Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7438d445-a5f7-4e01-82a2-5975f6fc967c.roa
File: 7438d445-a5f7-4e01-82a2-5975f6fc967c.roa (raw, json)
Hash identifier: buqyxbj4WzPxKcnSRgBIrQY1cUBKoHYIlHao+gOnfRs=
Subject key identifier: 29:E1:7A:01:10:D4:C2:25:94:B8:15:91:BC:38:DD:19:62:A2:FE:4C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21B3673BD7D65BDE4E3B5B7CBE35F21ECDDBA8C2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7438d445-a5f7-4e01-82a2-5975f6fc967c.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b3:67:3b:d7:d6:5b:de:4e:3b:5b:7c:be:35:f2:1e:cd:db:a8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=e8b6493a1bdf8dc4bb159f71a1b776ec6975dcb2184e5d349479253f6097f634, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:31:c9:68:35:72:95:ec:09:e6:1e:72:b8:78:
a6:39:4f:00:55:57:62:c7:24:55:08:71:27:11:c8:
29:94:72:82:32:d9:32:0f:53:21:92:03:78:14:08:
b5:2a:b7:28:77:50:d4:2f:ab:a6:ee:39:f4:9b:0e:
44:d4:87:74:3f:8e:06:36:a4:cf:5e:7e:51:48:c1:
2a:8e:73:25:77:d1:fe:08:e4:41:82:f9:fe:82:c9:
e5:31:18:d9:b4:9c:98:d8:28:05:09:9a:d9:70:73:
a5:90:f6:7e:76:8d:0d:e9:3a:ca:70:6f:89:76:09:
43:55:83:29:26:af:19:a7:8c:07:85:16:fd:3c:8b:
0c:84:77:f5:5b:94:60:3c:eb:00:e3:53:36:f4:52:
d7:aa:db:87:83:76:89:74:5c:47:d4:ba:b8:b3:75:
bb:8a:2a:b6:7e:c9:02:ce:05:a4:0e:3b:18:c8:66:
a3:f5:4f:94:67:71:6e:9f:2d:bb:ed:79:96:db:0c:
98:f0:b0:95:14:1a:8d:95:59:fa:d3:4e:94:90:9f:
3c:40:44:45:d7:34:81:67:d2:02:b4:d1:97:35:8a:
36:be:b7:d2:6f:28:10:03:c5:9c:39:d1:94:eb:6b:
6b:fa:6b:53:66:48:46:c0:82:e5:00:8f:19:2a:b2:
e0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E1:7A:01:10:D4:C2:25:94:B8:15:91:BC:38:DD:19:62:A2:FE:4C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7438d445-a5f7-4e01-82a2-5975f6fc967c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:15:86:09:c0:ea:69:7a:29:67:71:a1:35:25:18:71:83:08:
c9:9c:8a:c8:ea:96:b6:7c:ef:e1:d2:95:96:2a:90:2c:6a:b8:
d5:07:79:fa:a9:3e:9c:c3:27:51:b6:dc:78:d6:a8:65:26:9a:
0d:e8:bf:df:09:ed:29:14:7b:2d:c8:fa:ba:54:85:00:c3:93:
24:af:1f:fa:47:5d:ac:4c:8d:82:2a:0e:8d:ba:63:59:35:63:
3c:b7:c3:ec:64:a0:8a:39:78:e2:7f:39:77:4d:88:3d:b4:1c:
3c:da:1c:94:ec:45:00:b8:04:9d:4e:e9:ef:28:78:c2:27:3c:
96:f8:b6:48:ec:4a:5b:1c:f1:0d:c5:e3:5e:71:40:5e:37:8d:
6c:e5:a5:62:4b:5d:7e:73:e9:7f:d0:ff:33:fc:7a:25:24:57:
e9:a3:c1:cd:21:7a:e4:3f:3e:ef:d8:80:d3:90:91:cd:3f:94:
77:37:b5:d4:64:8e:bb:32:05:8c:3a:46:35:15:96:c9:3f:a7:
15:0d:92:49:e2:63:89:ba:27:96:c5:24:2d:57:b6:9e:70:89:
2b:ab:10:31:57:d5:0d:1b:f8:ab:83:d6:2b:77:bc:73:81:6c:
04:54:0f:14:df:16:7e:82:81:a6:2c:f4:a2:1d:3e:d3:f3:89:
52:71:2b:98
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIbNnO9fWW95OO1t8vjXyHs3bqMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4YjY0OTNhMWJkZjhkYzRiYjE1OWY3MWExYjc3NmVjNjk3NWRjYjIxODRl
NWQzNDk0NzkyNTNmNjA5N2Y2MzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUxyWg1cpXsCeYecrh4pjlPAFVXYsckVQhxJxHIKZRygjLZMg9TIZIDeBQI
tSq3KHdQ1C+rpu459JsORNSHdD+OBjakz15+UUjBKo5zJXfR/gjkQYL5/oLJ5TEY
2bScmNgoBQma2XBzpZD2fnaNDek6ynBviXYJQ1WDKSavGaeMB4UW/TyLDIR39VuU
YDzrAONTNvRS16rbh4N2iXRcR9S6uLN1u4oqtn7JAs4FpA47GMhmo/VPlGdxbp8t
u+15ltsMmPCwlRQajZVZ+tNOlJCfPEBERdc0gWfSArTRlzWKNr630m8oEAPFnDnR
lOtra/prU2ZIRsCC5QCPGSqy4AMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQp4XoB
ENTCJZS4FZG8ON0ZYqL+TDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzQzOGQ0NDUtYTVmNy00ZTAxLTgyYTItNTk3NWY2ZmM5NjdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQBZFYYJwOppeilncaE1JRhxgwjJnIrI6pa2fO/h0pWW
KpAsarjVB3n6qT6cwydRttx41qhlJpoN6L/fCe0pFHstyPq6VIUAw5Mkrx/6R12s
TI2CKg6NumNZNWM8t8PsZKCKOXjifzl3TYg9tBw82hyU7EUAuASdTunvKHjCJzyW
+LZI7EpbHPENxeNecUBeN41s5aViS11+c+l/0P8z/HolJFfpo8HNIXrkPz7v2IDT
kJHNP5R3N7XUZI67MgWMOkY1FZbJP6cVDZJJ4mOJuieWxSQtV7aecIkrqxAxV9UN
G/irg9Yrd7xzgWwEVA8U3xZ+goGmLPSiHT7T84lScSuY
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org