Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
File: 5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa (raw, json)
Hash identifier: FWFckZUb6agFlp/Syo2MQ5M2S0dpSCSwA74UshV+Iyg=
Subject key identifier: 52:A6:5C:1F:31:F9:35:05:A4:70:FB:6F:4B:D8:64:13:55:C1:28:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54F3D268DDDB1B0C4CA441BC4C99A750EC468E99
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.84.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:f3:d2:68:dd:db:1b:0c:4c:a4:41:bc:4c:99:a7:50:ec:46:8e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=1ecf9b1fb61660c3c6489d55c8d3d5268a1b165c7695c5763c6d9c351018a6ef, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c3:8a:57:47:78:a0:6f:0d:5b:69:0a:23:6e:
80:70:0c:1b:1b:c1:e7:84:33:3f:22:02:99:71:9c:
24:62:b0:18:ea:0c:ed:9f:6c:e7:67:85:d1:48:19:
9c:28:ac:1e:4f:5f:4c:9c:3a:26:c8:bf:69:0b:8d:
db:65:c5:71:02:82:35:6c:51:53:e5:11:00:16:63:
dc:df:25:cc:4a:58:3d:95:8b:0b:38:a5:19:8d:16:
2c:52:66:93:c7:2e:37:d5:99:fc:62:ca:06:e8:1d:
d4:43:90:55:36:81:68:a2:f4:e6:ee:e5:a7:30:95:
a0:eb:fc:18:71:c1:69:44:7e:7a:c4:73:2f:1b:c7:
49:f0:8e:de:72:06:c6:6a:37:8c:d5:0d:6c:5a:f4:
ed:83:4f:01:e9:12:d0:ee:39:c9:69:58:0d:a5:37:
3c:a9:ce:be:79:36:8e:04:25:8f:23:89:42:08:df:
2b:fe:9c:a9:ae:cd:37:50:7d:c6:98:b5:b1:83:dc:
25:7b:9b:d5:2c:f0:23:8a:ed:da:53:15:e8:fb:02:
9a:c8:f2:4f:a7:9b:9e:e9:72:de:41:8c:c4:68:51:
e3:cf:76:7f:02:9b:b1:45:cc:20:b9:03:ba:82:e6:
ed:72:4e:dc:8a:ee:42:bd:36:8d:a6:6a:39:db:09:
11:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A6:5C:1F:31:F9:35:05:A4:70:FB:6F:4B:D8:64:13:55:C1:28:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5038d4ea-8bb1-4566-9778-5dfceaeb3605.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
6c:62:7a:7a:04:10:61:fd:bb:f9:4f:7b:2a:21:a2:bb:dd:43:
3d:ea:0f:38:b5:8f:75:5d:6f:8b:c0:32:97:45:fc:1f:f6:85:
ff:f9:1b:f5:67:b0:06:74:3e:95:fc:c5:05:e1:d5:10:00:99:
1b:b7:c3:cb:3e:da:cc:9a:c0:4e:0b:ad:d7:03:e1:a3:dd:68:
69:37:df:05:c8:0e:4b:d8:23:82:c3:ac:3e:d9:c0:62:55:c6:
b3:e7:4c:06:79:dd:7e:15:f9:d0:aa:a4:e1:ca:17:a3:c1:90:
f1:99:69:15:b6:d6:a0:3d:40:5b:10:76:03:7a:91:4b:4f:af:
60:9b:dd:2c:c0:26:e5:6a:6c:f8:ce:91:86:b8:71:38:c6:e9:
15:6a:0e:b9:3c:3b:9d:fb:af:06:b6:be:e2:01:0c:a4:46:7d:
ef:8a:57:20:b3:27:d6:8e:a2:8a:e0:3a:c5:b7:5a:1a:76:a3:
3f:75:aa:23:43:bc:69:01:97:33:a6:bd:00:eb:40:ab:9a:0f:
9b:02:49:85:12:f6:40:f4:3c:56:87:50:be:db:44:c6:88:22:
fa:dd:62:e7:3f:2c:7d:02:b7:00:00:11:6d:af:aa:72:e2:16:
6a:f4:8f:f7:0f:14:59:6f:6e:5f:77:9c:8f:10:95:70:cd:14:
96:75:20:c3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVPPSaN3bGwxMpEG8TJmnUOxGjpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlY2Y5YjFmYjYxNjYwYzNjNjQ4OWQ1NWM4ZDNkNTI2OGExYjE2NWM3Njk1
YzU3NjNjNmQ5YzM1MTAxOGE2ZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvDildHeKBvDVtpCiNugHAMGxvB54QzPyICmXGcJGKwGOoM7Z9s52eF0UgZ
nCisHk9fTJw6Jsi/aQuN22XFcQKCNWxRU+URABZj3N8lzEpYPZWLCzilGY0WLFJm
k8cuN9WZ/GLKBugd1EOQVTaBaKL05u7lpzCVoOv8GHHBaUR+esRzLxvHSfCO3nIG
xmo3jNUNbFr07YNPAekS0O45yWlYDaU3PKnOvnk2jgQljyOJQgjfK/6cqa7NN1B9
xpi1sYPcJXub1SzwI4rt2lMV6PsCmsjyT6ebnuly3kGMxGhR4892fwKbsUXMILkD
uoLm7XJO3IruQr02jaZqOdsJEXcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSplwf
Mfk1BaRw+29L2GQTVcEomjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTAzOGQ0ZWEtOGJiMS00NTY2LTk3NzgtNWRmY2VhZWIzNjA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQBsYnp6BBBh/bv5T3sqIaK73UM96g84tY91XW+LwDKX
Rfwf9oX/+Rv1Z7AGdD6V/MUF4dUQAJkbt8PLPtrMmsBOC63XA+Gj3WhpN98FyA5L
2COCw6w+2cBiVcaz50wGed1+FfnQqqThyhejwZDxmWkVttagPUBbEHYDepFLT69g
m90swCblamz4zpGGuHE4xukVag65PDud+68Gtr7iAQykRn3vilcgsyfWjqKK4DrF
t1oadqM/daojQ7xpAZczpr0A60Crmg+bAkmFEvZA9DxWh1C+20TGiCL63WLnPyx9
ArcAABFtr6py4hZq9I/3DxRZb25fd5yPEJVwzRSWdSDD
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org