Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
File: 93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa (raw, json)
Hash identifier: kC3I0XiJ544oGPoraZ7rSPl1fzJH7103Oz7GBsvzNrY=
Subject key identifier: 38:AD:02:FE:15:0A:A4:D8:E7:49:A6:A0:32:77:2D:88:D9:71:5B:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6AEEB3583323285C05848D7133D6D186B5E89F76
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:ee:b3:58:33:23:28:5c:05:84:8d:71:33:d6:d1:86:b5:e8:9f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=60ebba0403737abb12c4b665397f01d2f8a3436f720adbab6024ae2f95c388f9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:22:c3:d4:de:aa:b2:26:83:99:67:f3:66:48:
0d:7c:48:ff:db:cf:31:bc:a0:8a:ca:a6:a8:b0:84:
d7:b8:05:06:28:a6:c3:0f:9d:db:0c:c6:ca:15:bd:
57:ac:ee:1a:4a:0b:85:71:f3:19:bc:12:84:4e:ba:
33:6d:59:54:71:cf:d6:88:f4:a2:bf:18:84:1f:4a:
de:c2:24:a4:fa:6d:2e:2d:be:a0:87:dd:78:e3:a7:
da:50:04:8b:e5:f7:fd:ad:c9:01:ce:3d:18:84:93:
39:b8:72:1e:e2:91:7f:49:3d:cc:53:a9:82:7d:69:
99:b2:d3:99:10:8a:80:35:93:a2:08:f7:b0:e0:a6:
f4:9b:e0:b7:fb:1c:3d:3a:ad:87:96:45:f7:24:e9:
13:e3:12:10:75:2b:d7:26:cb:58:d4:6f:e4:c1:bb:
35:5f:5d:35:0a:0b:97:75:b5:9e:5d:3f:8d:b3:a8:
88:1f:19:18:23:55:0f:2c:d1:1e:cb:54:ee:78:3f:
86:f7:17:8f:44:18:1a:ea:89:7f:ac:6d:37:af:de:
80:00:73:03:6a:f1:82:e9:d5:ec:86:72:ca:97:e6:
c7:d1:dc:a4:3a:5e:9c:2d:bf:5b:0c:cd:8c:b9:f0:
dc:01:c2:83:b9:e3:86:79:62:87:27:de:8b:9c:ff:
46:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AD:02:FE:15:0A:A4:D8:E7:49:A6:A0:32:77:2D:88:D9:71:5B:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:b1:da:7d:98:c5:af:d1:52:b4:fe:61:06:09:fa:26:2d:d5:
1c:c9:e8:61:15:20:e1:e4:ef:b9:95:cb:71:81:f7:29:78:96:
4a:ad:3d:6c:cc:23:7c:c4:86:6d:19:e7:b6:9b:e2:51:2d:19:
11:d5:2e:08:2e:72:4b:dc:1b:ff:62:60:e7:6d:ba:00:cd:eb:
ec:8d:af:ff:a5:8c:83:7c:08:fa:9b:be:2c:14:ae:5e:c1:f3:
47:74:dc:22:7f:f1:f9:31:d4:a4:07:98:50:1d:ef:90:6c:49:
32:0e:c9:e5:f3:b6:5b:c0:65:66:74:52:37:de:1a:91:a1:23:
b8:92:a6:d3:10:ef:a3:c2:cd:2d:c1:d6:e2:62:03:be:9f:94:
26:bc:4e:af:6a:80:a9:61:18:a1:ac:ec:7a:1c:4c:ee:43:6b:
1c:10:30:57:a5:72:e3:73:7b:b5:82:5d:93:54:8e:10:2d:4e:
a7:17:1f:3e:c7:a7:ce:25:21:2c:21:8f:db:e0:5e:32:be:56:
8f:c8:d4:2f:bb:bf:79:15:bc:58:6a:c5:88:a1:cf:84:dd:bb:
f4:b0:55:e1:2e:9c:8e:cc:d3:24:11:cf:ab:6b:3a:14:d8:2c:
8d:51:48:e3:bf:b9:3f:ee:79:08:2b:59:92:6c:c2:42:62:fc:
a3:aa:e1:ac
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUau6zWDMjKFwFhI1xM9bRhrXon3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZWJiYTA0MDM3MzdhYmIxMmM0YjY2NTM5N2YwMWQyZjhhMzQzNmY3MjBh
ZGJhYjYwMjRhZTJmOTVjMzg4ZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgiw9TeqrImg5ln82ZIDXxI/9vPMbygisqmqLCE17gFBiimww+d2wzGyhW9
V6zuGkoLhXHzGbwShE66M21ZVHHP1oj0or8YhB9K3sIkpPptLi2+oIfdeOOn2lAE
i+X3/a3JAc49GISTObhyHuKRf0k9zFOpgn1pmbLTmRCKgDWTogj3sOCm9Jvgt/sc
PTqth5ZF9yTpE+MSEHUr1ybLWNRv5MG7NV9dNQoLl3W1nl0/jbOoiB8ZGCNVDyzR
HstU7ng/hvcXj0QYGuqJf6xtN6/egABzA2rxgunV7IZyypfmx9HcpDpenC2/WwzN
jLnw3AHCg7njhnlihyfei5z/RtkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ4rQL+
FQqk2OdJpqAydy2I2XFbajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTNmYjhjZjctZWI1Yy00YzIyLTg5YWItMWNhYmY5YzlkNTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQB+sdp9mMWv0VK0/mEGCfomLdUcyehhFSDh5O+5lctx
gfcpeJZKrT1szCN8xIZtGee2m+JRLRkR1S4ILnJL3Bv/YmDnbboAzevsja//pYyD
fAj6m74sFK5ewfNHdNwif/H5MdSkB5hQHe+QbEkyDsnl87ZbwGVmdFI33hqRoSO4
kqbTEO+jws0twdbiYgO+n5QmvE6vaoCpYRihrOx6HEzuQ2scEDBXpXLjc3u1gl2T
VI4QLU6nFx8+x6fOJSEsIY/b4F4yvlaPyNQvu795FbxYasWIoc+E3bv0sFXhLpyO
zNMkEc+razoU2CyNUUjjv7k/7nkIK1mSbMJCYvyjquGs
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org