Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
File: 78a98b8d-81ac-4e41-a012-084be89be1cb.roa (raw, json)
Hash identifier: X/sXX9OZeRkOtaRRhav5Q98oeDlkqXOJJi7Tl5mUv0M=
Subject key identifier: 66:86:31:22:64:CB:AB:90:DB:D8:3F:2F:97:E8:DA:28:DB:DA:24:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 078E23D40ED04829FBA4021DFC802AA612E35870
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
Signing time: Wed 06 Nov 2024 00:00:00 +0000
ROA not before: Wed 06 Nov 2024 00:00:00 +0000
ROA not after: Wed 11 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:8e:23:d4:0e:d0:48:29:fb:a4:02:1d:fc:80:2a:a6:12:e3:58:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 6 00:00:00 2024 GMT
Not After : Dec 11 23:59:59 2024 GMT
Subject: serialNumber=bd4509301ae1f98235cce709dcfdd29bf63f136f276cf2996726474d76879221, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:18:a1:28:44:8b:93:95:e6:6d:54:a0:a3:d5:
37:8c:09:16:9d:0a:b9:77:7c:cc:f3:03:97:c2:1d:
35:82:03:3e:2a:c5:74:6e:09:94:ac:28:48:4e:6c:
23:67:43:af:a8:0a:18:bc:e9:52:8a:56:e3:91:e3:
0d:44:bb:5b:3e:f9:ec:f0:40:c8:2c:7a:15:91:ff:
50:48:a9:86:5a:ec:2e:bc:78:51:f1:07:95:15:db:
29:22:78:5f:29:1a:a1:f8:a9:19:b7:5e:fc:38:46:
1c:1a:68:0f:40:ac:7c:9c:5c:01:00:db:ee:21:eb:
8e:41:d8:f9:2a:73:61:3c:b9:58:1c:ae:db:54:4e:
27:ab:3a:38:39:8c:e4:6d:34:80:9e:08:6f:bf:49:
ac:20:f4:64:23:f0:f2:b1:37:65:b0:01:68:0f:fa:
f6:10:b0:2a:07:6d:ee:a5:27:53:5e:d9:7c:10:d7:
5a:49:93:38:7e:3e:c0:02:47:d3:a7:ba:f2:4b:54:
f8:cf:34:9b:b2:02:3b:87:ee:cd:38:6c:cb:30:c9:
ed:f7:bf:32:27:34:7d:df:93:56:a8:8d:d7:c1:4e:
5c:69:61:93:35:2c:78:42:e5:3d:9d:6f:18:98:b8:
0e:9d:55:5e:fa:cc:3f:e6:9a:da:5e:62:0b:66:5c:
1b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:86:31:22:64:CB:AB:90:DB:D8:3F:2F:97:E8:DA:28:DB:DA:24:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7d:ae:81:38:9e:29:b7:6d:69:0f:20:a8:43:a1:5d:05:9b:3a:
61:1a:67:c6:47:aa:5c:d4:53:1c:48:8a:11:bb:d7:10:8b:86:
39:7d:ed:ab:14:e1:78:67:16:bb:3a:34:d7:6e:a0:f7:bd:c9:
5d:37:a2:c7:b4:39:36:d9:b0:e2:80:1b:a1:c8:76:f8:2a:f6:
d1:5e:11:69:eb:1a:71:9e:04:1e:c3:39:3f:a8:0d:c7:a4:f7:
94:d8:91:5a:86:7a:12:7a:ce:46:ea:7f:e4:3a:5a:5d:49:fa:
d1:8c:62:c7:73:e9:c1:e5:35:c0:04:dc:16:a4:f4:3d:cd:db:
84:5f:3f:5d:91:d0:07:15:e0:9e:12:52:c6:c5:4c:23:71:a2:
bc:0b:02:56:21:df:02:13:36:a3:7c:91:f1:65:72:97:2f:01:
7f:f7:6e:28:13:cb:2f:b1:03:2e:ad:ce:2e:f7:43:3e:4c:2a:
de:b9:32:d8:37:cb:9c:23:90:8a:97:91:25:82:de:93:e6:f8:
32:76:df:95:ac:02:ec:c9:bc:bc:11:b6:1a:54:c3:03:e5:a5:
41:b2:62:b8:f6:69:0a:fb:d3:21:b4:60:ef:9d:fb:79:2d:16:
5d:3b:8f:7b:42:30:ea:a8:3a:49:b9:2f:ee:c4:7d:e2:fd:0e:
7e:ea:bf:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB44j1A7QSCn7pAId/IAqphLjWHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDYwMDAwMDBaFw0yNDEyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNDUwOTMwMWFlMWY5ODIzNWNjZTcwOWRjZmRkMjliZjYzZjEzNmYyNzZj
ZjI5OTY3MjY0NzRkNzY4NzkyMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0YoShEi5OV5m1UoKPVN4wJFp0KuXd8zPMDl8IdNYIDPirFdG4JlKwoSE5s
I2dDr6gKGLzpUopW45HjDUS7Wz757PBAyCx6FZH/UEiphlrsLrx4UfEHlRXbKSJ4
XykaofipGbde/DhGHBpoD0CsfJxcAQDb7iHrjkHY+SpzYTy5WByu21ROJ6s6ODmM
5G00gJ4Ib79JrCD0ZCPw8rE3ZbABaA/69hCwKgdt7qUnU17ZfBDXWkmTOH4+wAJH
06e68ktU+M80m7ICO4fuzThsyzDJ7fe/Mic0fd+TVqiN18FOXGlhkzUseELlPZ1v
GJi4Dp1VXvrMP+aa2l5iC2ZcGxUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmhjEi
ZMurkNvYPy+X6Noo29ok0jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhhOThiOGQtODFhYy00ZTQxLWEwMTItMDg0YmU4OWJlMWNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQB9roE4nim3bWkPIKhDoV0FmzphGmfGR6pc1FMcSIoR
u9cQi4Y5fe2rFOF4Zxa7OjTXbqD3vcldN6LHtDk22bDigBuhyHb4KvbRXhFp6xpx
ngQewzk/qA3HpPeU2JFahnoSes5G6n/kOlpdSfrRjGLHc+nB5TXABNwWpPQ9zduE
Xz9dkdAHFeCeElLGxUwjcaK8CwJWId8CEzajfJHxZXKXLwF/924oE8svsQMurc4u
90M+TCreuTLYN8ucI5CKl5Elgt6T5vgydt+VrALsyby8EbYaVMMD5aVBsmK49mkK
+9MhtGDvnft5LRZdO497QjDqqDpJuS/uxH3i/Q5+6r/C
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org