Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: ndNkrY1ooZxEaV1gBARoGUK5VWs11BBeHwMoHxBB3xI=
Subject key identifier: 0D:98:AF:E3:41:70:D4:23:EE:72:C8:A0:F8:66:EB:1B:DA:B3:D4:A3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 059C3CF0B3FCF45DFCE33666CEA26D7CAE073AE7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:9c:3c:f0:b3:fc:f4:5d:fc:e3:36:66:ce:a2:6d:7c:ae:07:3a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=98a143cdcb2d0ca4d880dae665e2bf6062c224dbdb004b62ce00a8e3d0ecb50b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:24:b4:d2:9c:00:e3:9c:6d:62:9b:bf:3c:aa:
f7:b9:5c:86:4d:33:a8:f7:15:09:29:d3:cd:f9:e2:
69:89:c5:f7:d2:91:f8:9c:a1:21:7c:93:db:83:d8:
a9:2e:a4:1f:ad:54:f1:0d:4a:51:3a:8d:85:9f:f7:
e2:4b:b3:7e:4a:86:e1:56:13:75:01:bd:4e:2b:22:
69:bb:26:0e:bc:3b:bc:b9:86:c2:55:5f:66:0d:9b:
cf:ad:23:1d:cd:af:36:2f:7a:57:0d:7b:8d:df:d2:
29:28:1e:eb:ba:a9:f4:d6:72:b4:8f:39:d8:af:0f:
fc:23:4a:82:8a:40:97:c0:aa:5c:ff:0e:59:40:74:
c6:47:96:ca:80:6b:01:07:79:18:be:e4:af:55:63:
34:df:0d:42:60:21:71:ca:4c:b5:7d:64:ef:fa:f5:
ac:55:e8:fb:ae:b5:98:a3:4c:52:4b:2f:bb:f8:42:
3b:5e:74:7f:25:30:19:44:e2:1b:3e:9b:fb:36:e5:
b6:93:67:fe:87:3f:e4:4c:f6:6b:72:5d:8d:93:f6:
12:7a:4d:41:97:6a:34:9a:d9:93:84:b6:c6:aa:2c:
9a:2a:ce:1f:5a:7f:be:c5:60:7e:87:3c:b1:4f:ae:
9c:c8:8f:f1:b2:24:8b:32:26:c7:d9:5b:3e:87:f8:
25:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:98:AF:E3:41:70:D4:23:EE:72:C8:A0:F8:66:EB:1B:DA:B3:D4:A3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:e9:8d:50:02:3c:69:fd:71:59:ad:18:ee:93:35:a0:5e:3f:
65:e8:29:8e:a7:3e:6b:74:c5:62:87:78:86:78:65:c2:8d:b9:
8d:4e:bf:ec:11:51:88:4d:26:28:8c:20:cd:e6:e4:bb:53:75:
14:6c:08:a0:11:58:7a:51:e6:d0:14:f7:f8:8f:80:56:77:b6:
fc:0c:8b:b5:d8:28:ca:49:9c:19:b7:b5:f4:04:d2:ed:8b:f4:
fa:6c:12:cb:5e:6c:5c:fe:4c:74:5f:b3:ff:11:e1:33:7f:ee:
36:c3:a1:1e:af:be:74:9e:70:cc:ba:8c:40:10:37:f8:27:f5:
d9:58:ee:db:6c:df:10:12:32:94:3b:4e:8d:e1:5a:f9:dd:f9:
5e:42:10:ea:e1:6a:5d:4e:b5:7e:b4:8c:f4:f3:55:7e:61:fa:
46:a5:f7:10:08:bc:78:68:b9:f3:c2:74:ec:b7:32:ab:b8:2f:
7a:95:48:7d:8e:0f:a3:85:48:56:8a:6c:16:af:e3:48:9d:a5:
f4:c2:60:a2:7d:0b:d4:2c:63:c2:a9:0f:98:e9:34:aa:b2:83:
74:90:7b:70:79:6f:e0:d9:4a:0d:9a:d8:bc:eb:dc:3a:19:bf:
ae:1f:d6:93:fc:5b:ea:74:fb:be:02:e3:29:76:a9:c8:e0:80:
e7:b2:57:1d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBZw88LP89F384zZmzqJtfK4HOucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4YTE0M2NkY2IyZDBjYTRkODgwZGFlNjY1ZTJiZjYwNjJjMjI0ZGJkYjAw
NGI2MmNlMDBhOGUzZDBlY2I1MGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQktNKcAOOcbWKbvzyq97lchk0zqPcVCSnTzfniaYnF99KR+JyhIXyT24PY
qS6kH61U8Q1KUTqNhZ/34kuzfkqG4VYTdQG9TisiabsmDrw7vLmGwlVfZg2bz60j
Hc2vNi96Vw17jd/SKSge67qp9NZytI852K8P/CNKgopAl8CqXP8OWUB0xkeWyoBr
AQd5GL7kr1VjNN8NQmAhccpMtX1k7/r1rFXo+661mKNMUksvu/hCO150fyUwGUTi
Gz6b+zbltpNn/oc/5Ez2a3JdjZP2EnpNQZdqNJrZk4S2xqosmirOH1p/vsVgfoc8
sU+unMiP8bIkizImx9lbPof4JZ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNmK/j
QXDUI+5yyKD4Zusb2rPUozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBU6Y1QAjxp/XFZrRjukzWgXj9l6CmOpz5rdMVih3iG
eGXCjbmNTr/sEVGITSYojCDN5uS7U3UUbAigEVh6UebQFPf4j4BWd7b8DIu12CjK
SZwZt7X0BNLti/T6bBLLXmxc/kx0X7P/EeEzf+42w6Eer750nnDMuoxAEDf4J/XZ
WO7bbN8QEjKUO06N4Vr53fleQhDq4WpdTrV+tIz081V+YfpGpfcQCLx4aLnzwnTs
tzKruC96lUh9jg+jhUhWimwWr+NInaX0wmCifQvULGPCqQ+Y6TSqsoN0kHtweW/g
2UoNmti869w6Gb+uH9aT/FvqdPu+AuMpdqnI4IDnslcd
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org