Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
File: 62b77dbe-d122-43ba-a2b6-ab9120df0176.roa (raw, json)
Hash identifier: qwfs0OKWcp0VWOIe4NJbkX65ywvACaHxiQwgs12XP5I=
Subject key identifier: 79:06:AB:46:C0:C5:D7:9E:22:99:D8:B5:15:7E:19:A8:35:F6:E9:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59E261599F1675E88BF8D4DA43C1A2AC6EE4BDBA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:e2:61:59:9f:16:75:e8:8b:f8:d4:da:43:c1:a2:ac:6e:e4:bd:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=38f80cdaf9786e1a69afc049e803a537b2ccd59b7b035d7c5a36030ac1fd65ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8f:6b:ad:8c:d7:48:bd:7c:7a:40:38:cd:d5:
19:75:e5:86:98:fe:86:78:b5:ff:08:70:6a:dc:fc:
7b:4b:45:e1:bc:a5:c6:4e:3b:03:be:4e:25:32:95:
a4:98:70:1a:3c:f5:5f:d5:65:2e:3a:b8:a8:48:20:
da:3e:03:13:1e:a4:86:65:ad:0d:51:28:cf:69:03:
41:71:e7:e2:da:97:5d:50:f6:d2:43:34:f7:62:8f:
8a:06:31:44:60:02:e4:86:88:6e:aa:c0:8b:5e:94:
d6:8c:ef:ed:f7:2c:d0:47:d2:a9:5c:e6:6f:92:be:
ab:b0:bf:35:bf:e8:29:99:04:76:a5:54:e7:91:af:
86:d4:2b:ad:ca:53:8a:52:02:8b:c1:88:15:18:1a:
4e:d3:ff:35:ef:f9:b4:08:d7:29:32:4c:16:a5:cd:
78:dd:00:14:23:e4:f8:97:17:e1:02:a0:71:91:bb:
53:9c:e5:3f:32:d2:0b:1d:3e:84:f0:f0:d3:1a:16:
f5:84:63:57:02:21:93:a4:b8:85:b9:ff:a0:ea:20:
d5:27:87:4a:69:a0:05:8c:ef:d2:15:73:64:b0:a9:
e3:fe:fe:82:57:3b:fc:2b:e0:39:18:f5:6d:34:0a:
89:96:75:7f:01:73:83:49:65:bf:62:dc:96:ac:e6:
75:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:06:AB:46:C0:C5:D7:9E:22:99:D8:B5:15:7E:19:A8:35:F6:E9:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/62b77dbe-d122-43ba-a2b6-ab9120df0176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
63:2b:1b:40:82:12:7b:4b:fa:59:5a:56:90:50:1e:f8:9a:b6:
7a:88:56:6d:65:36:7b:fa:75:c5:b1:ad:8c:3e:f9:f5:78:1d:
87:79:3a:17:3b:12:df:d9:80:d6:c8:0a:43:d6:8b:ea:18:ab:
d7:96:8f:22:f6:74:bb:41:a7:6d:5f:20:ac:60:92:50:48:a1:
35:28:5e:6c:3d:8c:fa:80:55:ad:9f:9d:8d:01:e7:41:43:cb:
53:48:38:d5:e4:64:cc:75:14:9e:08:e9:be:04:8b:da:68:e1:
bc:be:d6:a4:8b:23:38:d1:b3:f8:09:60:91:5e:35:90:a6:b8:
cd:cb:d9:58:2c:9f:f6:76:4e:25:0c:d5:fc:3c:bb:73:a6:9b:
fa:91:ae:cb:4d:e3:72:e7:ed:e8:a0:4a:f7:f5:0e:23:31:29:
78:76:08:5b:e6:5c:ad:67:16:96:e7:66:5d:b7:8f:8b:cd:d5:
48:21:8c:ed:dd:50:76:40:78:12:fd:79:0e:80:b2:35:09:d3:
d5:a6:06:e6:dc:34:14:dd:2a:0f:47:34:b8:1e:86:75:c4:46:
37:ef:d6:7d:51:18:c9:f6:31:79:61:04:9e:2d:2c:5d:16:00:
d4:12:18:d4:fb:eb:02:fc:d5:d1:a6:45:42:c7:a1:69:f5:b7:
08:bc:f7:b0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWeJhWZ8WdeiL+NTaQ8GirG7kvbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4ZjgwY2RhZjk3ODZlMWE2OWFmYzA0OWU4MDNhNTM3YjJjY2Q1OWI3YjAz
NWQ3YzVhMzYwMzBhYzFmZDY1YWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANePa62M10i9fHpAOM3VGXXlhpj+hni1/whwatz8e0tF4bylxk47A75OJTKV
pJhwGjz1X9VlLjq4qEgg2j4DEx6khmWtDVEoz2kDQXHn4tqXXVD20kM092KPigYx
RGAC5IaIbqrAi16U1ozv7fcs0EfSqVzmb5K+q7C/Nb/oKZkEdqVU55GvhtQrrcpT
ilICi8GIFRgaTtP/Ne/5tAjXKTJMFqXNeN0AFCPk+JcX4QKgcZG7U5zlPzLSCx0+
hPDw0xoW9YRjVwIhk6S4hbn/oOog1SeHSmmgBYzv0hVzZLCp4/7+glc7/CvgORj1
bTQKiZZ1fwFzg0llv2LclqzmdYkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5BqtG
wMXXniKZ2LUVfhmoNfbpyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjJiNzdkYmUtZDEyMi00M2JhLWEyYjYtYWI5MTIwZGYwMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBjKxtAghJ7S/pZWlaQUB74mrZ6iFZtZTZ7+nXFsa2M
Pvn1eB2HeToXOxLf2YDWyApD1ovqGKvXlo8i9nS7QadtXyCsYJJQSKE1KF5sPYz6
gFWtn52NAedBQ8tTSDjV5GTMdRSeCOm+BIvaaOG8vtakiyM40bP4CWCRXjWQprjN
y9lYLJ/2dk4lDNX8PLtzppv6ka7LTeNy5+3ooEr39Q4jMSl4dghb5lytZxaW52Zd
t4+LzdVIIYzt3VB2QHgS/XkOgLI1CdPVpgbm3DQU3SoPRzS4HoZ1xEY379Z9URjJ
9jF5YQSeLSxdFgDUEhjU++sC/NXRpkVCx6Fp9bcIvPew
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org