Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa
File: 9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa (raw, json)
Hash identifier: BpK1tEGKDuPgwWNfuSIMeKto+HrqzhVUtp9HzbPCNHQ=
Subject key identifier: BA:62:7A:2B:91:E6:B3:D1:C7:D5:78:C9:7D:04:6F:9C:7E:BA:63:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3FF9ACBBF20DFA043E2D048A85238A4C4776D50D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f9:ac:bb:f2:0d:fa:04:3e:2d:04:8a:85:23:8a:4c:47:76:d5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=dc310beeecec1422dee4e96ee9aa04e4597d0d2ca1ed2d0db3f14b368c2a7551, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b8:9c:be:73:41:03:47:a2:68:cd:c7:ab:ff:
04:e4:aa:24:ab:41:f5:c9:85:ee:99:2b:67:1d:49:
d4:c2:6c:d4:b9:35:01:b1:1e:45:0a:76:23:a2:00:
19:f2:8a:77:ce:68:01:b5:b7:71:30:4a:5a:0e:95:
cc:10:fc:4f:f5:a4:3a:33:09:0b:33:31:ea:13:e9:
6a:c3:28:1c:02:aa:b9:d1:b3:24:d9:f2:cd:bc:e9:
3f:26:eb:69:9e:b7:fb:ce:58:01:9d:f7:eb:37:3f:
3b:bd:fd:6d:be:e9:b8:f9:c0:09:08:89:6f:22:6d:
ab:f7:59:f7:16:e0:ee:38:72:0c:b5:08:f1:3d:47:
a5:c2:59:5a:5f:58:a6:fd:31:1a:28:1f:cd:24:d9:
aa:df:d9:9f:da:97:21:e1:96:e3:91:6a:20:60:74:
6c:ca:55:0a:7a:c3:a1:e2:bf:98:a5:74:cd:da:b2:
89:d8:7d:00:a8:d4:03:d4:a2:4d:c4:6a:c1:39:15:
2f:f8:95:26:96:ea:3b:e0:b0:d2:7a:3e:cf:04:6d:
a4:4a:76:d9:ae:59:98:ae:45:e8:0a:ff:1b:fd:bc:
9f:d6:81:54:f8:a6:71:e9:0a:04:d5:5b:4f:d9:18:
d6:ae:78:8c:5a:eb:b7:4f:0b:e0:98:8a:28:d6:51:
b9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:62:7A:2B:91:E6:B3:D1:C7:D5:78:C9:7D:04:6F:9C:7E:BA:63:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b3e8478-a5b4-4d3b-b43b-8d6daef39324.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b4:7f:45:8b:3b:8b:8d:e1:d8:d6:45:87:06:ed:f4:86:3e:c1:
85:92:c1:0e:9c:11:be:83:51:9b:6b:da:dd:7f:a1:d2:5e:b4:
47:cc:33:14:cb:80:50:01:f0:f7:58:97:a6:52:f1:6a:a4:36:
74:79:a7:ec:1f:54:eb:62:df:c7:37:f2:d6:7d:7f:ea:b4:69:
0b:45:86:c6:bf:71:64:ae:9b:2c:c0:14:31:bc:81:35:d5:5f:
18:f1:ba:5c:b9:b2:57:41:8a:5c:58:65:d1:82:bf:19:41:28:
4d:f0:9e:cb:9f:e6:54:08:59:73:b7:25:9c:ed:25:37:8a:89:
58:38:46:36:c2:ab:2c:fb:be:42:19:8a:99:58:54:85:82:77:
c4:e3:d1:1b:36:4a:de:11:ca:9b:cb:d7:19:cd:8d:33:54:44:
b8:a5:e0:64:61:1e:19:0e:31:9b:6f:81:1a:30:91:bf:9e:87:
a9:fd:2b:df:3e:3d:09:b2:fc:b4:c9:a9:83:ab:81:95:88:eb:
b7:fe:81:5e:dc:78:90:ce:31:05:12:29:e1:a6:cb:d6:4e:bd:
b8:06:95:93:28:e7:0b:a5:5c:7f:6f:38:48:e1:78:86:a8:6d:
07:88:a8:30:d8:0f:c3:7c:f7:ff:b8:e8:d7:cd:26:77:39:8c:
3a:1f:58:7d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP/msu/IN+gQ+LQSKhSOKTEd21Q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjMzEwYmVlZWNlYzE0MjJkZWU0ZTk2ZWU5YWEwNGU0NTk3ZDBkMmNhMWVk
MmQwZGIzZjE0YjM2OGMyYTc1NTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+4nL5zQQNHomjNx6v/BOSqJKtB9cmF7pkrZx1J1MJs1Lk1AbEeRQp2I6IA
GfKKd85oAbW3cTBKWg6VzBD8T/WkOjMJCzMx6hPpasMoHAKqudGzJNnyzbzpPybr
aZ63+85YAZ336zc/O739bb7puPnACQiJbyJtq/dZ9xbg7jhyDLUI8T1HpcJZWl9Y
pv0xGigfzSTZqt/Zn9qXIeGW45FqIGB0bMpVCnrDoeK/mKV0zdqyidh9AKjUA9Si
TcRqwTkVL/iVJpbqO+Cw0no+zwRtpEp22a5ZmK5F6Ar/G/28n9aBVPimcekKBNVb
T9kY1q54jFrrt08L4JiKKNZRuSECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS6Ynor
keaz0cfVeMl9BG+cfrpjcjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWIzZTg0NzgtYTViNC00ZDNiLWI0M2ItOGQ2ZGFlZjM5MzI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtH9FizuLjeHY1kWHBu30hj7BhZLBDpwRvoNRm2va
3X+h0l60R8wzFMuAUAHw91iXplLxaqQ2dHmn7B9U62Lfxzfy1n1/6rRpC0WGxr9x
ZK6bLMAUMbyBNdVfGPG6XLmyV0GKXFhl0YK/GUEoTfCey5/mVAhZc7clnO0lN4qJ
WDhGNsKrLPu+QhmKmVhUhYJ3xOPRGzZK3hHKm8vXGc2NM1REuKXgZGEeGQ4xm2+B
GjCRv56Hqf0r3z49CbL8tMmpg6uBlYjrt/6BXtx4kM4xBRIp4abL1k69uAaVkyjn
C6Vcf284SOF4hqhtB4ioMNgPw3z3/7jo180mdzmMOh9YfQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org