Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
File: 9b135dbe-8c68-40c8-9510-c1daab9595af.roa (raw, json)
Hash identifier: U/qiGTm8IZFpgsYS/Nvs6PqCfOxyg7hxGQL0Zh7GWeU=
Subject key identifier: 9A:45:67:3D:55:48:59:A9:AC:1B:81:0F:B7:89:AA:B9:4A:1E:CD:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 571C047B125093817C0B1C0BB99D87EB6E89BAF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:1c:04:7b:12:50:93:81:7c:0b:1c:0b:b9:9d:87:eb:6e:89:ba:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9b0adf4c65795cc74dc7fe823116eba588fdcdef4ef56665deb246400f1e7f9e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ae:e2:6e:6b:98:a6:67:ad:56:0f:26:25:6d:
9c:42:ef:3a:2e:a1:76:4d:ef:69:e5:d9:58:5f:d0:
75:3a:17:63:c0:95:0e:d5:8d:f8:44:35:9c:4c:32:
bf:2a:86:8b:ee:b8:84:53:c8:65:40:83:ec:ae:03:
7a:6e:6d:b8:9c:ba:14:95:67:0a:4d:e3:7a:92:9c:
8d:5e:a9:4f:0b:3c:e2:99:25:05:01:00:d6:3c:0c:
f1:51:82:42:32:88:69:3a:76:bd:fe:ad:8f:01:46:
bb:5c:dd:21:2c:bb:19:9b:b2:97:8f:bd:b5:9d:f4:
7c:8c:a2:39:f3:28:e1:e6:69:81:12:37:23:f7:73:
ec:6f:44:3d:38:e3:86:09:92:e7:af:25:02:bd:8f:
8c:ef:e0:bf:7b:09:dd:b7:6e:e7:3f:67:c2:48:79:
02:9f:e6:f3:27:48:57:16:d9:d3:06:e5:cd:1c:04:
07:7c:dd:a2:d0:42:13:41:98:53:bb:4a:d0:3e:c0:
04:9d:b0:d3:9e:80:fd:cd:73:d8:f8:52:24:60:ae:
9e:68:2d:62:8e:01:d2:d5:29:61:e1:42:81:2f:09:
c8:7a:72:c1:16:7e:d6:1d:5b:b5:77:02:e0:5e:e2:
f7:31:35:14:88:2e:9c:9b:8f:bc:16:99:ae:dc:15:
8a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:45:67:3D:55:48:59:A9:AC:1B:81:0F:B7:89:AA:B9:4A:1E:CD:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:91:87:54:2c:68:b1:48:a9:ee:c1:46:87:c7:00:68:6b:c0:
d0:3e:72:56:95:43:d8:89:96:6e:50:c8:c0:91:1d:55:7f:7b:
7b:e2:1b:47:fc:5c:cb:94:3c:e6:a6:13:69:d3:d5:85:9b:fb:
2f:f8:b0:e6:77:18:82:bc:14:b2:66:23:73:70:db:55:54:df:
1d:93:38:47:2f:66:11:9b:45:76:f5:ba:2d:a2:94:e1:27:95:
f5:a7:c5:6c:61:fa:0f:de:64:36:a1:79:e9:c4:cb:4b:1f:52:
18:03:cc:ca:58:20:b2:57:d0:7b:00:2b:c5:26:1a:40:a7:53:
53:b5:92:52:19:10:be:fb:1f:a8:84:05:d4:99:07:5e:2c:a6:
3b:ab:4b:e6:ec:8a:32:18:53:20:85:d5:0a:ba:c1:db:30:4f:
c2:2e:1d:a3:cd:c3:36:83:02:47:1c:b5:59:77:f4:df:fd:df:
b6:0b:3e:56:63:ec:48:6e:1c:84:32:bf:26:52:7a:62:c6:86:
08:8e:6d:68:28:86:3a:e3:f6:73:a8:4c:ae:b2:ba:3c:66:37:
eb:a2:45:e5:f8:0e:81:67:84:a9:f5:5e:47:04:0c:3b:f8:b0:
41:75:e9:05:32:f5:8b:f4:7e:9e:b1:cd:19:80:89:d4:31:fa:
bb:51:00:0e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVxwEexJQk4F8CxwLuZ2H626JuvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMGFkZjRjNjU3OTVjYzc0ZGM3ZmU4MjMxMTZlYmE1ODhmZGNkZWY0ZWY1
NjY2NWRlYjI0NjQwMGYxZTdmOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGu4m5rmKZnrVYPJiVtnELvOi6hdk3vaeXZWF/QdToXY8CVDtWN+EQ1nEwy
vyqGi+64hFPIZUCD7K4Dem5tuJy6FJVnCk3jepKcjV6pTws84pklBQEA1jwM8VGC
QjKIaTp2vf6tjwFGu1zdISy7GZuyl4+9tZ30fIyiOfMo4eZpgRI3I/dz7G9EPTjj
hgmS568lAr2PjO/gv3sJ3bdu5z9nwkh5Ap/m8ydIVxbZ0wblzRwEB3zdotBCE0GY
U7tK0D7ABJ2w056A/c1z2PhSJGCunmgtYo4B0tUpYeFCgS8JyHpywRZ+1h1btXcC
4F7i9zE1FIgunJuPvBaZrtwVilMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSaRWc9
VUhZqawbgQ+3iaq5Sh7N1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWIxMzVkYmUtOGM2OC00MGM4LTk1MTAtYzFkYWFiOTU5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQCVkYdULGixSKnuwUaHxwBoa8DQPnJWlUPYiZZuUMjA
kR1Vf3t74htH/FzLlDzmphNp09WFm/sv+LDmdxiCvBSyZiNzcNtVVN8dkzhHL2YR
m0V29botopThJ5X1p8VsYfoP3mQ2oXnpxMtLH1IYA8zKWCCyV9B7ACvFJhpAp1NT
tZJSGRC++x+ohAXUmQdeLKY7q0vm7IoyGFMghdUKusHbME/CLh2jzcM2gwJHHLVZ
d/Tf/d+2Cz5WY+xIbhyEMr8mUnpixoYIjm1oKIY64/ZzqEyusro8ZjfrokXl+A6B
Z4Sp9V5HBAw7+LBBdekFMvWL9H6esc0ZgInUMfq7UQAO
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org