Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
File: 673e8a42-e7d4-46a9-8302-c771426cd407.roa (raw, json)
Hash identifier: U4ECRDv+tyNUsYFkpuAC/X1cqgcl6S9nPszp738/tNg=
Subject key identifier: 2B:AA:40:A4:DC:D3:4C:6D:1E:FE:5A:E8:3D:7C:AD:EB:4D:29:ED:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26844E9AB1EEFDBE01323277C64AC36AAEB43017
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:84:4e:9a:b1:ee:fd:be:01:32:32:77:c6:4a:c3:6a:ae:b4:30:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=4fdc7e1dc61cdca0c911688ed21381f60318efafb826ceefd2f6d5b1c5ceec16, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:57:a8:2a:7a:a0:97:6c:44:09:dc:be:b0:f3:
08:08:21:df:d9:30:31:95:5b:2a:2d:b0:ab:e6:e4:
99:ae:b3:52:8a:3d:f9:ab:0e:3d:8e:1a:42:d4:b0:
8f:41:e5:74:bf:51:fa:28:7b:92:62:50:9c:4f:5b:
60:7d:41:08:e8:f3:9b:61:22:37:ac:1e:5e:5c:a6:
53:3a:57:ec:95:da:85:bd:ad:62:32:27:b7:f3:f1:
8c:68:36:6c:ea:11:42:a3:c6:1d:60:99:23:28:a5:
41:c7:c2:39:53:c4:df:99:a3:bd:81:ec:11:50:ce:
34:da:47:51:82:47:43:d9:e3:29:f0:b6:9e:6b:27:
9f:1e:47:96:65:55:10:98:d9:ca:3b:c3:0e:db:2c:
d0:cf:8c:1a:12:63:11:33:c7:25:ee:8b:1a:a8:3c:
33:a1:ca:cc:aa:a7:b9:69:33:9c:bb:34:30:75:58:
de:12:a2:67:96:94:be:55:54:f8:e7:9c:05:ca:23:
b3:1d:1b:d8:66:be:c9:d8:5d:56:01:1a:f4:95:1d:
55:d2:59:59:9b:d1:33:11:bc:0c:51:00:30:b2:c9:
fb:81:cd:e0:e7:3e:dd:02:e6:dd:ae:e7:10:ce:75:
4f:de:c8:3c:03:59:0a:94:c3:00:4d:b9:94:f2:7e:
56:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AA:40:A4:DC:D3:4C:6D:1E:FE:5A:E8:3D:7C:AD:EB:4D:29:ED:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/673e8a42-e7d4-46a9-8302-c771426cd407.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
65:11:03:a3:fe:fc:6a:40:8e:6b:94:d3:cb:b1:b1:2e:86:80:
35:3b:84:c7:6c:a9:bb:ab:3b:32:0e:9e:9c:08:7f:2f:c6:82:
0e:9b:8c:90:59:7b:f7:2b:0d:d9:d8:d1:20:ba:bf:65:be:80:
76:0f:0a:5e:be:f5:fe:8f:ee:37:e6:36:e6:23:62:e5:a8:38:
8e:2c:66:3c:e2:05:2b:01:4d:7c:87:60:8a:b8:41:4b:ca:61:
95:26:16:f0:3d:0e:4c:b6:ef:15:6e:66:45:f6:10:82:d5:99:
d0:74:6b:01:5c:fe:4d:b1:ea:4c:10:75:25:9c:72:37:36:14:
4f:f4:7f:57:78:4b:b7:79:5c:55:62:60:2d:92:3a:4e:cf:18:
f5:3f:d8:92:78:94:42:da:7f:09:96:39:0d:d5:dc:3f:dd:2e:
19:55:54:f4:59:70:77:6f:11:31:51:92:9d:8a:03:6b:0a:d4:
46:d3:2d:a8:68:36:e9:28:70:1a:d5:dd:82:76:80:18:ca:a3:
51:9a:8d:31:3b:cc:8a:3a:50:e8:92:3c:d1:c6:c1:67:97:41:
ef:fb:54:70:39:9c:66:fd:f2:96:c9:68:e5:da:8f:e7:0e:1d:
e9:3c:92:23:b9:e0:6d:d0:68:fd:d9:db:ac:10:d9:6c:09:22:
f6:a3:87:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJoROmrHu/b4BMjJ3xkrDaq60MBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmZGM3ZTFkYzYxY2RjYTBjOTExNjg4ZWQyMTM4MWY2MDMxOGVmYWZiODI2
Y2VlZmQyZjZkNWIxYzVjZWVjMTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1XqCp6oJdsRAncvrDzCAgh39kwMZVbKi2wq+bkma6zUoo9+asOPY4aQtSw
j0HldL9R+ih7kmJQnE9bYH1BCOjzm2EiN6weXlymUzpX7JXahb2tYjInt/PxjGg2
bOoRQqPGHWCZIyilQcfCOVPE35mjvYHsEVDONNpHUYJHQ9njKfC2nmsnnx5HlmVV
EJjZyjvDDtss0M+MGhJjETPHJe6LGqg8M6HKzKqnuWkznLs0MHVY3hKiZ5aUvlVU
+OecBcojsx0b2Ga+ydhdVgEa9JUdVdJZWZvRMxG8DFEAMLLJ+4HN4Oc+3QLm3a7n
EM51T97IPANZCpTDAE25lPJ+VrUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQrqkCk
3NNMbR7+Wug9fK3rTSntrjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjczZThhNDItZTdkNC00NmE5LTgzMDItYzc3MTQyNmNkNDA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQBlEQOj/vxqQI5rlNPLsbEuhoA1O4THbKm7qzsyDp6c
CH8vxoIOm4yQWXv3Kw3Z2NEgur9lvoB2DwpevvX+j+435jbmI2LlqDiOLGY84gUr
AU18h2CKuEFLymGVJhbwPQ5Mtu8VbmZF9hCC1ZnQdGsBXP5NsepMEHUlnHI3NhRP
9H9XeEu3eVxVYmAtkjpOzxj1P9iSeJRC2n8JljkN1dw/3S4ZVVT0WXB3bxExUZKd
igNrCtRG0y2oaDbpKHAa1d2CdoAYyqNRmo0xO8yKOlDokjzRxsFnl0Hv+1RwOZxm
/fKWyWjl2o/nDh3pPJIjueBt0Gj92dusENlsCSL2o4fb
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org