Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
File: 72138391-f885-46be-9450-815e493cd6a4.roa (raw, json)
Hash identifier: kuZvHX8CnV+XbsR1cmoOBRjbhSWg9qAslxmeJ0qZ3ac=
Subject key identifier: B2:93:AC:EE:33:BA:DF:F1:D3:F2:5F:CB:D5:2B:15:21:17:0F:38:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19B4ABA0B587E7F8A0610DBF68853307175B60B7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:b4:ab:a0:b5:87:e7:f8:a0:61:0d:bf:68:85:33:07:17:5b:60:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=7ab5bc7c88810bf45ef7a8403456629adabb71da8ee81247ff1a46ac7d496a6a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:73:b6:67:31:26:54:3f:34:5b:05:d3:17:b3:
ae:5d:7a:1a:65:9c:39:e2:6b:ae:7f:1a:9e:5d:17:
bf:a1:10:a5:5e:fd:24:3e:31:fb:38:8c:fa:8f:08:
70:25:b9:3f:ce:10:40:07:e8:70:d5:56:00:5a:95:
3b:20:6f:5e:92:17:a8:90:3e:d1:56:8e:a9:b8:df:
0c:c6:f9:8b:de:a9:45:31:3b:fe:a3:c1:9d:59:43:
df:8f:ab:99:8c:d5:e1:ea:e7:ac:60:34:9f:68:6d:
14:cf:43:07:b3:19:a0:70:56:b5:9e:b7:8b:ec:eb:
55:3b:5a:ee:a2:75:71:1c:32:c2:d6:69:6b:10:ee:
db:66:37:95:df:16:25:bb:50:6a:ed:37:d3:60:20:
be:6b:34:01:76:6a:e5:8d:c6:65:7c:34:6a:37:58:
bc:03:db:19:2c:d7:62:1d:64:00:49:ee:84:bc:fe:
11:bf:47:c7:5e:b2:0c:4a:4a:28:ce:a0:e2:3d:55:
e4:f9:07:1c:c3:92:0d:86:6e:8d:ef:53:83:11:74:
0f:19:81:2c:3c:cd:41:bc:12:35:58:08:97:f4:fb:
12:c4:b1:4b:d1:fd:58:33:e2:06:8c:1e:6d:ab:bd:
b2:86:21:17:9b:df:b0:fa:9f:d8:16:33:55:b8:b3:
51:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:93:AC:EE:33:BA:DF:F1:D3:F2:5F:CB:D5:2B:15:21:17:0F:38:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/72138391-f885-46be-9450-815e493cd6a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b3:1a:f1:2c:d8:a4:c6:50:b0:4e:c7:d0:9a:f0:02:7c:8b:af:
ff:66:de:b2:02:d1:8d:69:86:52:22:ca:45:8c:82:57:0c:b9:
a6:5b:86:49:a8:db:19:ef:cf:b3:65:74:e8:32:e9:ea:41:78:
6c:bf:a2:d9:08:9e:c9:67:74:6a:d7:d6:ff:33:de:0a:08:9c:
91:0e:3c:c7:36:eb:16:1f:ad:d7:ec:a2:72:02:d7:ae:9a:97:
fc:11:8b:81:95:0b:06:3d:8b:92:fa:02:a8:20:51:3b:7b:a3:
94:66:6e:77:08:45:e9:ad:eb:0f:c5:45:10:9c:be:8d:26:5f:
5a:c5:c8:80:e5:25:ee:07:23:4a:95:08:d8:d3:2b:81:ee:62:
47:35:d2:82:76:5e:d2:d0:6c:94:ee:0a:ec:bd:e1:7e:8d:fb:
77:ce:f6:20:66:98:54:ad:1f:81:ab:65:a8:73:4d:ec:eb:36:
49:3c:29:8c:92:33:86:03:e2:c9:fe:9a:a5:2e:f5:b5:a4:29:
44:bb:07:28:2f:c8:a9:68:b7:b1:1a:db:5c:00:e9:cb:36:7a:
e7:08:23:9c:d7:66:19:1e:a7:b1:36:66:00:0d:19:01:04:1e:
eb:d1:90:de:15:44:26:ce:1f:2b:fe:01:20:e0:9d:4d:c6:fc:
48:e8:fc:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGbSroLWH5/igYQ2/aIUzBxdbYLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhYjViYzdjODg4MTBiZjQ1ZWY3YTg0MDM0NTY2MjlhZGFiYjcxZGE4ZWU4
MTI0N2ZmMWE0NmFjN2Q0OTZhNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1ztmcxJlQ/NFsF0xezrl16GmWcOeJrrn8anl0Xv6EQpV79JD4x+ziM+o8I
cCW5P84QQAfocNVWAFqVOyBvXpIXqJA+0VaOqbjfDMb5i96pRTE7/qPBnVlD34+r
mYzV4ernrGA0n2htFM9DB7MZoHBWtZ63i+zrVTta7qJ1cRwywtZpaxDu22Y3ld8W
JbtQau0302Agvms0AXZq5Y3GZXw0ajdYvAPbGSzXYh1kAEnuhLz+Eb9Hx16yDEpK
KM6g4j1V5PkHHMOSDYZuje9TgxF0DxmBLDzNQbwSNVgIl/T7EsSxS9H9WDPiBowe
bau9soYhF5vfsPqf2BYzVbizUc8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSyk6zu
M7rf8dPyX8vVKxUhFw846jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzIxMzgzOTEtZjg4NS00NmJlLTk0NTAtODE1ZTQ5M2NkNmE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQCzGvEs2KTGULBOx9Ca8AJ8i6//Zt6yAtGNaYZSIspF
jIJXDLmmW4ZJqNsZ78+zZXToMunqQXhsv6LZCJ7JZ3Rq19b/M94KCJyRDjzHNusW
H63X7KJyAteumpf8EYuBlQsGPYuS+gKoIFE7e6OUZm53CEXpresPxUUQnL6NJl9a
xciA5SXuByNKlQjY0yuB7mJHNdKCdl7S0GyU7grsveF+jft3zvYgZphUrR+Bq2Wo
c03s6zZJPCmMkjOGA+LJ/pqlLvW1pClEuwcoL8ipaLexGttcAOnLNnrnCCOc12YZ
HqexNmYADRkBBB7r0ZDeFUQmzh8r/gEg4J1NxvxI6Pzu
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org