Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: MLIpui69Hs9i0RNiz7JweXfxQRH1x5QVYRd80NiDnk8=
Subject key identifier: 43:97:EB:81:E2:29:4A:D5:31:C9:BB:58:86:44:E3:F8:F8:59:81:D1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43157E44B09D2A1DC161E285B125D0433D7069A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:15:7e:44:b0:9d:2a:1d:c1:61:e2:85:b1:25:d0:43:3d:70:69:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=269c7549818efc282c2cb20ff1398b2424c16f088a7cba9e1c377381a9089a52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d8:9c:48:da:94:c4:b2:c0:fc:bd:d9:08:83:
f4:80:93:59:e3:a0:09:15:62:a0:15:94:a8:3b:c5:
ef:08:67:e0:20:63:46:a9:de:80:78:78:af:97:78:
cb:3f:b8:60:a2:b3:87:38:63:fc:79:9c:54:7b:62:
c9:50:85:38:1f:9f:77:22:2f:e5:a3:81:b1:9d:ac:
d5:75:2e:df:77:a8:8c:69:ad:ef:91:a9:81:61:9e:
9d:3f:e4:a0:15:45:3c:5d:3f:42:34:04:34:34:da:
64:b3:30:c0:0f:75:0f:03:a3:fe:df:f5:88:07:81:
77:0a:5c:56:19:b5:3b:9d:0a:22:76:de:ab:79:b4:
df:ca:7c:d1:b6:0c:2d:41:44:a3:a4:b3:6b:95:e6:
6e:47:a9:95:e7:5d:46:3c:6c:cc:fd:4e:11:06:81:
7e:c8:87:c7:ca:da:c8:84:d1:91:88:50:29:33:bd:
a9:ca:2f:d8:5b:e9:06:b5:b7:d5:0f:d2:62:93:fa:
fc:50:60:b4:95:18:63:ce:16:30:56:0d:6c:28:36:
c0:10:30:e9:8a:00:50:0d:65:51:13:21:46:98:42:
e8:9a:14:37:30:bd:39:bb:e9:fc:01:b8:7c:63:4c:
1c:61:94:96:66:ff:ca:fb:85:cd:bf:0c:89:b2:c9:
42:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:97:EB:81:E2:29:4A:D5:31:C9:BB:58:86:44:E3:F8:F8:59:81:D1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:82:eb:b0:89:81:69:76:73:16:e3:f0:9f:84:bb:f8:b5:c7:
99:90:28:db:d9:12:d3:c4:d1:4c:81:7d:64:72:85:01:17:46:
3a:98:05:d0:54:b3:cd:9d:cf:44:0e:04:50:af:c1:77:16:82:
4d:a2:3b:9f:c4:3e:40:f2:e0:1e:0b:c0:50:71:18:ec:1e:cc:
da:d1:32:a7:81:d0:da:cc:6a:d7:c6:97:9a:50:26:37:f9:67:
97:f6:9b:f6:49:c2:3c:16:42:3d:0d:1b:81:a7:63:d5:6e:a9:
8c:37:e3:1a:8e:5f:d0:fb:b4:63:49:94:e7:f4:dc:46:97:12:
1e:a5:3b:7c:97:c4:6a:64:a9:8b:8a:77:cd:9e:e8:88:c1:f8:
3f:c1:bc:ea:25:1e:70:e2:dc:ea:88:32:78:82:df:57:7c:fc:
ae:00:41:97:40:e7:e8:fe:57:4c:82:69:c5:e5:f2:7f:14:aa:
05:7b:85:96:b6:92:35:3a:b9:11:e7:7e:b8:71:59:03:c0:a1:
4a:57:fa:fe:a3:c7:7b:f3:c7:de:57:f2:28:30:12:6c:25:fa:
f6:ff:8f:6e:ff:58:cd:5d:54:e9:c2:0d:cf:fd:36:f9:1c:f0:
58:ea:a9:77:df:39:31:49:72:88:e8:89:9a:be:bb:43:21:ed:
7b:71:4f:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQxV+RLCdKh3BYeKFsSXQQz1waaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2OWM3NTQ5ODE4ZWZjMjgyYzJjYjIwZmYxMzk4YjI0MjRjMTZmMDg4YTdj
YmE5ZTFjMzc3MzgxYTkwODlhNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXYnEjalMSywPy92QiD9ICTWeOgCRVioBWUqDvF7whn4CBjRqnegHh4r5d4
yz+4YKKzhzhj/HmcVHtiyVCFOB+fdyIv5aOBsZ2s1XUu33eojGmt75GpgWGenT/k
oBVFPF0/QjQENDTaZLMwwA91DwOj/t/1iAeBdwpcVhm1O50KInbeq3m038p80bYM
LUFEo6Sza5XmbkepleddRjxszP1OEQaBfsiHx8rayITRkYhQKTO9qcov2FvpBrW3
1Q/SYpP6/FBgtJUYY84WMFYNbCg2wBAw6YoAUA1lURMhRphC6JoUNzC9Obvp/AG4
fGNMHGGUlmb/yvuFzb8MibLJQnUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRDl+uB
4ilK1THJu1iGROP4+FmB0TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQB7guuwiYFpdnMW4/CfhLv4tceZkCjb2RLTxNFMgX1k
coUBF0Y6mAXQVLPNnc9EDgRQr8F3FoJNojufxD5A8uAeC8BQcRjsHsza0TKngdDa
zGrXxpeaUCY3+WeX9pv2ScI8FkI9DRuBp2PVbqmMN+Majl/Q+7RjSZTn9NxGlxIe
pTt8l8RqZKmLinfNnuiIwfg/wbzqJR5w4tzqiDJ4gt9XfPyuAEGXQOfo/ldMgmnF
5fJ/FKoFe4WWtpI1OrkR5364cVkDwKFKV/r+o8d788feV/IoMBJsJfr2/49u/1jN
XVTpwg3P/Tb5HPBY6ql33zkxSXKI6ImavrtDIe17cU9H
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org