Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: z73GDZv5q0GZbKHdtya+frxhz8tyRyFIb+c6OhR2734=
Subject key identifier: 74:B8:A4:C0:33:D3:9E:B4:D5:B6:65:80:C3:7F:4D:E2:A3:15:69:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34E07EA3AC14C4684C788AFBAF0860232EFFB880
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:e0:7e:a3:ac:14:c4:68:4c:78:8a:fb:af:08:60:23:2e:ff:b8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=31a65b17189f19e7037c2c8332dde74e1e1c5c11fd9825418905e2f3d50826f4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8a:3a:fb:9f:7e:0e:79:93:32:db:5c:17:15:
5e:77:33:f9:18:e5:49:e2:0c:f1:fe:ee:32:33:b4:
62:94:3d:c5:f7:bc:f4:11:5c:32:30:ae:ab:bd:16:
9d:be:f8:e7:54:d5:54:31:ac:42:33:be:23:03:86:
db:f4:83:41:a0:53:c6:cb:dd:54:92:dc:8e:77:cb:
5a:62:d7:b8:80:87:e1:1c:60:b8:60:d2:fd:38:13:
3d:83:ff:8f:dc:7d:67:a7:89:06:3a:bf:b2:56:a2:
f4:93:19:4b:7e:94:d3:b2:04:72:8e:e3:cd:5e:b9:
11:fb:2f:d7:7e:71:ff:f1:2b:e5:8f:02:2b:d8:d6:
c5:c3:b6:79:e0:43:eb:6e:6c:fe:fe:b6:e9:7f:90:
77:21:fe:cf:aa:4b:65:e4:02:8a:ff:95:bf:ea:1e:
76:d8:cd:71:0f:e4:d7:99:90:5a:9b:0b:ca:44:6c:
bf:c4:61:04:97:49:ef:7b:21:c0:be:8e:f7:be:f4:
61:f6:14:f8:48:5a:8a:08:d2:9e:3d:f6:28:d3:28:
91:42:49:fc:d6:e1:02:6c:16:62:34:2d:f6:ec:6a:
41:e7:b3:c7:78:9c:7a:07:ab:e6:16:88:21:4f:cd:
96:82:af:87:36:2f:2d:4f:1e:70:16:ab:94:cc:18:
d9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B8:A4:C0:33:D3:9E:B4:D5:B6:65:80:C3:7F:4D:E2:A3:15:69:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:21:83:31:fe:02:6c:1b:1f:0f:c0:9b:78:94:bd:42:ed:bd:
9e:fa:d1:c5:cf:dd:84:70:63:e3:8a:63:da:d6:ff:e6:a5:59:
68:dc:d0:0d:66:1b:3b:5b:20:31:f6:af:0d:c3:b6:5c:7b:35:
e6:cd:d9:2b:04:f1:f2:c0:b1:b0:7a:5a:e5:99:1a:96:60:7e:
d5:87:68:82:df:58:58:e4:62:1f:66:80:bc:26:d5:5c:75:be:
b1:b8:ab:af:d7:2e:55:c6:77:6b:26:e4:6a:f9:a6:1a:8f:01:
13:20:fb:99:72:ea:5b:f8:1c:f8:4f:ad:38:41:4d:8c:7d:fb:
e9:7e:dc:08:5f:74:fd:64:f2:7a:eb:e6:fd:71:f1:65:49:a1:
9a:fc:dd:c1:d2:95:e9:d7:80:bc:99:10:9a:87:09:a4:bf:7b:
16:1f:3e:ef:d0:4b:11:2d:57:8c:04:9d:19:21:33:1b:9c:16:
7a:8e:13:11:7a:52:01:97:be:7c:46:b7:9e:bc:55:c9:f7:20:
64:9b:20:ce:ad:19:6b:cc:8b:4a:c4:7c:a8:0a:61:5b:22:44:
84:30:a6:ce:15:38:cb:5c:e6:a5:5a:33:92:e3:cf:cd:1a:43:
74:19:29:53:1b:42:32:94:37:f5:f0:ab:52:4d:7f:f1:e8:c0:
b8:e6:2d:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNOB+o6wUxGhMeIr7rwhgIy7/uIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxYTY1YjE3MTg5ZjE5ZTcwMzdjMmM4MzMyZGRlNzRlMWUxYzVjMTFmZDk4
MjU0MTg5MDVlMmYzZDUwODI2ZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSKOvuffg55kzLbXBcVXncz+RjlSeIM8f7uMjO0YpQ9xfe89BFcMjCuq70W
nb7451TVVDGsQjO+IwOG2/SDQaBTxsvdVJLcjnfLWmLXuICH4RxguGDS/TgTPYP/
j9x9Z6eJBjq/slai9JMZS36U07IEco7jzV65Efsv135x//Er5Y8CK9jWxcO2eeBD
625s/v626X+QdyH+z6pLZeQCiv+Vv+oedtjNcQ/k15mQWpsLykRsv8RhBJdJ73sh
wL6O9770YfYU+EhaigjSnj32KNMokUJJ/NbhAmwWYjQt9uxqQeezx3iceger5haI
IU/NloKvhzYvLU8ecBarlMwY2RMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0uKTA
M9OetNW2ZYDDf03ioxVpZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQB6IYMx/gJsGx8PwJt4lL1C7b2e+tHFz92EcGPjimPa
1v/mpVlo3NANZhs7WyAx9q8Nw7ZcezXmzdkrBPHywLGwelrlmRqWYH7Vh2iC31hY
5GIfZoC8JtVcdb6xuKuv1y5VxndrJuRq+aYajwETIPuZcupb+Bz4T604QU2Mffvp
ftwIX3T9ZPJ66+b9cfFlSaGa/N3B0pXp14C8mRCahwmkv3sWHz7v0EsRLVeMBJ0Z
ITMbnBZ6jhMRelIBl758RreevFXJ9yBkmyDOrRlrzItKxHyoCmFbIkSEMKbOFTjL
XOalWjOS48/NGkN0GSlTG0IylDf18KtSTX/x6MC45i3R
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org