Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7764f303-17ca-41de-afb2-e2a4278e047f.roa
File: 7764f303-17ca-41de-afb2-e2a4278e047f.roa (raw, json)
Hash identifier: Aa/P8/sVlA/qujJFnyTKMKLpjEd9Es/0y+xV0+gSlxw=
Subject key identifier: 3D:97:FD:50:66:B3:11:91:9B:80:5A:40:36:0F:76:30:47:21:42:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71D111966CBA40B654FE37F3A10A96189F26D7B0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7764f303-17ca-41de-afb2-e2a4278e047f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:d1:11:96:6c:ba:40:b6:54:fe:37:f3:a1:0a:96:18:9f:26:d7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=bcd8c39d393f9d9236a1b85828ce4d8d225c26ddfaba80c078b59eb4f1293c78, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:94:2f:b9:89:ba:02:ff:cb:a0:e3:ca:cf:
56:a2:78:1a:6e:73:d1:9d:13:38:d9:95:b8:89:0a:
f0:32:26:58:f6:e9:b9:81:49:d0:99:7c:d5:92:e1:
4e:b5:9c:90:75:a2:ad:41:0f:3f:f5:f3:89:b7:ab:
88:78:e7:c7:bb:08:12:c0:ac:8d:d8:44:27:17:97:
86:96:e4:37:f9:b6:05:b6:86:56:64:7b:4a:20:5b:
e3:68:30:6e:23:ce:06:26:4a:29:60:38:ee:50:42:
3f:0c:5d:bb:7e:2c:0b:ff:0c:76:db:fa:f3:e1:49:
08:2c:c4:2b:0f:b4:72:7e:ea:1a:23:ec:a1:69:02:
93:5e:ef:be:bd:5b:c1:c9:45:98:87:e3:4a:01:0e:
6b:d6:72:43:58:ab:e5:85:e1:79:aa:c1:76:68:ff:
21:a5:92:b6:9c:40:87:14:7a:bd:74:60:dc:7f:6b:
f5:00:f7:ae:1a:07:23:59:7a:19:14:2e:ce:8e:e6:
3c:61:86:da:83:36:8d:1b:2c:14:b6:1f:25:5c:a3:
5f:43:09:ad:a6:2e:b7:bd:41:8f:40:8e:8c:9f:92:
d4:b3:d5:ad:a3:52:a4:97:1e:9d:ca:08:40:60:b6:
a7:2b:9f:0f:d7:ec:48:75:20:6d:30:3b:a5:4b:d8:
1f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:97:FD:50:66:B3:11:91:9B:80:5A:40:36:0F:76:30:47:21:42:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7764f303-17ca-41de-afb2-e2a4278e047f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8f:15:76:ef:91:c8:b5:aa:29:27:37:b6:d9:19:36:fd:e0:a3:
63:c4:26:56:46:d4:8f:73:3b:01:70:50:51:b9:4b:20:f3:bb:
62:8f:bd:52:53:f5:a4:bb:e3:db:50:9b:9e:c9:21:73:bb:bf:
b4:92:ad:1a:f4:ce:32:bb:4b:46:5e:d1:4b:86:04:43:20:53:
0c:c6:9b:8f:ac:58:0c:74:09:28:94:ea:5f:97:fe:49:26:89:
14:24:1d:42:2e:02:5d:92:a5:29:8a:1e:f5:97:03:bf:42:f5:
8c:80:2c:f5:03:5a:24:f1:9e:b0:33:06:ea:db:d5:4d:90:db:
70:53:f5:ec:64:dc:26:51:d4:52:03:bf:12:a7:80:7b:43:ed:
d6:0c:99:fc:6d:50:53:e6:01:45:92:8a:8d:b7:b9:45:2a:d8:
93:e7:02:5f:8d:5a:ca:a7:ab:91:03:d6:24:98:b0:56:62:8a:
54:63:a0:7f:07:f5:77:80:38:d1:73:d4:40:68:f5:d6:d0:8c:
0e:de:33:63:d4:1d:89:06:08:fc:c2:22:66:c0:bb:d3:7b:06:
c1:b7:ae:09:83:ca:2f:1d:48:5c:52:be:5c:cb:cc:85:2d:92:
b3:40:e4:81:a6:86:85:44:e8:a2:a4:20:86:24:62:79:ae:96:
a8:b8:f5:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcdERlmy6QLZU/jfzoQqWGJ8m17AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjZDhjMzlkMzkzZjlkOTIzNmExYjg1ODI4Y2U0ZDhkMjI1YzI2ZGRmYWJh
ODBjMDc4YjU5ZWI0ZjEyOTNjNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbclC+5iboC/8ug48rPVqJ4Gm5z0Z0TONmVuIkK8DImWPbpuYFJ0Jl81ZLh
TrWckHWirUEPP/XziberiHjnx7sIEsCsjdhEJxeXhpbkN/m2BbaGVmR7SiBb42gw
biPOBiZKKWA47lBCPwxdu34sC/8Mdtv68+FJCCzEKw+0cn7qGiPsoWkCk17vvr1b
wclFmIfjSgEOa9ZyQ1ir5YXhearBdmj/IaWStpxAhxR6vXRg3H9r9QD3rhoHI1l6
GRQuzo7mPGGG2oM2jRssFLYfJVyjX0MJraYut71Bj0COjJ+S1LPVraNSpJcencoI
QGC2pyufD9fsSHUgbTA7pUvYH4UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9l/1Q
ZrMRkZuAWkA2D3YwRyFCUTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzc2NGYzMDMtMTdjYS00MWRlLWFmYjItZTJhNDI3OGUwNDdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQCPFXbvkci1qiknN7bZGTb94KNjxCZWRtSPczsBcFBR
uUsg87tij71SU/Wku+PbUJueySFzu7+0kq0a9M4yu0tGXtFLhgRDIFMMxpuPrFgM
dAkolOpfl/5JJokUJB1CLgJdkqUpih71lwO/QvWMgCz1A1ok8Z6wMwbq29VNkNtw
U/XsZNwmUdRSA78Sp4B7Q+3WDJn8bVBT5gFFkoqNt7lFKtiT5wJfjVrKp6uRA9Yk
mLBWYopUY6B/B/V3gDjRc9RAaPXW0IwO3jNj1B2JBgj8wiJmwLvTewbBt64Jg8ov
HUhcUr5cy8yFLZKzQOSBpoaFROiipCCGJGJ5rpaouPXv
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org