Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa
File: 5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa (raw, json)
Hash identifier: lKHp9VtmzMpj7d0AyecniCZt5pBatmYhzyWqF70LD1c=
Subject key identifier: AC:42:BD:5B:DE:06:8A:FA:EB:C2:74:4A:3F:00:55:09:69:97:3A:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AEA0D9910813E93DB8D95629252B81B43471D7D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:ea:0d:99:10:81:3e:93:db:8d:95:62:92:52:b8:1b:43:47:1d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=8e4b2ac215e3682e627c72656fbab3f94a3b4b5142883683cce90ee418079c2c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:21:82:1c:2f:57:45:cb:0f:b8:28:c4:58:a8:
ad:ab:66:c3:67:e9:26:f1:51:fb:07:ea:e4:ab:4c:
b4:f7:15:ad:96:65:2d:43:f7:23:42:98:5b:22:45:
2d:36:32:ab:e2:ff:14:90:63:4a:65:25:f4:46:e0:
bb:9a:58:ae:aa:db:01:7a:d8:86:bf:53:f7:25:45:
c4:9a:3d:6e:2d:a6:a0:7e:ca:99:b1:ef:b6:e9:71:
ad:7b:cc:5d:f8:3d:61:15:a1:4d:d9:11:b0:61:91:
6e:17:4e:bf:73:c3:ac:73:74:c4:6a:f6:ca:9e:07:
f2:b4:41:ad:3f:2e:63:34:71:8d:f9:c3:b3:63:fa:
c2:b3:e2:51:93:3c:14:de:ec:d6:c8:92:89:e9:27:
cb:69:db:f4:48:58:0d:de:3b:34:5c:ec:93:61:d4:
6b:d8:3b:b8:ea:28:bb:67:dd:dc:e9:23:9b:3b:c8:
1b:e9:76:f2:23:a8:fd:eb:3f:8b:ef:13:60:51:d5:
30:76:06:6f:8b:64:30:ea:f1:fd:d3:51:ca:4e:5f:
cf:b4:31:20:49:8c:6f:1a:f6:70:84:2b:b0:9e:32:
0e:20:39:50:83:ff:27:39:57:b1:61:cf:4f:c5:41:
c4:47:38:38:bd:a8:6f:a6:f2:6d:d6:e9:1c:f9:b7:
31:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:42:BD:5B:DE:06:8A:FA:EB:C2:74:4A:3F:00:55:09:69:97:3A:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5c17e39c-5c0a-4f3f-bb8a-f35a3631a185.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:6e:b4:14:24:ea:53:27:14:8f:98:a1:5b:a1:d9:74:bd:e4:
47:d0:02:6f:d7:92:14:38:e0:98:1b:28:62:9a:13:86:3e:73:
b6:4d:f5:9f:f7:e6:d0:b4:6f:5d:d8:5e:ae:58:71:5f:49:84:
61:41:1f:5f:58:c3:29:6c:b7:ea:1d:58:14:3e:ea:d6:36:3e:
85:5b:5d:66:fa:2f:5d:49:97:fc:26:4b:53:ae:c7:ac:28:e4:
39:8f:d7:ee:58:f5:76:68:26:a7:29:f7:4c:1c:ea:de:65:f5:
04:8b:60:c9:b1:88:c1:61:68:15:12:e5:e2:7e:62:91:5c:b7:
5a:79:85:93:e2:06:b9:6b:67:0d:54:2b:99:f5:53:b6:b8:d7:
30:3e:a4:10:86:dd:03:76:aa:66:dd:73:95:19:13:35:9f:fc:
2b:53:7b:ef:26:56:58:a4:cc:75:cb:c7:52:2a:49:20:7b:30:
34:8e:bf:f6:54:a1:d5:b9:3b:42:fb:22:27:bc:f2:3e:c8:59:
69:32:70:ba:77:b5:a3:9c:cd:de:cc:f2:06:98:8c:c2:3d:c2:
6b:3d:98:d5:a9:d5:af:ff:19:e9:83:a8:37:61:1e:82:2f:46:
cf:d0:2d:4a:5e:b7:9a:0d:cd:63:96:8a:04:81:02:7d:ba:d3:
dd:dc:30:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGuoNmRCBPpPbjZViklK4G0NHHX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNGIyYWMyMTVlMzY4MmU2MjdjNzI2NTZmYmFiM2Y5NGEzYjRiNTE0Mjg4
MzY4M2NjZTkwZWU0MTgwNzljMmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJAhghwvV0XLD7goxFioratmw2fpJvFR+wfq5KtMtPcVrZZlLUP3I0KYWyJF
LTYyq+L/FJBjSmUl9Ebgu5pYrqrbAXrYhr9T9yVFxJo9bi2moH7KmbHvtulxrXvM
Xfg9YRWhTdkRsGGRbhdOv3PDrHN0xGr2yp4H8rRBrT8uYzRxjfnDs2P6wrPiUZM8
FN7s1siSiekny2nb9EhYDd47NFzsk2HUa9g7uOoou2fd3OkjmzvIG+l28iOo/es/
i+8TYFHVMHYGb4tkMOrx/dNRyk5fz7QxIEmMbxr2cIQrsJ4yDiA5UIP/JzlXsWHP
T8VBxEc4OL2ob6bybdbpHPm3MQMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsQr1b
3gaK+uvCdEo/AFUJaZc6ajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWMxN2UzOWMtNWMwYS00ZjNmLWJiOGEtZjM1YTM2MzFhMTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQCwbrQUJOpTJxSPmKFbodl0veRH0AJv15IUOOCYGyhi
mhOGPnO2TfWf9+bQtG9d2F6uWHFfSYRhQR9fWMMpbLfqHVgUPurWNj6FW11m+i9d
SZf8JktTrsesKOQ5j9fuWPV2aCanKfdMHOreZfUEi2DJsYjBYWgVEuXifmKRXLda
eYWT4ga5a2cNVCuZ9VO2uNcwPqQQht0Ddqpm3XOVGRM1n/wrU3vvJlZYpMx1y8dS
KkkgezA0jr/2VKHVuTtC+yInvPI+yFlpMnC6d7WjnM3ezPIGmIzCPcJrPZjVqdWv
/xnpg6g3YR6CL0bP0C1KXreaDc1jlooEgQJ9utPd3DDb
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org