Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/645140ca-ded9-48d5-91a3-42aec1941dcf.roa
File: 645140ca-ded9-48d5-91a3-42aec1941dcf.roa (raw, json)
Hash identifier: +4ShdhPpghaHOUOKRLeHT1lwQY9JmuCzRKYkNTYb3zQ=
Subject key identifier: 09:0B:DA:E8:DE:69:9A:02:08:A5:4B:48:3E:E7:8D:44:7E:7C:7D:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48035AE11B25D48745E2419E19315A7A0FE6CD8F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/645140ca-ded9-48d5-91a3-42aec1941dcf.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:03:5a:e1:1b:25:d4:87:45:e2:41:9e:19:31:5a:7a:0f:e6:cd:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=18ba1a61ba8af829226153420df6a5f037cdc701c1fcc81f60da186115ce134b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7d:15:0c:48:96:10:d0:84:db:36:d7:cd:79:
df:5e:91:98:10:7b:6c:99:2e:49:f3:89:e7:e2:89:
30:fa:74:e3:e8:86:06:19:c2:41:17:ab:a1:5a:1d:
8a:57:c9:f2:c6:17:c7:72:93:2d:06:e8:e9:ad:73:
ec:ff:12:31:d1:07:76:8b:38:fe:29:33:bf:d2:e6:
fe:55:d5:85:39:43:a3:cf:a5:20:76:8d:d4:64:2c:
92:90:7e:d0:8b:97:26:44:dd:b3:13:fe:b0:cb:82:
1b:7a:03:f1:a4:8e:9e:41:20:41:0c:b7:e5:ff:0f:
2b:8f:61:dd:8c:f1:df:a0:46:64:6e:1c:5d:26:ad:
5c:db:d1:8d:07:8a:e5:e3:0c:35:d2:3f:ac:c6:9c:
3a:f8:45:a3:82:86:11:42:7d:aa:8c:47:6d:30:80:
1b:29:26:ea:35:49:69:d5:5d:75:1a:23:65:3a:40:
df:a8:9d:73:dc:36:a6:76:ca:c1:7d:ee:90:37:89:
9b:8c:3a:f3:be:90:79:92:5d:f6:a9:f3:0a:af:ae:
77:1b:3e:da:1d:95:9f:31:ab:cd:05:65:23:ff:e3:
b9:aa:73:4e:82:3a:01:e6:f2:f3:22:ca:07:38:07:
03:f8:6f:83:d0:51:68:1a:e6:fa:fe:6e:01:0e:8a:
e9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0B:DA:E8:DE:69:9A:02:08:A5:4B:48:3E:E7:8D:44:7E:7C:7D:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/645140ca-ded9-48d5-91a3-42aec1941dcf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
54:f3:bc:9e:2c:e9:14:a0:9d:c2:a5:30:07:b0:8f:f1:a5:8f:
25:73:84:3c:5d:ea:0d:48:e0:d0:a6:7e:a6:91:63:2d:eb:71:
60:0b:8e:4a:93:38:94:a8:db:a2:54:01:77:68:5b:05:8f:9e:
2f:45:56:fb:5b:35:a5:42:0f:29:87:ad:ab:2f:05:96:d8:61:
00:c2:d9:ca:77:52:bf:45:e8:68:5c:dc:7f:ba:49:8f:ae:76:
42:01:0b:af:27:d2:ff:7b:f0:25:d6:52:c1:42:7b:09:ff:e8:
83:9b:cd:b1:54:c3:4d:f2:3b:8b:89:5d:aa:89:84:ab:c8:41:
3e:3e:8c:52:4b:1f:6c:06:a7:3c:7c:6e:60:ee:ff:98:da:02:
1c:5d:b1:db:9e:4a:31:85:3e:3c:07:1b:89:c1:28:2f:fc:18:
05:f0:46:4f:49:2c:4c:6e:4f:5b:58:2c:10:00:85:fe:3e:94:
72:2d:89:2a:e5:f5:6d:28:4c:42:bb:61:93:f1:29:9e:21:50:
3f:f9:96:0f:42:b1:d0:f3:ea:2c:6f:ab:2c:99:3e:63:c0:ea:
dc:e1:0d:51:ef:fd:50:dd:90:8b:af:74:86:99:a7:02:04:78:
44:f3:3d:bf:e1:cf:e5:c2:f7:3f:88:4b:7a:b5:3c:42:f2:6f:
ec:c7:84:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSANa4Rsl1IdF4kGeGTFaeg/mzY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4YmExYTYxYmE4YWY4MjkyMjYxNTM0MjBkZjZhNWYwMzdjZGM3MDFjMWZj
YzgxZjYwZGExODYxMTVjZTEzNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKR9FQxIlhDQhNs21815316RmBB7bJkuSfOJ5+KJMPp04+iGBhnCQReroVod
ilfJ8sYXx3KTLQbo6a1z7P8SMdEHdos4/ikzv9Lm/lXVhTlDo8+lIHaN1GQskpB+
0IuXJkTdsxP+sMuCG3oD8aSOnkEgQQy35f8PK49h3Yzx36BGZG4cXSatXNvRjQeK
5eMMNdI/rMacOvhFo4KGEUJ9qoxHbTCAGykm6jVJadVddRojZTpA36idc9w2pnbK
wX3ukDeJm4w6876QeZJd9qnzCq+udxs+2h2VnzGrzQVlI//juapzToI6Aeby8yLK
BzgHA/hvg9BRaBrm+v5uAQ6K6fMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJC9ro
3mmaAgilS0g+541Efnx9eTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjQ1MTQwY2EtZGVkOS00OGQ1LTkxYTMtNDJhZWMxOTQxZGNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQBU87yeLOkUoJ3CpTAHsI/xpY8lc4Q8XeoNSODQpn6m
kWMt63FgC45KkziUqNuiVAF3aFsFj54vRVb7WzWlQg8ph62rLwWW2GEAwtnKd1K/
RehoXNx/ukmPrnZCAQuvJ9L/e/Al1lLBQnsJ/+iDm82xVMNN8juLiV2qiYSryEE+
PoxSSx9sBqc8fG5g7v+Y2gIcXbHbnkoxhT48BxuJwSgv/BgF8EZPSSxMbk9bWCwQ
AIX+PpRyLYkq5fVtKExCu2GT8SmeIVA/+ZYPQrHQ8+osb6ssmT5jwOrc4Q1R7/1Q
3ZCLr3SGmacCBHhE8z2/4c/lwvc/iEt6tTxC8m/sx4RA
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org