Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
File: 7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa (raw, json)
Hash identifier: F99qGc1nievtxUDqKP+WgrfyR2OTVASjSmArt1khOTg=
Subject key identifier: DD:A9:F7:A2:EE:CB:04:D4:EF:95:B5:8E:18:7D:21:10:03:C1:63:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 797970F1CE92124F80D5FFDA17A3779115854804
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:79:70:f1:ce:92:12:4f:80:d5:ff:da:17:a3:77:91:15:85:48:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=33cd1755e3b51cd84809c38161b0737be139192acdea6b2a7e72e5131a524e1b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2f:8d:d7:5e:6a:07:ac:c9:44:6f:8e:ad:99:
5e:cb:6e:91:7c:4d:02:8f:85:08:91:a1:45:fa:2d:
44:db:67:7c:76:b1:3e:32:0f:67:51:09:09:2c:2e:
ca:d2:60:91:b8:d4:d8:e1:2e:d5:5c:ec:31:b1:d8:
74:13:d0:2d:f8:62:16:6d:77:9a:a0:a2:14:54:81:
02:7b:3f:3d:54:32:06:89:5d:02:b2:56:d7:08:f8:
16:77:30:9d:88:e5:80:d7:45:61:7b:6b:88:4d:0f:
2d:cd:cb:eb:6a:92:42:ee:db:5e:a1:b1:3a:fc:59:
43:47:b0:63:77:c5:e9:72:fc:06:44:6d:d1:1a:57:
1e:08:e7:9c:ac:22:f6:8a:1c:98:ce:5d:c5:58:6d:
39:2c:2a:89:e6:36:db:fb:8a:a9:96:85:6c:1c:67:
5a:49:91:fb:09:e8:cb:a3:6c:67:91:cb:39:69:0a:
bf:3f:b8:ad:88:d9:9b:a0:fb:35:ce:f0:95:c1:78:
e5:67:30:18:67:ee:a8:c7:9d:80:94:2e:86:6e:bf:
e0:0e:7e:46:06:70:54:70:da:da:31:eb:28:a7:43:
87:89:16:ee:1e:e6:70:54:4c:26:6b:0a:2c:d6:ba:
66:88:e4:15:10:1a:63:0e:86:f9:09:d5:55:39:3a:
07:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A9:F7:A2:EE:CB:04:D4:EF:95:B5:8E:18:7D:21:10:03:C1:63:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
80:cc:ca:10:f5:f7:44:6a:a6:8d:e0:28:fa:a6:eb:2e:78:a6:
af:e2:67:bd:7a:a7:ed:d4:7c:25:a8:cc:af:70:02:87:62:f0:
80:4e:e9:de:b0:12:e1:ff:cd:80:5f:89:1f:d2:2c:dd:0d:ef:
d6:37:1b:d3:2a:21:a5:a5:18:f1:4e:d7:d0:ad:24:25:a1:6b:
24:7e:07:74:c9:92:62:4a:80:3a:fa:f7:3f:a8:dc:af:42:9f:
8d:52:df:07:ba:66:83:e5:ae:19:dd:0b:1b:68:2e:7e:a5:45:
13:dc:a0:0b:39:48:bd:e4:0d:27:da:93:47:8c:26:d3:de:57:
c5:ef:0e:93:58:3a:a9:4d:78:3d:58:b9:9b:17:ca:be:a6:b4:
5b:84:53:9a:c6:2e:a4:8f:ac:a5:b8:cb:2f:97:ad:99:7d:84:
4e:99:e4:b2:90:33:50:35:87:af:12:c3:b9:05:73:11:d0:19:
2e:76:b9:20:5c:9b:98:23:a7:46:87:e6:48:36:82:d4:5e:b9:
1f:91:01:58:fc:20:c5:c5:5c:69:80:6e:92:1c:c4:a5:50:94:
b7:23:df:56:88:d3:63:a2:c1:b2:87:51:13:99:f6:1d:45:0c:
b7:0c:27:01:7e:be:11:b6:b6:f0:29:3d:61:5f:54:e7:80:49:
a2:ae:15:41
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeXlw8c6SEk+A1f/aF6N3kRWFSAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzY2QxNzU1ZTNiNTFjZDg0ODA5YzM4MTYxYjA3MzdiZTEzOTE5MmFjZGVh
NmIyYTdlNzJlNTEzMWE1MjRlMWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8vjddeagesyURvjq2ZXstukXxNAo+FCJGhRfotRNtnfHaxPjIPZ1EJCSwu
ytJgkbjU2OEu1VzsMbHYdBPQLfhiFm13mqCiFFSBAns/PVQyBoldArJW1wj4Fncw
nYjlgNdFYXtriE0PLc3L62qSQu7bXqGxOvxZQ0ewY3fF6XL8BkRt0RpXHgjnnKwi
9oocmM5dxVhtOSwqieY22/uKqZaFbBxnWkmR+wnoy6NsZ5HLOWkKvz+4rYjZm6D7
Nc7wlcF45WcwGGfuqMedgJQuhm6/4A5+RgZwVHDa2jHrKKdDh4kW7h7mcFRMJmsK
LNa6ZojkFRAaYw6G+QnVVTk6B+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdqfei
7ssE1O+VtY4YfSEQA8FjhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y3NDJiOTEtZGVkNC00ZDhlLWJkMzYtMGIxODdmMjdmYjIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQCAzMoQ9fdEaqaN4Cj6pusueKav4me9eqft1HwlqMyv
cAKHYvCATunesBLh/82AX4kf0izdDe/WNxvTKiGlpRjxTtfQrSQloWskfgd0yZJi
SoA6+vc/qNyvQp+NUt8HumaD5a4Z3QsbaC5+pUUT3KALOUi95A0n2pNHjCbT3lfF
7w6TWDqpTXg9WLmbF8q+prRbhFOaxi6kj6yluMsvl62ZfYROmeSykDNQNYevEsO5
BXMR0BkudrkgXJuYI6dGh+ZINoLUXrkfkQFY/CDFxVxpgG6SHMSlUJS3I99WiNNj
osGyh1ETmfYdRQy3DCcBfr4RtrbwKT1hX1TngEmirhVB
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org