Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
File: 935d325c-d62b-4e93-873c-47222d71e32c.roa (raw, json)
Hash identifier: CvEgD7U2yjjCbW/uu/Qcmd4WWds96ifkegXpBRW+VAM=
Subject key identifier: 74:F8:29:93:F0:C4:69:E5:12:26:67:54:29:CC:B9:E6:83:CC:18:CD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7EE6FAEF0B93CA376605256BEA8BF53879A70B2D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:e6:fa:ef:0b:93:ca:37:66:05:25:6b:ea:8b:f5:38:79:a7:0b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=c2c75136e7583e752a37c545b201b1c84329914a1efb490d49763a8925a4daee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bf:20:00:b7:eb:5a:3a:b5:de:2f:f7:8d:51:
39:30:d8:e2:27:0b:7d:80:51:ed:28:81:02:f1:35:
4b:27:f2:67:07:37:75:36:a7:db:08:38:0b:60:04:
9d:5b:98:5b:d5:cd:12:15:ed:4a:e9:94:69:ef:d7:
23:5d:91:dd:04:ea:58:87:da:b7:a8:eb:ab:bf:7d:
1b:d3:ab:fc:1c:ce:4b:5a:c5:09:9b:1d:9f:6e:fa:
c4:43:1c:df:a4:b2:16:2a:b8:af:cd:ee:ce:2c:83:
7e:ab:06:a0:1a:b4:8e:ab:e8:53:69:9b:75:38:b7:
65:e2:88:ec:ae:f0:12:c2:d6:2d:4a:a5:70:c1:57:
79:4a:b8:2c:e4:6c:2c:77:b7:3d:80:99:af:11:b0:
97:7c:b4:90:ba:4e:50:df:59:84:90:61:a2:b0:7e:
cb:37:6e:65:14:c3:64:15:d9:ce:8b:29:36:f9:55:
b3:05:86:04:29:5c:01:be:a4:a1:54:f0:18:9b:f0:
da:d2:5b:07:71:79:d6:09:10:de:eb:0b:f0:63:88:
f2:fd:8b:85:cf:d5:48:c1:08:91:69:46:6e:75:9e:
1c:ec:07:b8:a7:e9:e4:a7:2e:af:20:18:03:34:52:
71:42:b6:df:ea:f0:0f:e6:0e:e8:19:bf:e8:54:b6:
fe:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F8:29:93:F0:C4:69:E5:12:26:67:54:29:CC:B9:E6:83:CC:18:CD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/935d325c-d62b-4e93-873c-47222d71e32c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
14:66:2d:a8:55:99:ca:20:d7:e7:ee:dc:82:f7:1a:1b:15:dd:
c8:40:56:ff:f5:11:ac:6f:75:03:45:c3:2c:a1:94:08:59:4a:
04:a8:1a:99:15:a2:c4:6d:14:08:87:cf:1c:d2:b8:90:51:8f:
1d:f8:a6:89:76:64:16:8d:db:a6:71:33:73:5e:e0:0e:a4:93:
b0:1f:86:4d:8d:9d:43:4c:0b:0d:00:e1:07:e6:51:2f:c3:a3:
e4:09:ea:53:b7:8a:ab:1e:ce:6e:ce:89:e1:0b:9a:90:8c:52:
32:e8:3f:7e:51:cc:e1:da:a1:cf:45:c7:cf:9a:4e:35:be:5f:
54:b4:d6:67:62:89:93:ec:a6:c8:f7:a1:14:7b:f3:e3:c7:96:
0d:66:04:4c:b3:21:e1:3c:8c:9e:2d:dc:db:de:4c:c2:c3:9a:
e9:ad:e0:08:6f:5c:3a:83:f9:09:0e:ec:7d:2d:bf:bd:0f:39:
7e:ba:f9:bf:63:5d:f0:d8:2d:ae:61:b0:17:b1:2f:fc:f4:56:
fd:2c:72:14:4a:8e:1b:00:37:9f:cd:0c:ff:94:c6:32:fb:4f:
5e:b2:b6:38:e0:36:ed:81:f7:37:af:96:4e:7c:a0:a5:2c:52:
2d:dc:35:62:c9:9a:4e:76:60:ac:66:95:ae:8f:8b:1f:08:f0:
b9:bb:25:d2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfub67wuTyjdmBSVr6ov1OHmnCy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyYzc1MTM2ZTc1ODNlNzUyYTM3YzU0NWIyMDFiMWM4NDMyOTkxNGExZWZi
NDkwZDQ5NzYzYTg5MjVhNGRhZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJG/IAC361o6td4v941ROTDY4icLfYBR7SiBAvE1SyfyZwc3dTan2wg4C2AE
nVuYW9XNEhXtSumUae/XI12R3QTqWIfat6jrq799G9Or/BzOS1rFCZsdn276xEMc
36SyFiq4r83uziyDfqsGoBq0jqvoU2mbdTi3ZeKI7K7wEsLWLUqlcMFXeUq4LORs
LHe3PYCZrxGwl3y0kLpOUN9ZhJBhorB+yzduZRTDZBXZzospNvlVswWGBClcAb6k
oVTwGJvw2tJbB3F51gkQ3usL8GOI8v2Lhc/VSMEIkWlGbnWeHOwHuKfp5KcuryAY
AzRScUK23+rwD+YO6Bm/6FS2/tcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0+CmT
8MRp5RImZ1QpzLnmg8wYzTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTM1ZDMyNWMtZDYyYi00ZTkzLTg3M2MtNDcyMjJkNzFlMzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQAUZi2oVZnKINfn7tyC9xobFd3IQFb/9RGsb3UDRcMs
oZQIWUoEqBqZFaLEbRQIh88c0riQUY8d+KaJdmQWjdumcTNzXuAOpJOwH4ZNjZ1D
TAsNAOEH5lEvw6PkCepTt4qrHs5uzonhC5qQjFIy6D9+Uczh2qHPRcfPmk41vl9U
tNZnYomT7KbI96EUe/Pjx5YNZgRMsyHhPIyeLdzb3kzCw5rpreAIb1w6g/kJDux9
Lb+9Dzl+uvm/Y13w2C2uYbAXsS/89Fb9LHIUSo4bADefzQz/lMYy+09esrY44Dbt
gfc3r5ZOfKClLFIt3DViyZpOdmCsZpWuj4sfCPC5uyXS
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org