Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
File: 89aac802-59d0-4631-a004-2a1c6311b27f.roa (raw, json)
Hash identifier: uZoTaNbe8wVQ0Bc/Kyojge2+w8bbMhP1FZPeQ1AWiMc=
Subject key identifier: FE:7C:8C:FA:02:1B:67:2B:6B:81:37:42:3E:91:96:E1:E6:3A:6D:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DB42853B385CA4C2B32062E95AF48B1A5CBC68D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:b4:28:53:b3:85:ca:4c:2b:32:06:2e:95:af:48:b1:a5:cb:c6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=49d56ec616359e61e93151b9d003bb70ebd945348666741e7e2493314570c90f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7d:29:87:a7:75:3f:32:bf:72:f0:70:70:ac:
22:58:ec:2a:5d:bf:0d:96:c0:d2:9a:9a:b4:82:c8:
a3:a8:7c:93:c4:0c:e8:e4:75:79:85:e4:51:5e:aa:
a6:38:07:e2:8b:96:5d:e9:00:58:ca:9c:60:69:33:
e6:d0:30:a4:74:4e:ed:2b:16:b4:29:17:59:fd:50:
7d:b0:e8:8b:62:47:e5:b7:59:5e:36:b6:e3:37:76:
f2:e4:9f:38:30:50:ad:86:84:af:71:07:d6:29:0a:
e4:13:c2:80:a2:cc:ff:72:1c:dc:4b:b6:f6:ed:3b:
d4:26:00:fd:54:68:aa:8b:3c:5d:c1:9b:50:99:47:
d1:c8:90:08:77:4c:18:b2:f8:56:17:57:03:e5:fe:
72:45:65:e9:3a:c9:93:17:e2:0e:71:82:4d:50:49:
98:57:1a:86:52:52:e9:69:b2:ea:ef:83:12:61:8a:
73:3c:c5:fe:d1:23:2a:7c:fd:c3:67:a0:2c:24:70:
ac:46:a2:91:b6:91:b9:6a:67:8c:71:12:69:00:8f:
ee:ec:a2:ce:a5:ec:a0:4c:18:b5:b0:83:1a:c3:30:
95:db:5e:8f:14:41:96:55:e2:31:88:f4:d8:f7:3d:
7c:c6:9b:2d:1b:b1:02:2e:f8:f5:32:96:3d:bd:4e:
aa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7C:8C:FA:02:1B:67:2B:6B:81:37:42:3E:91:96:E1:E6:3A:6D:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/89aac802-59d0-4631-a004-2a1c6311b27f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c0:27:ae:5e:ec:52:30:2c:14:dd:3f:a4:6c:8c:51:ca:c5:22:
98:14:a0:5a:77:54:d0:c6:84:b8:99:97:f2:95:4a:3d:14:06:
80:83:49:2a:7a:eb:f2:9e:ac:66:56:16:b3:50:ae:5d:0d:38:
df:1e:bf:e9:59:d6:6b:cc:10:d1:1d:6d:a9:11:39:f5:e0:7a:
99:06:8e:f1:32:82:64:84:44:16:3f:97:a1:8c:a7:18:84:95:
0f:33:a9:a5:a7:f1:43:62:99:0c:aa:48:29:a8:b9:56:5b:6e:
5c:43:51:ef:f6:36:ed:73:0b:71:8f:85:05:ab:95:74:d9:27:
0f:f2:95:79:a8:d0:dc:dc:e7:22:44:16:aa:fc:f3:c2:9e:c3:
b8:85:e7:43:57:64:44:21:cb:20:68:79:62:21:74:8a:6a:3e:
cb:79:4e:e3:fb:74:36:42:f3:fc:42:c8:49:fa:16:7b:dc:1c:
b2:f8:97:8b:84:81:75:70:cf:d1:db:24:96:6c:5c:44:60:f2:
95:dc:24:17:e5:d4:cf:df:d1:28:b7:7f:53:55:08:c5:92:80:
89:bb:a8:7b:90:52:ba:5e:84:a0:13:fb:05:40:cd:88:bf:4a:
c6:32:57:99:a4:a0:49:dd:8b:e2:da:54:f8:c4:c4:a4:02:d0:
40:59:f7:d8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfbQoU7OFykwrMgYula9IsaXLxo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ZDU2ZWM2MTYzNTllNjFlOTMxNTFiOWQwMDNiYjcwZWJkOTQ1MzQ4NjY2
NzQxZTdlMjQ5MzMxNDU3MGM5MGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKF9KYendT8yv3LwcHCsIljsKl2/DZbA0pqatILIo6h8k8QM6OR1eYXkUV6q
pjgH4ouWXekAWMqcYGkz5tAwpHRO7SsWtCkXWf1QfbDoi2JH5bdZXja24zd28uSf
ODBQrYaEr3EH1ikK5BPCgKLM/3Ic3Eu29u071CYA/VRoqos8XcGbUJlH0ciQCHdM
GLL4VhdXA+X+ckVl6TrJkxfiDnGCTVBJmFcahlJS6Wmy6u+DEmGKczzF/tEjKnz9
w2egLCRwrEaikbaRuWpnjHESaQCP7uyizqXsoEwYtbCDGsMwldtejxRBllXiMYj0
2Pc9fMabLRuxAi749TKWPb1Oqs0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+fIz6
AhtnK2uBN0I+kZbh5jptPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODlhYWM4MDItNTlkMC00NjMxLWEwMDQtMmExYzYzMTFiMjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQDAJ65e7FIwLBTdP6RsjFHKxSKYFKBad1TQxoS4mZfy
lUo9FAaAg0kqeuvynqxmVhazUK5dDTjfHr/pWdZrzBDRHW2pETn14HqZBo7xMoJk
hEQWP5ehjKcYhJUPM6mlp/FDYpkMqkgpqLlWW25cQ1Hv9jbtcwtxj4UFq5V02ScP
8pV5qNDc3OciRBaq/PPCnsO4hedDV2REIcsgaHliIXSKaj7LeU7j+3Q2QvP8QshJ
+hZ73Byy+JeLhIF1cM/R2ySWbFxEYPKV3CQX5dTP39Eot39TVQjFkoCJu6h7kFK6
XoSgE/sFQM2Iv0rGMleZpKBJ3Yvi2lT4xMSkAtBAWffY
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org