Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
File: 65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa (raw, json)
Hash identifier: PqOswGQ1pOQYUMn+V0yvBD6wOlhofgHMT4jA/lolyOA=
Subject key identifier: FA:A2:66:15:F6:9B:6B:01:7A:E6:B1:CB:14:F7:CE:1A:E7:AC:5B:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78B89A43BF50A6E9DAF27E03B478B5A3F65633C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b8:9a:43:bf:50:a6:e9:da:f2:7e:03:b4:78:b5:a3:f6:56:33:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=b3295dbca98ce7445394be7124fe726216e13a6414a7310521fb835cf72be1f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:f5:52:1e:ce:0b:16:23:c5:59:75:fd:f3:dc:
26:03:b7:92:ca:89:67:27:8f:44:3c:b4:a9:eb:2d:
ef:77:c0:96:3a:b7:f6:8d:59:5f:43:c1:d1:84:39:
c7:fe:5b:8f:1c:6b:34:3b:4f:32:88:7e:36:0a:54:
7b:8d:3e:c3:f7:cb:b4:4e:d0:7d:82:bb:ec:06:6a:
e0:d0:03:22:94:91:ce:88:3c:3b:d5:0e:f2:7e:13:
cb:0b:62:5f:d3:8d:67:ee:91:1b:10:0e:28:db:ab:
dc:e8:e5:cb:05:9c:00:11:fc:06:8a:18:40:37:25:
35:e5:11:d8:6a:18:70:8f:1b:db:2f:e3:ab:01:cd:
62:e5:80:f6:e0:76:88:2e:38:fc:a0:92:a1:e9:79:
5c:9f:21:ca:1e:89:c0:7b:73:61:f5:7e:c2:ba:aa:
99:03:1d:48:d3:5f:41:2a:c2:00:86:12:8b:6e:64:
5a:b5:1b:93:6d:0e:58:ac:e9:49:89:b8:89:7f:ac:
d3:3d:16:f1:9d:d7:64:8c:4c:67:f7:cc:e6:33:27:
4a:eb:c6:fd:29:ef:91:2d:66:22:03:ad:fb:29:85:
72:3e:a4:4d:45:3c:77:c6:e6:3a:5e:0c:a0:ff:ea:
c2:57:48:0a:1f:17:d3:15:53:8a:0b:7d:0b:cd:4e:
66:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A2:66:15:F6:9B:6B:01:7A:E6:B1:CB:14:F7:CE:1A:E7:AC:5B:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/65006a80-461d-4fa1-9ee7-0c6ea5fbb77a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
bf:94:0d:66:86:92:2b:64:a6:f1:b8:66:b0:e5:47:08:09:27:
55:5c:37:37:d9:75:6b:a0:44:a1:99:95:7f:74:41:79:41:53:
37:8c:07:cc:18:bb:7c:94:47:92:e4:5c:3d:5d:87:49:da:87:
2c:3a:1d:89:73:cb:be:4c:a9:6d:92:7e:08:3c:49:1f:7a:31:
31:74:53:5e:4b:23:19:85:67:5b:64:51:3e:1e:2c:13:4a:76:
90:cd:e4:65:d9:f9:bf:26:e3:81:b1:8a:91:99:3b:da:a8:6f:
80:f6:9e:4d:ec:17:00:82:a6:a3:84:09:51:fc:fd:63:d7:60:
09:d2:ec:ef:ba:34:6e:07:bf:d1:e7:d1:43:d2:3b:04:ad:22:
fa:a4:97:2e:f4:6e:22:43:c6:33:d6:17:b3:f0:68:48:0d:40:
8a:aa:4b:00:97:d0:8e:00:71:a9:ce:6a:ff:85:aa:31:4f:75:
60:18:b7:48:c5:6c:c0:c1:05:f0:ad:ff:7f:e4:7b:10:15:8a:
64:37:df:8b:f0:eb:88:51:da:2f:a0:92:f6:fb:1c:46:89:77:
8e:0f:da:36:1c:bf:98:e1:e8:2a:16:8e:e1:3a:58:0a:76:58:
fd:47:a3:bf:69:3f:cc:e6:af:08:74:22:a6:5f:00:3f:08:3f:
75:cb:eb:79
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeLiaQ79Qpuna8n4DtHi1o/ZWM8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzMjk1ZGJjYTk4Y2U3NDQ1Mzk0YmU3MTI0ZmU3MjYyMTZlMTNhNjQxNGE3
MzEwNTIxZmI4MzVjZjcyYmUxZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPz1Uh7OCxYjxVl1/fPcJgO3ksqJZyePRDy0qest73fAljq39o1ZX0PB0YQ5
x/5bjxxrNDtPMoh+NgpUe40+w/fLtE7QfYK77AZq4NADIpSRzog8O9UO8n4Tywti
X9ONZ+6RGxAOKNur3OjlywWcABH8BooYQDclNeUR2GoYcI8b2y/jqwHNYuWA9uB2
iC44/KCSoel5XJ8hyh6JwHtzYfV+wrqqmQMdSNNfQSrCAIYSi25kWrUbk20OWKzp
SYm4iX+s0z0W8Z3XZIxMZ/fM5jMnSuvG/SnvkS1mIgOt+ymFcj6kTUU8d8bmOl4M
oP/qwldICh8X0xVTigt9C81OZlMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT6omYV
9ptrAXrmscsU984a56xbMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjUwMDZhODAtNDYxZC00ZmExLTllZTctMGM2ZWE1ZmJiNzdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEAv5QNZoaSK2Sm8bhmsOVHCAknVVw3N9l1a6BEoZmV
f3RBeUFTN4wHzBi7fJRHkuRcPV2HSdqHLDodiXPLvkypbZJ+CDxJH3oxMXRTXksj
GYVnW2RRPh4sE0p2kM3kZdn5vybjgbGKkZk72qhvgPaeTewXAIKmo4QJUfz9Y9dg
CdLs77o0bge/0efRQ9I7BK0i+qSXLvRuIkPGM9YXs/BoSA1AiqpLAJfQjgBxqc5q
/4WqMU91YBi3SMVswMEF8K3/f+R7EBWKZDffi/DriFHaL6CS9vscRol3jg/aNhy/
mOHoKhaO4TpYCnZY/Uejv2k/zOavCHQipl8APwg/dcvreQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org