Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: al9+BBhrl6hDNjt5DsnXqZe349GFEiI3YaStnXbxZ8U=
Subject key identifier: C7:C9:D7:DD:99:59:4A:80:33:74:FA:10:C1:B8:98:99:EB:A8:ED:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 662C00BA32C5819AAC2162365F4A0F837D3EDB85
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Dec 2024 14:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:2c:00:ba:32:c5:81:9a:ac:21:62:36:5f:4a:0f:83:7d:3e:db:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=996de274792abc045adb0db1d530a840451a80caf7dc9881a44628012de4611b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:14:a7:1e:c5:68:1f:f3:46:3d:2b:9d:5b:d5:
bd:b4:af:62:82:43:b2:4b:85:47:aa:f4:6c:8b:09:
46:ab:0e:fb:3f:86:eb:ea:4f:3b:66:d6:79:29:d2:
61:ae:89:f4:bc:76:33:bd:12:a5:58:f4:48:2c:56:
04:ea:89:4d:ef:a8:e6:73:ab:f7:98:a0:85:c7:fc:
fd:38:9f:9d:18:4b:08:ab:4d:b3:98:2c:e9:46:f5:
10:04:c8:a8:70:81:d5:9f:a8:24:58:3e:87:46:18:
11:b8:9c:11:2f:b0:8c:b1:cd:f9:3b:8b:7e:4a:d0:
b9:a9:dc:30:4c:fb:16:58:79:56:d2:13:93:47:8e:
f5:ca:74:79:92:b1:6b:68:f1:0b:00:bd:95:15:2d:
19:b2:0b:a5:7e:86:28:21:ad:57:35:86:da:6d:69:
b0:5b:7a:19:8d:7d:21:46:15:21:da:9a:63:e3:2c:
d4:8b:ea:28:a1:92:61:df:7b:93:ab:07:58:24:3b:
2c:0d:bf:ad:f8:21:f6:9e:73:af:a2:6a:40:ac:23:
68:1c:15:15:de:d5:af:81:85:25:27:c0:6f:8b:78:
2f:af:4d:f8:08:c7:f3:8b:2f:f7:f6:ea:cf:e8:ae:
0f:38:be:d7:02:7b:1e:c3:8f:75:84:c7:d5:e7:cf:
c7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C9:D7:DD:99:59:4A:80:33:74:FA:10:C1:B8:98:99:EB:A8:ED:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c3:78:dd:76:42:ca:ab:83:50:30:2c:d5:df:ee:37:64:1c:57:
1b:fd:3a:05:56:fc:ae:a0:7a:86:b7:4e:44:b0:82:6d:e5:cb:
b1:36:f0:a4:e1:ed:53:ba:16:35:20:6c:99:2f:2a:7b:0b:36:
9a:53:59:ef:15:ac:a2:b6:9f:78:27:ef:63:cf:71:6f:d5:38:
f1:a4:ac:26:7e:ff:e9:b0:70:28:81:52:f8:92:79:bc:05:d3:
54:d8:de:40:5c:90:42:52:05:23:d5:df:27:18:c8:6b:9e:d8:
79:7a:5a:d5:91:71:31:a2:9e:82:72:fe:4e:2a:e8:66:c2:ad:
ca:48:c1:00:9a:45:dc:92:4a:9d:d8:5c:cc:54:cf:87:81:a8:
71:0d:99:67:95:f7:5f:25:df:32:df:87:b1:4b:74:04:21:96:
42:48:8d:cd:3f:85:ef:19:be:7e:ca:1f:5b:a9:69:ea:5f:92:
f1:2f:0d:f2:2c:78:f6:fc:cf:40:30:74:aa:09:52:99:ff:b9:
7f:2b:9e:f5:3f:ed:1c:63:0c:81:0e:8a:8e:82:31:e4:5d:53:
18:c5:cb:43:82:de:78:d7:b0:0b:e5:36:5e:4f:1c:cc:dd:e8:
4e:e6:d8:ba:dc:f9:a9:59:e5:74:2a:7c:f3:2e:47:69:88:bb:
06:73:00:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZiwAujLFgZqsIWI2X0oPg30+24UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NmRlMjc0NzkyYWJjMDQ1YWRiMGRiMWQ1MzBhODQwNDUxYTgwY2FmN2Rj
OTg4MWE0NDYyODAxMmRlNDYxMWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEUpx7FaB/zRj0rnVvVvbSvYoJDskuFR6r0bIsJRqsO+z+G6+pPO2bWeSnS
Ya6J9Lx2M70SpVj0SCxWBOqJTe+o5nOr95ighcf8/TifnRhLCKtNs5gs6Ub1EATI
qHCB1Z+oJFg+h0YYEbicES+wjLHN+TuLfkrQuancMEz7Flh5VtITk0eO9cp0eZKx
a2jxCwC9lRUtGbILpX6GKCGtVzWG2m1psFt6GY19IUYVIdqaY+Ms1IvqKKGSYd97
k6sHWCQ7LA2/rfgh9p5zr6JqQKwjaBwVFd7Vr4GFJSfAb4t4L69N+AjH84sv9/bq
z+iuDzi+1wJ7HsOPdYTH1efPx4UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTHydfd
mVlKgDN0+hDBuJiZ66jt6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQDDeN12Qsqrg1AwLNXf7jdkHFcb/ToFVvyuoHqGt05E
sIJt5cuxNvCk4e1TuhY1IGyZLyp7CzaaU1nvFayitp94J+9jz3Fv1TjxpKwmfv/p
sHAogVL4knm8BdNU2N5AXJBCUgUj1d8nGMhrnth5elrVkXExop6Ccv5OKuhmwq3K
SMEAmkXckkqd2FzMVM+HgahxDZlnlfdfJd8y34exS3QEIZZCSI3NP4XvGb5+yh9b
qWnqX5LxLw3yLHj2/M9AMHSqCVKZ/7l/K571P+0cYwyBDoqOgjHkXVMYxctDgt54
17AL5TZeTxzM3ehO5ti63PmpWeV0KnzzLkdpiLsGcwB3
-----END CERTIFICATE-----
Generated at Wed Dec 11 21:56:45 2024 by rpki-client on console-fra.rpki-client.org