Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
File: 77b69854-7acc-4257-9488-ffcab8197c82.roa (raw, json)
Hash identifier: HxDBRHC3udyzuWFKpkZZjUyRm74DJCFCjaPFk9lgR+w=
Subject key identifier: AC:3D:B3:84:3E:33:4F:51:84:4A:DA:DB:3B:36:F0:49:79:0F:86:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49159EC1AC2526BC390F4A594439F26355856484
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:15:9e:c1:ac:25:26:bc:39:0f:4a:59:44:39:f2:63:55:85:64:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=19465d7d9bc5bef97cea9adaea92bbfb59e943728a8fe009019f08bb071ef5d4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c6:3c:05:55:51:f5:82:c4:52:1f:ec:68:8f:
7d:83:3f:84:db:da:99:9b:73:8d:39:01:57:5f:68:
74:35:28:b4:ce:20:58:45:57:04:a0:a3:8d:af:41:
ff:ef:5c:f6:ff:bd:ca:49:b1:0a:67:00:16:92:e6:
2c:f1:40:21:28:c4:dd:40:21:17:dc:05:6e:e1:b4:
b7:64:cc:23:27:43:7a:71:f3:dc:37:34:59:2f:04:
45:70:25:59:94:32:f8:9d:09:5e:02:55:00:2f:67:
38:e0:b3:28:ad:a5:d7:43:78:52:98:3d:ba:78:5e:
13:3a:b5:ba:ee:69:65:da:68:0e:ab:bf:d6:ae:9e:
85:4a:49:95:ad:1f:44:2d:3a:b5:af:bf:81:01:29:
7a:0f:f9:90:be:60:0e:17:56:ae:39:45:3f:15:d5:
fe:09:92:fd:72:9f:5e:7e:0a:21:25:6d:27:4c:bb:
12:3a:4a:1d:d8:b5:e3:95:cd:39:8e:c7:d5:d3:f9:
d2:f9:9a:ba:0e:fd:ec:56:fe:57:a5:ed:60:8d:b0:
05:42:81:ff:79:c4:76:c3:9f:c5:f3:1b:d1:e5:9d:
3e:a8:4e:7b:3e:a2:a1:df:63:36:b6:78:0f:98:81:
19:ed:82:e0:f1:61:13:d0:37:6d:c2:bd:6c:ed:50:
ea:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3D:B3:84:3E:33:4F:51:84:4A:DA:DB:3B:36:F0:49:79:0F:86:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:9c:ad:02:7b:c9:a6:05:ba:8a:d2:4b:3b:54:62:a3:da:a9:
12:6a:86:5d:dc:b7:db:08:7c:d2:a5:f5:87:46:89:22:2a:a7:
6b:04:17:35:9a:c5:82:30:e1:76:ca:08:99:c9:99:42:c2:2c:
e0:37:31:e2:ac:e2:5f:e2:f3:aa:eb:47:35:f6:68:1c:ee:02:
9c:f2:46:68:3f:f3:0b:ca:31:2f:c8:01:e1:50:5b:70:04:ea:
0f:a3:88:c9:b2:9c:53:e9:36:b1:ec:b2:a8:11:99:df:43:a1:
6b:01:a6:95:28:06:20:84:78:1a:b5:0f:49:61:62:37:ce:98:
1e:48:61:af:2c:76:41:5f:f4:22:a4:d2:38:37:60:66:12:90:
f0:d0:ae:de:2d:fe:c3:ba:92:2f:62:38:9c:14:e4:b4:57:cc:
4d:36:bf:1e:0b:a8:a1:d4:a9:0a:ee:5c:74:9e:48:16:9e:b8:
63:8b:2e:23:06:23:ec:a2:06:bf:2e:5a:36:d6:3e:5d:77:d8:
f5:09:46:92:91:02:64:23:ab:b7:91:fb:fa:f1:5a:9b:3e:10:
8f:f3:58:b4:cb:a7:78:3c:74:d7:ec:ba:d4:1f:ca:5e:c2:14:
11:d1:63:c9:6e:fe:ed:19:42:88:fd:3b:80:db:18:c8:98:e8:
cc:55:64:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSRWewawlJrw5D0pZRDnyY1WFZIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5NDY1ZDdkOWJjNWJlZjk3Y2VhOWFkYWVhOTJiYmZiNTllOTQzNzI4YThm
ZTAwOTAxOWYwOGJiMDcxZWY1ZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3GPAVVUfWCxFIf7GiPfYM/hNvamZtzjTkBV19odDUotM4gWEVXBKCjja9B
/+9c9v+9ykmxCmcAFpLmLPFAISjE3UAhF9wFbuG0t2TMIydDenHz3Dc0WS8ERXAl
WZQy+J0JXgJVAC9nOOCzKK2l10N4Upg9unheEzq1uu5pZdpoDqu/1q6ehUpJla0f
RC06ta+/gQEpeg/5kL5gDhdWrjlFPxXV/gmS/XKfXn4KISVtJ0y7EjpKHdi145XN
OY7H1dP50vmaug797Fb+V6XtYI2wBUKB/3nEdsOfxfMb0eWdPqhOez6iod9jNrZ4
D5iBGe2C4PFhE9A3bcK9bO1Q6hECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsPbOE
PjNPUYRK2ts7NvBJeQ+GdDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzdiNjk4NTQtN2FjYy00MjU3LTk0ODgtZmZjYWI4MTk3YzgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQATnK0Ce8mmBbqK0ks7VGKj2qkSaoZd3LfbCHzSpfWH
RokiKqdrBBc1msWCMOF2ygiZyZlCwizgNzHirOJf4vOq60c19mgc7gKc8kZoP/ML
yjEvyAHhUFtwBOoPo4jJspxT6Tax7LKoEZnfQ6FrAaaVKAYghHgatQ9JYWI3zpge
SGGvLHZBX/QipNI4N2BmEpDw0K7eLf7DupIvYjicFOS0V8xNNr8eC6ih1KkK7lx0
nkgWnrhjiy4jBiPsoga/Llo21j5dd9j1CUaSkQJkI6u3kfv68VqbPhCP81i0y6d4
PHTX7LrUH8pewhQR0WPJbv7tGUKI/TuA2xjImOjMVWTi
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org