Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: vVKChmKBWhTrCcW5R7BbwBh6NCIch7fMcSN12LanXsk=
Subject key identifier: BA:96:3A:57:C7:70:60:C5:00:DE:DF:F2:CC:F0:1F:8B:79:87:59:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 260D90F7FCC9170E1A2D31A63CAA3D58ED3DD4AE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Tue 22 Oct 2024 00:00:00 +0000
ROA not before: Tue 22 Oct 2024 00:00:00 +0000
ROA not after: Tue 26 Nov 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Oct 2024 17:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:0d:90:f7:fc:c9:17:0e:1a:2d:31:a6:3c:aa:3d:58:ed:3d:d4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:00:00 2024 GMT
Not After : Nov 26 23:59:59 2024 GMT
Subject: serialNumber=eea526c0f2c22f8f5d651cf19979d1e1e7ad4a40c4e9a751c18669317e7e666d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:08:1f:f8:cb:33:e9:84:86:a5:ad:7d:0b:83:
56:79:a7:44:cc:c8:e5:da:9f:d0:0a:9c:6c:04:2b:
92:a7:7b:ce:21:b1:39:8a:15:de:72:61:94:c1:f2:
35:ee:bd:27:fc:fa:e9:4a:1c:21:c7:60:96:ce:bc:
4e:19:79:b4:7d:71:d9:c1:b6:8b:ca:75:0c:9f:3a:
4d:02:0c:97:c0:61:50:7f:6e:89:6c:58:f4:39:e6:
de:82:5d:f8:b4:d7:4e:4b:e1:49:e8:6d:f5:7d:7a:
a0:2e:ae:3e:6f:8d:38:4f:5a:fa:91:b1:e0:c1:32:
ac:dc:f0:28:99:a2:7e:df:d6:a0:4d:5a:d5:c2:25:
47:66:95:b2:08:c5:c4:ee:1b:6c:ac:83:53:7f:ad:
c3:2d:02:b2:64:c2:ac:a4:09:69:76:7c:a2:f0:2b:
3d:2f:3c:72:5b:9f:f5:99:7b:16:ba:44:f9:0b:e7:
76:8e:95:fa:06:ab:9f:24:81:65:aa:8f:04:a7:b7:
b0:f6:3c:f4:9b:92:e1:f9:87:88:58:0e:dd:ec:72:
a1:08:7f:7e:e3:48:09:89:63:09:ff:c3:cb:d5:8e:
6a:9e:2b:f9:b0:75:38:2b:c2:ae:13:c3:23:79:5a:
e7:07:15:7a:df:96:d1:51:38:9f:69:09:e6:11:10:
7a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:96:3A:57:C7:70:60:C5:00:DE:DF:F2:CC:F0:1F:8B:79:87:59:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:16:0a:63:d2:6b:cb:48:94:b0:f9:6e:d7:b0:2a:06:5a:15:
49:65:f0:3b:bf:54:b7:38:ed:52:97:8e:02:09:0a:f8:cb:b6:
0a:48:dd:4c:a8:5a:fb:bb:bc:e7:92:4b:f0:24:34:87:87:68:
5a:d8:83:9c:7a:d7:70:92:9d:ab:62:c2:ac:3c:d8:14:4e:c2:
f2:63:46:14:29:72:90:b1:f0:42:0f:57:87:a2:3b:4d:15:80:
f7:e6:44:9e:8a:0b:04:43:d8:61:98:18:2d:40:3b:cc:4a:bc:
93:2e:3b:99:c4:c1:64:43:68:6f:ac:05:f2:eb:3e:c0:80:55:
10:f0:a5:41:44:75:f6:59:69:2b:75:fb:ec:4f:eb:8d:49:28:
74:c4:33:a7:f1:f0:52:b8:19:bd:d9:25:d3:48:46:0f:63:40:
fe:64:ec:40:67:cb:9b:19:ec:88:f7:46:ee:bb:93:c6:5c:1d:
30:82:ac:d4:1e:c0:cf:28:94:23:f0:cd:a9:f8:9a:0d:79:e0:
5a:07:3c:16:63:22:87:0f:c0:d2:96:43:b5:20:e9:1f:e8:88:
00:e6:fa:57:9f:92:89:38:5f:fb:cf:7c:21:25:e1:d5:37:d3:
a3:37:f5:d9:4f:9e:60:fd:fa:d8:2a:cf:a3:70:95:aa:79:f8:
53:04:19:ca
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJg2Q9/zJFw4aLTGmPKo9WO091K4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjIwMDAwMDBaFw0yNDExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlYTUyNmMwZjJjMjJmOGY1ZDY1MWNmMTk5NzlkMWUxZTdhZDRhNDBjNGU5
YTc1MWMxODY2OTMxN2U3ZTY2NmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsIH/jLM+mEhqWtfQuDVnmnRMzI5dqf0AqcbAQrkqd7ziGxOYoV3nJhlMHy
Ne69J/z66UocIcdgls68Thl5tH1x2cG2i8p1DJ86TQIMl8BhUH9uiWxY9Dnm3oJd
+LTXTkvhSeht9X16oC6uPm+NOE9a+pGx4MEyrNzwKJmift/WoE1a1cIlR2aVsgjF
xO4bbKyDU3+twy0CsmTCrKQJaXZ8ovArPS88cluf9Zl7FrpE+Qvndo6V+garnySB
ZaqPBKe3sPY89JuS4fmHiFgO3exyoQh/fuNICYljCf/Dy9WOap4r+bB1OCvCrhPD
I3la5wcVet+W0VE4n2kJ5hEQei8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6ljpX
x3BgxQDe3/LM8B+LeYdZgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQARFgpj0mvLSJSw+W7XsCoGWhVJZfA7v1S3OO1Sl44C
CQr4y7YKSN1MqFr7u7znkkvwJDSHh2ha2IOcetdwkp2rYsKsPNgUTsLyY0YUKXKQ
sfBCD1eHojtNFYD35kSeigsEQ9hhmBgtQDvMSryTLjuZxMFkQ2hvrAXy6z7AgFUQ
8KVBRHX2WWkrdfvsT+uNSSh0xDOn8fBSuBm92SXTSEYPY0D+ZOxAZ8ubGeyI90bu
u5PGXB0wgqzUHsDPKJQj8M2p+JoNeeBaBzwWYyKHD8DSlkO1IOkf6IgA5vpXn5KJ
OF/7z3whJeHVN9OjN/XZT55g/frYKs+jcJWqefhTBBnK
-----END CERTIFICATE-----
Generated at Thu Oct 24 21:09:44 2024 by rpki-client on console-ams.rpki-client.org