Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/637faf4e-e17d-469d-ba49-65a44716cb68.roa
File: 637faf4e-e17d-469d-ba49-65a44716cb68.roa (raw, json)
Hash identifier: rtOUtNc1YnRbGY9udVnf/2mHb+b7F7iA9bf8hAXJgag=
Subject key identifier: 36:D7:13:B7:72:27:D1:20:C0:99:66:66:6E:08:28:3C:F9:3F:D4:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5ED2E2E2A5DC694FE095F91245432514223C2586
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/637faf4e-e17d-469d-ba49-65a44716cb68.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:d2:e2:e2:a5:dc:69:4f:e0:95:f9:12:45:43:25:14:22:3c:25:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f2ede299d9b7f05b8ff543f0ef33eca341bfd1e6d302b437f712d84ae0b7213d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:47:dd:42:ec:2b:7c:02:c4:ab:0c:74:ae:3e:
5b:f5:59:e8:b5:94:d2:64:7b:b7:62:d8:f9:60:8e:
89:15:02:70:48:80:46:24:aa:d5:c6:2e:08:0e:ad:
d9:0a:07:06:c4:c3:1c:54:fd:01:34:bb:e8:c4:0b:
c5:b8:b3:68:d5:62:42:7e:d3:a9:75:41:87:87:b2:
8e:65:f0:f9:02:3d:a4:8a:66:1d:7d:9c:e8:38:6b:
a1:24:ad:49:22:e1:25:cc:b1:71:c2:ae:f2:74:8a:
63:14:63:c4:5b:e3:21:17:10:35:63:55:36:15:a0:
fa:b5:34:e8:69:78:bd:82:4c:39:85:aa:01:0c:93:
87:c6:7b:a1:4c:7c:65:fc:ca:dd:18:b9:91:c9:09:
f3:7d:33:d7:1b:c3:9d:fd:88:81:d6:c6:99:88:76:
ef:03:93:77:f9:02:7e:11:a1:74:5f:e1:93:41:35:
32:38:5d:f3:56:d7:f3:83:c3:6f:dc:32:ad:fb:a7:
21:50:10:ae:ed:ee:3e:b3:51:32:23:5c:71:07:ab:
fd:3b:97:a6:97:95:6d:86:45:10:1e:70:fa:f9:2a:
41:55:a4:52:82:3b:cd:b1:3b:08:81:3c:38:c0:d1:
20:e7:fa:29:ff:5f:6c:0a:35:7d:5e:5c:2e:8b:be:
4c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D7:13:B7:72:27:D1:20:C0:99:66:66:6E:08:28:3C:F9:3F:D4:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/637faf4e-e17d-469d-ba49-65a44716cb68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:95:00:17:78:79:13:48:cd:15:fa:8f:81:17:14:30:93:24:
8b:de:b0:c1:33:f7:85:95:8e:92:99:9e:8d:c4:6b:36:25:77:
c4:d1:e9:0f:56:ba:a4:2d:d2:4f:f1:9d:d4:b4:6c:3d:2e:e3:
31:e4:31:23:7a:e3:fe:1f:b5:2c:0c:ed:a2:4f:eb:ac:a7:65:
a2:2a:34:46:ed:81:00:c2:34:55:cd:0f:e7:da:6d:9d:fa:dc:
99:82:29:84:f9:57:99:3b:ee:4d:9a:ce:1a:5a:28:46:71:f4:
ee:01:e8:f9:90:d3:41:88:05:df:c1:85:71:1a:78:50:5f:c4:
cf:74:90:dd:78:be:f3:04:4f:d8:d0:ea:ce:17:b4:84:39:39:
a1:1a:ee:d0:b8:1f:75:6e:68:0f:89:2b:d7:d7:0d:54:50:e5:
e0:41:66:f5:35:7b:65:eb:90:51:fd:5c:0f:b2:98:a4:3c:80:
12:77:80:8a:fb:5c:e7:1e:9d:ba:b1:6f:51:15:05:8a:a7:9b:
88:3c:14:ce:f4:60:aa:77:a0:f8:1c:ea:35:62:69:b4:07:7f:
b0:62:b4:db:78:b3:80:8b:21:cf:db:cd:84:59:cd:7c:0c:a5:
87:9e:62:b3:2f:ca:6a:aa:45:6b:15:9f:4e:a0:dd:d1:be:dd:
d7:ef:52:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXtLi4qXcaU/glfkSRUMlFCI8JYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyZWRlMjk5ZDliN2YwNWI4ZmY1NDNmMGVmMzNlY2EzNDFiZmQxZTZkMzAy
YjQzN2Y3MTJkODRhZTBiNzIxM2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFH3ULsK3wCxKsMdK4+W/VZ6LWU0mR7t2LY+WCOiRUCcEiARiSq1cYuCA6t
2QoHBsTDHFT9ATS76MQLxbizaNViQn7TqXVBh4eyjmXw+QI9pIpmHX2c6DhroSSt
SSLhJcyxccKu8nSKYxRjxFvjIRcQNWNVNhWg+rU06Gl4vYJMOYWqAQyTh8Z7oUx8
ZfzK3Ri5kckJ830z1xvDnf2IgdbGmYh27wOTd/kCfhGhdF/hk0E1Mjhd81bX84PD
b9wyrfunIVAQru3uPrNRMiNccQer/TuXppeVbYZFEB5w+vkqQVWkUoI7zbE7CIE8
OMDRIOf6Kf9fbAo1fV5cLou+TCECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ21xO3
cifRIMCZZmZuCCg8+T/UyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjM3ZmFmNGUtZTE3ZC00NjlkLWJhNDktNjVhNDQ3MTZjYjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCklQAXeHkTSM0V+o+BFxQwkySL3rDBM/eFlY6SmZ6N
xGs2JXfE0ekPVrqkLdJP8Z3UtGw9LuMx5DEjeuP+H7UsDO2iT+usp2WiKjRG7YEA
wjRVzQ/n2m2d+tyZgimE+VeZO+5Nms4aWihGcfTuAej5kNNBiAXfwYVxGnhQX8TP
dJDdeL7zBE/Y0OrOF7SEOTmhGu7QuB91bmgPiSvX1w1UUOXgQWb1NXtl65BR/VwP
spikPIASd4CK+1znHp26sW9RFQWKp5uIPBTO9GCqd6D4HOo1Ymm0B3+wYrTbeLOA
iyHP282EWc18DKWHnmKzL8pqqkVrFZ9OoN3Rvt3X71KV
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org