Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa
File: 440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa (raw, json)
Hash identifier: gj1okVjTr5FQl418RbbKYBQr/ue75ULg+N40O0WyXoQ=
Subject key identifier: EA:0E:27:90:0C:8B:48:43:D1:1D:D9:AB:EF:D1:65:5F:2B:69:81:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0FE36D9142651746AE28A5E9CCF4B5FB1461D67C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.48.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:e3:6d:91:42:65:17:46:ae:28:a5:e9:cc:f4:b5:fb:14:61:d6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=71ddddf44aa005d639b6dd31db1bcf8a26408816e14f4aee0daab0d7eacb1154, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:77:69:9a:84:13:07:89:32:ac:e5:a3:8e:3a:
84:19:5e:18:3b:f3:84:86:96:fc:90:22:ed:76:b1:
9c:55:20:ca:b0:86:10:66:2c:10:14:8e:31:04:66:
c5:68:9b:cb:7d:90:19:6f:2f:19:59:70:31:f5:37:
a8:a9:23:69:40:55:da:d7:4b:a2:ab:f5:d0:25:73:
ab:1d:1c:8f:14:52:e6:e1:5e:ae:03:63:e1:60:9c:
b5:50:03:84:8b:f3:7b:6f:2c:ad:74:fb:72:8f:41:
db:eb:49:8e:57:77:47:6b:90:fa:fc:c1:d0:06:da:
0b:b8:a1:b7:c6:df:6f:dc:da:24:2d:36:4f:37:0b:
fb:e4:7a:e3:12:f6:df:ff:7e:95:5f:7c:e5:d4:e4:
6e:f3:79:32:0c:73:53:56:86:c6:c9:40:3e:1a:aa:
ca:13:0d:43:e9:0f:03:51:38:22:62:8c:8b:a5:c8:
43:0e:fb:51:46:ab:62:c8:b5:47:b2:84:a2:c9:63:
87:fd:fa:4e:6f:d9:fb:ea:05:d1:d3:60:16:0f:b0:
fa:ea:da:ff:b8:67:4c:b7:eb:b6:43:05:04:08:e8:
e4:d0:34:68:7d:57:b7:3c:59:a9:63:64:b9:54:45:
d8:a4:5c:8b:f8:90:71:a7:8f:12:d6:b7:14:34:ce:
7f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0E:27:90:0C:8B:48:43:D1:1D:D9:AB:EF:D1:65:5F:2B:69:81:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/440c00fc-f0f9-43fd-bd09-1f1d916f54fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6f:7e:c8:84:fd:f9:66:76:62:f1:a1:24:15:03:bf:91:fa:d8:
07:7d:55:c1:47:c0:8a:d7:b6:c7:d7:73:37:0b:94:97:65:dd:
3d:0b:cc:eb:ad:9b:c6:88:cd:ff:be:8c:3b:c6:54:db:bf:48:
30:4b:c7:a9:0b:0c:48:3b:00:91:c6:59:5d:fd:94:c6:15:c5:
32:09:41:ed:46:8e:c5:53:e2:bb:ba:ca:fb:50:79:80:00:bd:
2a:53:8d:92:1d:df:33:9d:e2:6e:14:c4:45:d3:ea:4e:27:91:
90:75:7a:d5:ae:00:bd:35:e8:87:7d:ca:8c:b2:46:54:f8:63:
1f:d6:65:db:25:77:db:15:be:d9:4b:36:0f:e7:45:0b:f6:ef:
bd:d9:09:03:7f:12:e9:f3:d2:0a:94:81:66:57:94:c1:80:48:
42:2e:be:1a:03:a7:ae:97:d5:b5:f6:f9:96:8d:b0:8f:c3:c2:
cc:ba:cb:a9:9c:81:5f:16:72:d3:62:7b:f1:5f:c4:e4:ae:38:
f7:b8:96:e7:91:4d:e0:e2:2c:50:68:7d:6a:cc:aa:41:c6:b5:
10:ff:8d:b7:1f:87:7b:a1:51:e2:60:81:5e:88:13:69:02:9b:
04:f6:36:4b:9f:ca:ed:7e:a6:be:3f:76:09:a8:12:cd:23:54:
74:3a:da:c0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD+NtkUJlF0auKKXpzPS1+xRh1nwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxZGRkZGY0NGFhMDA1ZDYzOWI2ZGQzMWRiMWJjZjhhMjY0MDg4MTZlMTRm
NGFlZTBkYWFiMGQ3ZWFjYjExNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx3aZqEEweJMqzlo446hBleGDvzhIaW/JAi7XaxnFUgyrCGEGYsEBSOMQRm
xWiby32QGW8vGVlwMfU3qKkjaUBV2tdLoqv10CVzqx0cjxRS5uFergNj4WCctVAD
hIvze28srXT7co9B2+tJjld3R2uQ+vzB0AbaC7iht8bfb9zaJC02TzcL++R64xL2
3/9+lV985dTkbvN5MgxzU1aGxslAPhqqyhMNQ+kPA1E4ImKMi6XIQw77UUarYsi1
R7KEosljh/36Tm/Z++oF0dNgFg+w+ura/7hnTLfrtkMFBAjo5NA0aH1XtzxZqWNk
uVRF2KRci/iQcaePEta3FDTOf7ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqDieQ
DItIQ9Ed2avv0WVfK2mBBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQwYzAwZmMtZjBmOS00M2ZkLWJkMDktMWYxZDkxNmY1NGZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQBvfsiE/flmdmLxoSQVA7+R+tgHfVXBR8CK17bH13M3
C5SXZd09C8zrrZvGiM3/vow7xlTbv0gwS8epCwxIOwCRxlld/ZTGFcUyCUHtRo7F
U+K7usr7UHmAAL0qU42SHd8zneJuFMRF0+pOJ5GQdXrVrgC9NeiHfcqMskZU+GMf
1mXbJXfbFb7ZSzYP50UL9u+92QkDfxLp89IKlIFmV5TBgEhCLr4aA6eul9W19vmW
jbCPw8LMusupnIFfFnLTYnvxX8Tkrjj3uJbnkU3g4ixQaH1qzKpBxrUQ/423H4d7
oVHiYIFeiBNpApsE9jZLn8rtfqa+P3YJqBLNI1R0OtrA
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org