Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: T9iMVh4Yt3Kh+fK8J9642oEcWU2vzIDQ2BPS8rHEOxo=
Subject key identifier: 74:5A:7C:4D:7E:7A:AB:48:D0:7A:85:55:6E:30:91:71:B5:64:38:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1FC2573771EAD9491D7B8A6AF8DF7DE6D19B7F0E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:c2:57:37:71:ea:d9:49:1d:7b:8a:6a:f8:df:7d:e6:d1:9b:7f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=344cf56dc6e4c39e60ac04f8dd9dc80e12a108fe9c9c535db7bf131d6e8707f6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:13:d1:4e:8f:38:af:e8:f4:81:33:23:db:
4c:61:e9:5b:fa:e9:55:1e:80:6e:e0:85:28:8a:dc:
12:dd:19:eb:36:28:3a:78:4e:43:78:06:0e:f1:11:
c3:75:7e:b0:07:c6:5c:65:8e:e2:b0:4b:50:05:82:
e9:2f:6a:d2:f4:80:00:7a:a9:fa:a4:ff:58:ef:30:
f2:60:c3:e5:b9:3c:22:bc:d9:c0:eb:53:0f:83:3c:
58:c5:d8:67:c8:44:63:a6:8f:5e:d7:3f:a7:6c:9f:
31:b2:98:82:9b:04:38:8e:e9:4d:db:fd:ff:27:59:
c4:be:50:0e:d4:d9:48:96:93:91:bb:7b:ad:f5:93:
c4:52:a5:70:15:e9:9b:d3:88:4f:52:ce:27:99:74:
76:5c:da:9c:cc:58:4e:b7:0d:31:a2:bc:91:50:fe:
c0:8d:35:7a:e1:86:17:9b:d2:db:c8:b9:3a:ab:0a:
27:aa:5c:40:3a:68:54:49:01:0c:6a:e7:b8:9e:3d:
5a:cb:38:d8:dc:ad:4d:85:70:1c:92:0a:c3:fb:ae:
f3:57:b3:9d:0f:2b:01:16:d3:17:4a:3c:d5:26:42:
66:1f:e2:b7:ec:40:a9:1d:3c:4f:d7:70:20:59:d4:
e4:7f:39:90:42:0b:74:23:9f:90:f3:0b:7e:16:5e:
05:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5A:7C:4D:7E:7A:AB:48:D0:7A:85:55:6E:30:91:71:B5:64:38:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:27:04:17:83:e1:2b:ed:32:60:d6:ee:e4:66:2f:4f:5a:7d:
c3:ec:3b:3f:5d:e6:76:d0:aa:31:cf:76:f5:16:dd:28:7d:49:
fe:56:ea:09:5d:d7:b7:f0:9b:bd:a0:5f:ac:67:04:e4:a5:95:
15:f8:31:d3:85:af:d1:57:a1:dd:6d:7d:8f:05:95:ca:ba:88:
b9:81:e7:90:e3:d5:2a:51:0a:7e:fe:aa:03:14:ce:08:67:e9:
51:ea:8d:05:79:42:06:97:ea:79:16:c9:19:7b:12:45:6f:68:
2f:07:5f:bd:ad:0a:b6:cb:06:52:de:74:04:14:94:d8:ff:c2:
34:88:62:7d:74:78:c0:4e:36:d6:8f:af:74:68:1a:57:91:5d:
26:63:2c:45:94:e4:bd:3d:4a:18:fa:54:23:50:4d:5f:e2:56:
4d:ba:47:bc:a3:0e:f8:fd:3e:d6:f1:fb:7e:74:79:a0:6b:32:
d7:f9:41:cb:58:35:33:95:6e:94:3a:9c:ac:1f:28:2b:fb:1a:
d0:0b:a3:90:bc:79:3f:b9:a3:e4:92:25:25:65:f8:7c:7a:91:
b7:4d:f6:e8:6c:60:d0:72:c9:36:7a:54:d1:7a:92:77:70:68:
2d:eb:2f:3d:1c:19:bb:da:b5:db:79:a0:c0:ef:9d:dc:1e:de:
e3:c8:8a:20
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH8JXN3Hq2Ukde4pq+N995tGbfw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NGNmNTZkYzZlNGMzOWU2MGFjMDRmOGRkOWRjODBlMTJhMTA4ZmU5Yzlj
NTM1ZGI3YmYxMzFkNmU4NzA3ZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALROE9FOjziv6PSBMyPbTGHpW/rpVR6AbuCFKIrcEt0Z6zYoOnhOQ3gGDvER
w3V+sAfGXGWO4rBLUAWC6S9q0vSAAHqp+qT/WO8w8mDD5bk8IrzZwOtTD4M8WMXY
Z8hEY6aPXtc/p2yfMbKYgpsEOI7pTdv9/ydZxL5QDtTZSJaTkbt7rfWTxFKlcBXp
m9OIT1LOJ5l0dlzanMxYTrcNMaK8kVD+wI01euGGF5vS28i5OqsKJ6pcQDpoVEkB
DGrnuJ49Wss42NytTYVwHJIKw/uu81eznQ8rARbTF0o81SZCZh/it+xAqR08T9dw
IFnU5H85kEILdCOfkPMLfhZeBfkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0WnxN
fnqrSNB6hVVuMJFxtWQ4fDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQCDJwQXg+Er7TJg1u7kZi9PWn3D7Ds/XeZ20Koxz3b1
Ft0ofUn+VuoJXde38Ju9oF+sZwTkpZUV+DHTha/RV6HdbX2PBZXKuoi5geeQ49Uq
UQp+/qoDFM4IZ+lR6o0FeUIGl+p5FskZexJFb2gvB1+9rQq2ywZS3nQEFJTY/8I0
iGJ9dHjATjbWj690aBpXkV0mYyxFlOS9PUoY+lQjUE1f4lZNuke8ow74/T7W8ft+
dHmgazLX+UHLWDUzlW6UOpysHygr+xrQC6OQvHk/uaPkkiUlZfh8epG3TfbobGDQ
csk2elTRepJ3cGgt6y89HBm72rXbeaDA753cHt7jyIog
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org