Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: Fnc+najBPdDB+hhfhq4Vld6zO2saUCFPijkAsbg+EdY=
Subject key identifier: 3D:87:5A:F3:4E:AB:A7:5C:E9:34:1B:E6:F9:51:31:5D:EA:BD:64:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 16E3FFAAB65C4F43363D230AE2968892739ABB80
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e3:ff:aa:b6:5c:4f:43:36:3d:23:0a:e2:96:88:92:73:9a:bb:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2f8754a441969097407f510df5b6e1bb62c470a85f4bd596470e377ab3c53757, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4f:e3:29:ca:94:34:fe:a7:9c:4b:ab:de:5f:
7a:cf:81:3b:ab:c3:60:6e:0f:d0:36:6f:59:d1:38:
5c:a3:fe:27:6e:0e:92:b7:6f:47:1a:c9:9e:82:dd:
94:65:cc:3e:b5:df:e5:b2:47:74:f2:61:50:a6:82:
92:60:39:6d:fa:fe:f1:a6:0e:6c:3d:62:3e:38:3c:
e4:51:39:f0:af:e4:48:ac:a2:ec:b4:74:6e:c3:24:
73:e7:88:c1:70:5d:48:ce:04:ed:08:13:a2:e0:b2:
d7:8a:6e:4b:34:d5:b3:39:0f:30:14:9e:7a:56:f1:
79:b3:23:13:ec:c5:d5:24:6d:fb:8c:37:06:90:0f:
10:5a:67:a5:70:dc:39:20:e9:8e:b8:41:63:38:ea:
cf:b6:b3:68:69:44:de:0c:46:10:a4:3e:c6:eb:a3:
05:df:29:2f:76:c5:d3:5e:c5:de:30:ef:88:94:52:
f8:de:03:c2:29:ec:7b:da:86:f4:af:3c:00:49:0c:
66:dc:27:62:bd:cd:b8:b6:80:30:a4:25:93:f2:73:
94:2e:16:cc:e9:fb:e8:2d:a2:fa:11:93:e6:0b:31:
ea:eb:72:8e:26:fc:34:8b:ca:69:c2:a7:0e:64:0a:
6a:ff:66:83:b5:7a:61:b6:83:2d:4a:f2:4b:03:ed:
af:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:87:5A:F3:4E:AB:A7:5C:E9:34:1B:E6:F9:51:31:5D:EA:BD:64:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:4e:26:0d:15:5d:9d:69:95:6c:45:67:7c:a3:8e:11:7e:a6:
c1:37:92:b3:e4:f1:fa:f0:90:ca:12:a5:9b:24:11:ce:d7:a2:
b7:cd:5b:c3:83:f7:94:98:26:11:9c:0b:4c:67:97:20:e4:d3:
35:1e:84:c2:e4:5f:47:6e:a5:73:e0:20:d6:97:c2:46:b7:33:
5e:b0:66:3d:ec:f2:c3:92:0c:57:ae:8c:f1:2d:70:9b:d0:bf:
ff:e9:1e:0f:4e:a6:be:14:31:44:16:6d:59:fa:dd:b0:37:e3:
14:73:22:c8:82:70:86:7e:63:21:18:35:fc:7f:d4:f7:c2:07:
38:30:08:03:1a:5a:c7:67:68:9f:c3:bc:8c:fb:8e:2c:b7:ac:
33:c5:f0:a2:5a:04:79:65:90:1e:22:48:62:98:d4:13:c1:d9:
83:0d:bd:19:21:0e:c1:5f:1b:32:a1:92:9e:b1:87:73:80:4e:
4d:32:11:04:16:83:cb:97:87:b8:0e:c6:2b:91:fa:0c:91:7f:
b1:a4:95:09:ce:63:bd:9a:7c:60:64:76:c7:d8:f9:37:50:a5:
73:d4:23:d0:04:24:01:9e:98:f7:20:d2:96:50:14:76:61:0e:
d2:5f:71:c6:d2:a3:9b:20:47:d9:6f:1f:bf:a6:ff:8a:b3:29:
1b:e6:61:0d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFuP/qrZcT0M2PSMK4paIknOau4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmODc1NGE0NDE5NjkwOTc0MDdmNTEwZGY1YjZlMWJiNjJjNDcwYTg1ZjRi
ZDU5NjQ3MGUzNzdhYjNjNTM3NTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZP4ynKlDT+p5xLq95fes+BO6vDYG4P0DZvWdE4XKP+J24OkrdvRxrJnoLd
lGXMPrXf5bJHdPJhUKaCkmA5bfr+8aYObD1iPjg85FE58K/kSKyi7LR0bsMkc+eI
wXBdSM4E7QgTouCy14puSzTVszkPMBSeelbxebMjE+zF1SRt+4w3BpAPEFpnpXDc
OSDpjrhBYzjqz7azaGlE3gxGEKQ+xuujBd8pL3bF017F3jDviJRS+N4Dwinse9qG
9K88AEkMZtwnYr3NuLaAMKQlk/JzlC4WzOn76C2i+hGT5gsx6utyjib8NIvKacKn
DmQKav9mg7V6YbaDLUrySwPtr9sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9h1rz
TqunXOk0G+b5UTFd6r1k9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAC04mDRVdnWmVbEVnfKOOEX6mwTeSs+Tx+vCQyhKl
myQRzteit81bw4P3lJgmEZwLTGeXIOTTNR6EwuRfR26lc+Ag1pfCRrczXrBmPezy
w5IMV66M8S1wm9C//+keD06mvhQxRBZtWfrdsDfjFHMiyIJwhn5jIRg1/H/U98IH
ODAIAxpax2don8O8jPuOLLesM8XwoloEeWWQHiJIYpjUE8HZgw29GSEOwV8bMqGS
nrGHc4BOTTIRBBaDy5eHuA7GK5H6DJF/saSVCc5jvZp8YGR2x9j5N1Clc9Qj0AQk
AZ6Y9yDSllAUdmEO0l9xxtKjmyBH2W8fv6b/irMpG+ZhDQ==
-----END CERTIFICATE-----
Generated at Tue Dec 10 20:59:43 2024 by rpki-client on console-fra.rpki-client.org