Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: 7jXRG2/lsOan8Nyj4FUWTbNtocMIng+7mNRbOT+7q+0=
Subject key identifier: 30:72:ED:A4:61:24:2F:1D:7E:59:7A:B2:86:B2:20:A7:28:E2:90:31
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F18A5ABECFF0C2708FF1E3894D7A5AFF91B197E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:18:a5:ab:ec:ff:0c:27:08:ff:1e:38:94:d7:a5:af:f9:1b:19:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=10b9f67eec9681b1d496ba06044d8552d02fd0ba041a14564a5bc589c7b2fa1f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d3:7f:94:0c:ed:5b:76:67:fa:eb:c1:68:0c:
ed:96:0f:90:f9:1b:94:95:10:db:67:a8:1a:88:de:
21:59:d9:09:1b:ee:db:de:27:98:e4:57:72:d6:e0:
dc:a7:1a:e4:f3:a7:e7:f4:b5:3e:4d:99:01:1c:3e:
b0:63:10:7a:a4:bc:ae:43:32:ea:e5:b1:bd:4a:ea:
4e:b0:fa:a8:8f:a6:cb:bc:53:b3:2b:6c:a6:65:a4:
7f:1b:7f:3f:16:bc:c5:e5:2c:41:19:2c:d8:24:a2:
78:5b:d6:ec:e7:b7:d5:19:f1:23:7f:2e:57:a5:8e:
5f:f1:f1:c2:a7:a3:94:07:d1:ff:7a:b2:47:2d:0c:
b8:b1:19:44:f1:87:37:90:49:44:84:51:bf:51:ea:
15:ef:55:20:c3:04:24:cd:3f:3f:3b:e6:e5:3e:9c:
4a:bc:a5:71:95:37:b9:83:01:07:77:a3:6e:f9:54:
2d:0e:fb:0e:9e:f9:02:27:36:25:e0:7b:34:89:a5:
c3:96:31:97:1b:8a:8e:d2:51:62:a1:7b:34:ea:bb:
89:14:b5:08:cc:31:f1:4c:c0:dd:60:dd:93:bd:28:
ed:a8:9e:2e:20:3e:e0:1c:da:62:5d:d1:89:d7:e4:
ca:f7:f3:7f:ed:b4:f2:48:28:1c:86:af:4d:c4:2c:
b7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:72:ED:A4:61:24:2F:1D:7E:59:7A:B2:86:B2:20:A7:28:E2:90:31
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d0:2a:03:bb:3d:39:47:1c:75:b8:2e:ea:7e:55:c3:b6:cf:e8:
32:41:c8:73:c4:cf:6c:07:88:ee:ae:de:da:e1:cd:af:0c:32:
28:0f:6d:14:ab:67:9a:a3:97:08:d6:5c:6d:f0:7c:17:cf:96:
3b:9c:ee:22:08:23:f0:34:a1:54:69:57:39:04:b9:ab:aa:e3:
a6:1f:4d:04:d4:a6:ac:1f:93:a2:84:4e:29:fc:ea:f0:8d:c6:
91:63:da:d4:90:2a:0f:5a:93:53:8e:7a:6e:ee:1b:8e:62:f7:
49:ae:9b:af:85:97:d6:8a:dd:a4:77:23:2b:81:12:f7:2c:1d:
6a:19:1d:15:98:87:66:e9:06:79:02:b8:4d:3a:79:c6:f9:8c:
a8:ae:e6:8c:77:61:dc:a2:4b:e3:30:84:40:6b:6f:a0:df:85:
f4:44:18:37:e2:82:c8:fe:01:f8:b4:3a:31:81:ef:59:d8:47:
f9:79:65:7c:2c:ae:23:f7:49:14:b4:a1:1b:26:ee:ca:20:02:
44:1e:33:ad:e8:85:15:26:61:2b:80:36:9b:bf:33:49:44:21:
04:5a:54:66:a5:7e:ab:6d:d9:37:08:3d:fc:e0:33:c5:cb:09:
05:83:91:9d:02:c2:38:46:87:29:92:5d:b8:62:4a:6f:6a:74:
67:8e:92:7a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfxilq+z/DCcI/x44lNelr/kbGX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwYjlmNjdlZWM5NjgxYjFkNDk2YmEwNjA0NGQ4NTUyZDAyZmQwYmEwNDFh
MTQ1NjRhNWJjNTg5YzdiMmZhMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOLTf5QM7Vt2Z/rrwWgM7ZYPkPkblJUQ22eoGojeIVnZCRvu294nmORXctbg
3Kca5POn5/S1Pk2ZARw+sGMQeqS8rkMy6uWxvUrqTrD6qI+my7xTsytspmWkfxt/
Pxa8xeUsQRks2CSieFvW7Oe31RnxI38uV6WOX/HxwqejlAfR/3qyRy0MuLEZRPGH
N5BJRIRRv1HqFe9VIMMEJM0/Pzvm5T6cSrylcZU3uYMBB3ejbvlULQ77Dp75Aic2
JeB7NImlw5YxlxuKjtJRYqF7NOq7iRS1CMwx8UzA3WDdk70o7aieLiA+4BzaYl3R
idfkyvfzf+208kgoHIavTcQst1MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQwcu2k
YSQvHX5ZerKGsiCnKOKQMTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDQKgO7PTlHHHW4Lup+VcO2z+gyQchzxM9sB4jurt7a
4c2vDDIoD20Uq2eao5cI1lxt8HwXz5Y7nO4iCCPwNKFUaVc5BLmrquOmH00E1Kas
H5OihE4p/OrwjcaRY9rUkCoPWpNTjnpu7huOYvdJrpuvhZfWit2kdyMrgRL3LB1q
GR0VmIdm6QZ5ArhNOnnG+YyoruaMd2HcokvjMIRAa2+g34X0RBg34oLI/gH4tDox
ge9Z2Ef5eWV8LK4j90kUtKEbJu7KIAJEHjOt6IUVJmErgDabvzNJRCEEWlRmpX6r
bdk3CD384DPFywkFg5GdAsI4Rocpkl24YkpvanRnjpJ6
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org