Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: h1rf36TUMfqzkXZ57+N651cHyu3sEDBMZQ6GnJnkl34=
Subject key identifier: A0:35:40:BF:9F:15:6A:A6:0A:E9:A3:00:3A:38:E9:7C:36:D2:99:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: ED9CE973441313B0E637E0D69D742F12AF18CD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ed:9c:e9:73:44:13:13:b0:e6:37:e0:d6:9d:74:2f:12:af:18:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=d5154f04fe667d29cd283e3a50bc5100d5a26cb1f496e8f2da4142c6f37c79ee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7f:8b:49:ee:51:f8:a4:cf:43:75:95:9f:f0:
a0:18:27:68:e9:23:47:fb:25:67:93:22:54:24:12:
24:3d:fb:a7:c7:49:6e:2a:a2:f0:fe:d9:0a:53:2c:
df:b7:79:39:eb:36:b9:16:f8:c1:1e:d5:08:96:4e:
10:f9:6d:5b:18:5a:f7:f1:bc:fd:09:ea:90:b9:c7:
81:dd:6b:4a:fc:b8:f8:fb:00:b4:2f:0c:b1:dc:33:
1e:b0:bb:99:07:bc:eb:de:bd:04:15:b2:d8:a2:33:
b9:43:b3:30:31:cb:6e:05:28:63:49:2d:55:8e:b1:
10:11:8c:53:9d:95:32:55:0f:b4:5d:e6:62:01:db:
b7:d7:aa:a6:cd:b0:4f:3b:89:a1:88:17:5b:6c:1f:
f1:bf:8d:68:34:81:2f:21:ba:e7:4a:03:30:d4:10:
9a:16:95:94:fe:c3:d3:3e:ca:d4:07:e1:f5:bd:c8:
07:d6:ca:36:34:63:8e:8b:5c:77:34:e6:b5:48:14:
5e:bd:39:1b:91:03:c5:85:80:20:a3:96:e0:e6:7d:
8b:a9:20:f7:bd:0f:ab:57:9f:f6:ce:65:c8:82:cc:
0a:90:45:2b:7b:39:db:71:fc:6c:6e:41:91:ce:01:
b5:c7:40:70:f4:c9:dd:05:2a:fd:bf:3a:ca:c9:4c:
1e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:35:40:BF:9F:15:6A:A6:0A:E9:A3:00:3A:38:E9:7C:36:D2:99:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:54:26:f5:fc:73:41:26:d1:a4:5a:1f:bc:2d:5d:3d:e3:35:
de:7e:9d:1c:f5:73:6b:9d:3f:02:14:57:63:f1:5a:59:6f:bc:
cc:70:f5:b1:fe:41:9a:99:9b:44:04:9d:37:b0:c6:61:62:6f:
93:01:c5:2c:03:4d:87:6f:b7:6a:35:d7:81:2e:10:71:94:f9:
aa:0c:8e:3c:09:af:4c:37:d5:05:0c:65:06:71:c8:46:b9:1c:
c0:a3:71:f6:5e:d0:4d:e8:eb:4e:99:bf:c9:fb:6e:c7:85:89:
de:8f:6c:5b:d0:af:84:02:ac:4d:c5:0c:b6:40:b1:e0:19:84:
4f:60:0c:bb:02:07:6c:38:aa:2f:86:f9:78:1c:ba:00:ca:cd:
6e:67:49:ec:50:ca:8b:cc:fa:51:49:ee:a3:96:88:1a:c3:7b:
6a:e8:ea:f7:00:24:df:a7:b3:b5:be:63:81:31:13:8d:63:0f:
79:4c:33:93:cc:89:14:83:28:a2:b3:2b:f7:9c:a1:0e:51:8f:
c1:62:49:ff:b1:dd:f9:08:80:53:f4:c3:37:75:10:12:17:34:
45:ec:30:ba:e0:e2:64:a5:11:f8:fc:4a:9a:0e:33:a2:a3:45:
3b:0a:97:38:cd:cb:be:82:cc:1d:2e:a7:54:bd:be:ac:d5:c4:
12:90:2c:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAO2c6XNEExOw5jfg1p10LxKvGM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1MTU0ZjA0ZmU2NjdkMjljZDI4M2UzYTUwYmM1MTAwZDVhMjZjYjFmNDk2
ZThmMmRhNDE0MmM2ZjM3Yzc5ZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJp/i0nuUfikz0N1lZ/woBgnaOkjR/slZ5MiVCQSJD37p8dJbiqi8P7ZClMs
37d5Oes2uRb4wR7VCJZOEPltWxha9/G8/QnqkLnHgd1rSvy4+PsAtC8MsdwzHrC7
mQe86969BBWy2KIzuUOzMDHLbgUoY0ktVY6xEBGMU52VMlUPtF3mYgHbt9eqps2w
TzuJoYgXW2wf8b+NaDSBLyG650oDMNQQmhaVlP7D0z7K1Afh9b3IB9bKNjRjjotc
dzTmtUgUXr05G5EDxYWAIKOW4OZ9i6kg970Pq1ef9s5lyILMCpBFK3s523H8bG5B
kc4BtcdAcPTJ3QUq/b86yslMHvMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSgNUC/
nxVqpgrpowA6OOl8NtKZjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQBOVCb1/HNBJtGkWh+8LV094zXefp0c9XNrnT8CFFdj
8VpZb7zMcPWx/kGamZtEBJ03sMZhYm+TAcUsA02Hb7dqNdeBLhBxlPmqDI48Ca9M
N9UFDGUGcchGuRzAo3H2XtBN6OtOmb/J+27HhYnej2xb0K+EAqxNxQy2QLHgGYRP
YAy7AgdsOKovhvl4HLoAys1uZ0nsUMqLzPpRSe6jlogaw3tq6Or3ACTfp7O1vmOB
MRONYw95TDOTzIkUgyiisyv3nKEOUY/BYkn/sd35CIBT9MM3dRASFzRF7DC64OJk
pRH4/EqaDjOio0U7Cpc4zcu+gswdLqdUvb6s1cQSkCx9
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org