f:3f:9e:ed:53:80:81:b7:13:
f9:d5:41:7f:77:f6:fc:02:85:1e:68:e5:b6:75:52:89:30:0e:
f7:3f:5f:a7:d6:e5:dd:04:89:31:46:be:7f:64:1f:9b:ff:7e:
b4:21:8d:99:97:92:c3:5b:c6:fd:95:e8:4b:af:80:b5:a9:4e:
9f:04:f2:21:eb:d4:e3:86:f2:32:12:d3:84:29:0f:ea:7a:90:
5a:a1:e1:56:1c:ac:8e:07:97:eb:04:0e:5b:cb:dc:ed:c1:1e:
18:4b:f4:06:10:83:4a:60:cb:ee:44:73:1b:2a:4a:13:c7:27:
72:8f:65:bc:05:a3:bb:30:b8:71:a4:b7:11:3f:53:81:76:47:
bb:50:80:c6:06:6a:98:e4:5e:c8:0d:da:3e:b2:1c:6b:30:d4:
64:93:42:24
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZ7MhIf8pt4c/IyCMHIVBUogQWM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YjliMDM4MWNkMGZkZDUzNDlhMDVhNjU2NTQ1YmIzOTdmYTZhYWNlMTNi
ZGYwMTYwYzhiZjcwZDhjNGE0ZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEmpMTFQkR1IAsMyZyIiFnf7HDsWFTpbGEswhcuWIvsfl46xt1aEAZ9gjxT
+k14en5D5irbDHhphO7Qo4wrIX2GAwdKPx+DElv0qfTFc70IDC9XlUOdsp5HzlIR
/2zyFrIea2P55gObzC5WobwRHNbYWlbHSXXA0TKwA2aRqRsPOOhAu4/ngTFEuUiZ
VfKZmkFqN1MymYYeNlaQy5+yIqdT3rzfLBIcZ6RmRyy9e2N0/clxCe1PXbUE3rzc
8rOhiI/YQNphZryaKFirE1WB6rmCn0EjzBdbt3zesBcRXa9yXfQ0vzkmeE259xJF
PMa3+25gWAhj0RmACT1CFC2CjhcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRalchi
fEZK9inamst9OBf6Oh9IqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQA98bdfVyTJtZJvBwbk7f8T8EmLViZ1495dr/6dBvFQ
PgRqoH8NPSPSN+kn8NT2/11HKhBJkEfoexlGMYMsSHFI41dPMWZEZnYSjslEq+xR
nGLe1qe+JT7YNEccWsG/cSMGQWZvP57tU4CBtxP51UF/d/b8AoUeaOW2dVKJMA73
P1+n1uXdBIkxRr5/ZB+b/360IY2Zl5LDW8b9lehLr4C1qU6fBPIh69TjhvIyEtOE
KQ/qepBaoeFWHKyOB5frBA5by9ztwR4YS/QGEINKYMvuRHMbKkoTxydyj2W8BaO7
MLhxpLcRP1OBdke7UIDGBmqY5F7IDdo+shxrMNRkk0Ik
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org