Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
File: 7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa (raw, json)
Hash identifier: gNx/ZZZNeEpdDHFgkpVpNEoJRCNyA6KEw6kUwXe5Zww=
Subject key identifier: 6B:1B:35:B7:E5:91:7E:1E:9C:50:13:66:AD:51:95:F0:6C:06:6E:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E6908916D65942C71AC057663BB2AB9E2C43E51
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:69:08:91:6d:65:94:2c:71:ac:05:76:63:bb:2a:b9:e2:c4:3e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=8eb788a3d42409fa038b783268329f77498db304724ecfba4da3ca10a305650a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:60:97:2b:39:ff:84:c6:81:e1:d9:52:db:af:
ba:c7:18:9a:d4:b9:e2:63:78:59:22:a9:c1:46:06:
0e:76:86:a3:b4:cd:aa:10:1a:83:24:3e:63:47:e1:
7e:47:bd:fc:f0:c0:f5:62:6f:fb:82:98:1e:a1:ae:
42:5f:c8:c1:01:65:aa:b0:20:ef:dc:ed:a7:71:17:
e7:a3:aa:80:37:f5:f2:bf:3c:3b:ef:d6:99:40:7d:
b9:e3:64:2d:51:d3:f4:2e:bf:11:81:5f:a5:a0:1d:
16:78:d8:9a:8b:cd:ca:29:5e:70:0f:a8:0a:b2:2c:
72:33:b9:1f:78:7e:f7:34:25:64:b3:3a:0c:15:10:
3f:08:f1:04:67:45:cf:b2:a8:d8:d3:49:d3:84:89:
df:02:25:ca:a6:52:ce:7a:f1:a2:82:8d:ad:51:a4:
a4:c3:9f:c7:40:0f:fe:aa:3b:38:6d:39:32:e4:47:
49:29:b2:4f:d9:bb:3f:66:3e:0b:37:63:bf:ee:3c:
72:98:60:71:00:ab:b0:fd:56:60:4c:0e:c8:ff:32:
10:a5:31:c1:02:1e:8d:e8:c9:fa:64:79:82:06:60:
ec:97:f9:c2:3e:8b:95:b2:0a:54:34:5c:4a:85:8b:
cf:1b:cb:a5:b2:67:0a:5b:bb:88:56:52:eb:8a:b1:
74:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1B:35:B7:E5:91:7E:1E:9C:50:13:66:AD:51:95:F0:6C:06:6E:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7192e761-05a9-4c3e-9b22-eb3ed0c37d68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a8:1e:79:93:51:1f:dc:63:66:d8:88:20:7a:ee:dc:7b:fa:4c:
3b:ef:c3:83:6e:99:95:d7:63:8b:b0:85:c0:3a:81:59:55:2c:
fc:0d:e7:82:30:30:42:3f:c5:5f:f1:40:60:fe:8d:0a:ce:9c:
c4:0f:27:d4:b3:e9:e4:f0:37:81:1c:9f:2b:08:2a:59:39:78:
e6:af:76:06:dc:af:31:80:2f:f3:85:81:eb:88:09:a3:02:7c:
a3:03:73:d3:f0:02:55:5b:1f:56:18:ac:e8:78:dc:9d:a1:3a:
a8:41:36:be:d4:dd:b5:62:2d:f2:58:ac:85:55:ad:10:50:d1:
cc:b4:9e:fc:e3:51:c4:68:3a:fb:45:ab:0f:ac:17:8e:55:e2:
06:06:3f:0c:36:83:84:f1:29:5c:e5:70:9c:03:1a:b2:05:56:
74:98:bb:6e:44:4c:45:7a:70:3b:14:c8:24:8f:98:1d:d8:93:
c1:b3:3c:1d:7a:61:67:93:e5:cc:dc:5f:66:e9:6c:35:9f:38:
50:ad:03:65:c6:08:aa:1c:4c:ae:ef:4b:64:4b:5b:07:72:36:
ce:7e:05:0d:04:c1:25:cb:23:e4:b0:b4:fa:92:49:bb:b9:ae:
32:08:ec:a6:45:ce:ac:f6:19:a6:b4:1c:8b:c0:d2:48:c3:73:
6d:55:d3:78
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbmkIkW1llCxxrAV2Y7squeLEPlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlYjc4OGEzZDQyNDA5ZmEwMzhiNzgzMjY4MzI5Zjc3NDk4ZGIzMDQ3MjRl
Y2ZiYTRkYTNjYTEwYTMwNTY1MGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJglys5/4TGgeHZUtuvuscYmtS54mN4WSKpwUYGDnaGo7TNqhAagyQ+Y0fh
fke9/PDA9WJv+4KYHqGuQl/IwQFlqrAg79ztp3EX56OqgDf18r88O+/WmUB9ueNk
LVHT9C6/EYFfpaAdFnjYmovNyilecA+oCrIscjO5H3h+9zQlZLM6DBUQPwjxBGdF
z7Ko2NNJ04SJ3wIlyqZSznrxooKNrVGkpMOfx0AP/qo7OG05MuRHSSmyT9m7P2Y+
Czdjv+48cphgcQCrsP1WYEwOyP8yEKUxwQIejejJ+mR5ggZg7Jf5wj6LlbIKVDRc
SoWLzxvLpbJnClu7iFZS64qxdO8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRrGzW3
5ZF+HpxQE2atUZXwbAZuaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzE5MmU3NjEtMDVhOS00YzNlLTliMjItZWIzZWQwYzM3ZDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCoHnmTUR/cY2bYiCB67tx7+kw778ODbpmV12OLsIXA
OoFZVSz8DeeCMDBCP8Vf8UBg/o0KzpzEDyfUs+nk8DeBHJ8rCCpZOXjmr3YG3K8x
gC/zhYHriAmjAnyjA3PT8AJVWx9WGKzoeNydoTqoQTa+1N21Yi3yWKyFVa0QUNHM
tJ7841HEaDr7RasPrBeOVeIGBj8MNoOE8Slc5XCcAxqyBVZ0mLtuRExFenA7FMgk
j5gd2JPBszwdemFnk+XM3F9m6Ww1nzhQrQNlxgiqHEyu70tkS1sHcjbOfgUNBMEl
yyPksLT6kkm7ua4yCOymRc6s9hmmtByLwNJIw3NtVdN4
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org