Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e4eace2-a571-49f7-85f6-87ac18344a6e.roa
File: 8e4eace2-a571-49f7-85f6-87ac18344a6e.roa (raw, json)
Hash identifier: UeHrmfQ3VFz2T0A3BkTuFRYQVg2IIyCkHBtFz7tXCOI=
Subject key identifier: 93:8D:56:52:A5:7B:68:53:49:6C:DC:55:3F:A9:E7:D2:04:A0:F9:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59F46F1BD6D4AC866F4F05E740D402C48E7C0037
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e4eace2-a571-49f7-85f6-87ac18344a6e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f4:6f:1b:d6:d4:ac:86:6f:4f:05:e7:40:d4:02:c4:8e:7c:00:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=31e6b8627fde7e1fbb1db566120f8c700e7b67a5bc82d41086ea42ce01e1cebd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:14:d4:fe:32:08:70:d8:8d:c2:f2:b9:5b:3a:
ba:58:63:f5:f4:5c:05:59:b0:51:0c:f2:98:75:e6:
94:59:22:6a:2f:92:fc:ae:8d:31:5d:90:87:5c:3e:
44:68:d6:ee:ed:8c:ae:cb:9a:a7:33:1e:e8:76:13:
f3:eb:5e:3d:20:77:25:bc:49:f6:ce:2b:70:17:5a:
95:86:b6:4b:14:eb:c6:75:db:c0:4d:1e:c2:0f:3d:
ee:c8:f4:cb:a5:e7:fc:12:5f:f3:2d:30:cd:43:71:
22:07:71:06:b3:62:0c:05:57:ba:2e:9d:30:e7:f2:
8d:44:3d:3f:53:1b:b9:b9:9f:22:91:d4:ce:47:4f:
a0:aa:a6:ab:ec:92:88:6c:23:21:aa:a1:37:58:b2:
d6:44:15:f7:6c:c0:36:88:63:8a:6b:b1:dd:33:84:
3d:eb:46:a0:7a:9c:da:8d:32:84:98:14:34:f4:01:
ae:61:6f:ee:07:de:75:dd:49:bb:ed:74:93:1a:17:
89:d7:a7:d8:8e:7f:1d:0e:15:f3:c5:a4:78:f4:dc:
3a:1d:ea:b2:6f:ff:71:b4:29:0d:9e:48:dd:73:7b:
eb:ee:44:c0:b9:d2:15:e6:37:8c:42:38:b2:ae:f6:
e6:57:90:12:5c:c1:73:aa:81:a2:84:d3:b2:ab:bf:
f0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8D:56:52:A5:7B:68:53:49:6C:DC:55:3F:A9:E7:D2:04:A0:F9:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e4eace2-a571-49f7-85f6-87ac18344a6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:82:29:9e:d9:fe:5f:75:8a:fd:b1:53:07:e1:2a:1a:72:ce:
50:ff:98:62:83:fc:3b:c2:7c:eb:d5:24:27:0f:aa:57:c5:47:
39:59:26:5c:e2:10:bb:21:8d:4f:72:54:eb:1e:e7:cd:cf:48:
11:f8:84:58:70:89:de:55:63:1e:d6:77:61:92:17:ed:a4:34:
88:62:95:01:ac:36:ea:08:a8:cd:05:f6:7a:60:b1:7d:96:1e:
28:3a:35:55:f1:d0:aa:fe:97:a1:e6:5f:b2:1e:b8:b8:ce:2c:
d5:9f:6c:aa:08:2d:fa:a2:0b:8a:87:a1:bf:dc:03:87:f5:dd:
4e:37:02:66:95:e2:7f:88:d5:ab:70:79:73:b1:04:f3:af:a7:
28:91:d9:2b:79:b1:56:6c:d9:aa:fd:c3:b0:c9:88:07:48:6b:
bb:de:9b:53:15:c6:ab:66:07:2c:f2:ee:21:56:49:c8:ab:10:
21:ee:67:de:f6:bc:65:53:40:99:b4:e7:86:17:b3:3c:b4:e9:
18:e7:49:c1:d1:e7:c2:84:b4:95:78:ea:27:d0:f2:8f:c1:ae:
e7:77:27:13:0b:90:1c:d9:6e:ab:85:3b:a1:5c:d7:57:c1:f8:
01:a2:0f:80:a3:94:0d:aa:7b:bb:20:fe:da:b3:9c:02:fe:a4:
74:8a:46:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWfRvG9bUrIZvTwXnQNQCxI58ADcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxZTZiODYyN2ZkZTdlMWZiYjFkYjU2NjEyMGY4YzcwMGU3YjY3YTViYzgy
ZDQxMDg2ZWE0MmNlMDFlMWNlYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQU1P4yCHDYjcLyuVs6ulhj9fRcBVmwUQzymHXmlFkiai+S/K6NMV2Qh1w+
RGjW7u2MrsuapzMe6HYT8+tePSB3JbxJ9s4rcBdalYa2SxTrxnXbwE0ewg897sj0
y6Xn/BJf8y0wzUNxIgdxBrNiDAVXui6dMOfyjUQ9P1MbubmfIpHUzkdPoKqmq+yS
iGwjIaqhN1iy1kQV92zANohjimux3TOEPetGoHqc2o0yhJgUNPQBrmFv7gfedd1J
u+10kxoXiden2I5/HQ4V88WkePTcOh3qsm//cbQpDZ5I3XN76+5EwLnSFeY3jEI4
sq725leQElzBc6qBooTTsqu/8NsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTjVZS
pXtoU0ls3FU/qefSBKD5rTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0ZWFjZTItYTU3MS00OWY3LTg1ZjYtODdhYzE4MzQ0YTZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCIgime2f5fdYr9sVMH4Soacs5Q/5hig/w7wnzr1SQn
D6pXxUc5WSZc4hC7IY1PclTrHufNz0gR+IRYcIneVWMe1ndhkhftpDSIYpUBrDbq
CKjNBfZ6YLF9lh4oOjVV8dCq/peh5l+yHri4zizVn2yqCC36oguKh6G/3AOH9d1O
NwJmleJ/iNWrcHlzsQTzr6cokdkrebFWbNmq/cOwyYgHSGu73ptTFcarZgcs8u4h
VknIqxAh7mfe9rxlU0CZtOeGF7M8tOkY50nB0efChLSVeOon0PKPwa7ndycTC5Ac
2W6rhTuhXNdXwfgBog+Ao5QNqnu7IP7as5wC/qR0ikYI
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org