Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: b3bHg5HE6/7FJrUMAL795P3k0HDSdBxhZC1mYisO8r8=
Subject key identifier: 37:51:D1:6A:A5:F5:46:11:36:D1:9D:8A:46:1B:4D:D6:07:B4:CE:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3EB8F2017F20DE75C4286682EB47BEE22B6EA513
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:b8:f2:01:7f:20:de:75:c4:28:66:82:eb:47:be:e2:2b:6e:a5:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=eafa7ab1f4c8abb917fcd0ec2d0a13fa18016e423a6d711ece0088e4f6ce76bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c7:ab:71:51:d3:c0:87:b6:a5:55:01:0e:cf:
ee:48:a4:b1:10:74:be:95:0d:a2:d1:b4:bc:56:7c:
fc:c5:41:46:6f:ab:e0:4d:5f:52:2b:ff:88:2f:4c:
54:27:c5:89:ad:7f:a9:62:ac:87:2d:3c:20:a0:85:
9e:c3:22:f3:28:d7:3f:1d:8d:aa:a4:74:61:95:72:
b4:33:44:3f:fb:7c:84:23:b3:b9:f6:33:98:3e:19:
55:5c:04:93:b0:2a:4e:ec:80:6f:52:54:11:bd:c0:
fb:7c:fd:93:f5:a2:9c:93:61:74:f7:0f:3b:12:c6:
3a:0d:0d:59:1f:eb:76:c6:27:b2:77:bd:f1:66:9d:
3c:c9:6a:75:c2:0d:2f:0f:11:7b:cc:ff:62:af:9e:
56:87:52:a5:29:18:84:2d:cd:97:ff:b9:6e:00:80:
73:48:26:dd:04:b0:dd:f9:44:91:ea:ef:fa:b9:7f:
09:a1:fd:a7:ea:67:03:a2:b4:a0:3a:e7:7e:46:cd:
c6:ff:bb:31:bb:f2:08:8d:0b:f9:1a:c7:26:f5:75:
9e:5f:57:57:c0:66:2b:ff:14:6a:3c:77:65:77:4d:
6f:9a:0b:d2:e9:fd:da:e9:17:85:25:22:82:8c:82:
58:3e:87:94:25:bf:82:16:d8:ef:59:f9:65:fd:a6:
29:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:51:D1:6A:A5:F5:46:11:36:D1:9D:8A:46:1B:4D:D6:07:B4:CE:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:46:cd:09:94:2a:bb:54:78:4f:66:83:f5:54:6b:f9:ef:37:
02:e4:ec:85:8f:b5:7b:63:22:50:bc:af:ed:3f:a0:13:ef:85:
2a:84:d2:11:49:88:a4:f5:a5:7b:f0:13:36:6e:7e:ba:0c:05:
e1:58:48:f3:7f:4d:5f:37:c6:0c:ec:c5:8d:8f:95:68:48:47:
3e:87:cf:50:33:00:42:0c:00:ac:23:c3:69:9f:d8:45:97:02:
f2:0a:89:0c:d6:88:fc:33:f5:42:ec:5a:bd:b3:05:95:e2:ef:
46:f7:ba:59:26:a3:df:05:00:a5:4b:b7:f2:a8:89:a6:c5:a0:
7b:03:94:75:3a:8d:08:1e:4b:69:8d:47:1b:c5:f6:1e:f3:b8:
0c:74:db:5a:22:74:82:34:73:c0:c5:fb:9f:be:76:f2:3f:f5:
20:7f:1d:32:cc:c4:a3:ef:d9:70:76:2d:3d:33:93:02:a7:fd:
4e:55:7f:31:66:11:cb:46:15:0a:02:3a:f8:88:f2:ed:0e:0d:
fc:5e:0f:4b:e9:c5:b2:9e:05:82:d8:d5:a4:0c:e6:1b:62:08:
58:f7:34:ed:0c:6e:cf:6d:63:0f:bf:db:40:e7:ec:d4:51:38:
e8:8d:7d:c1:2d:60:3b:5e:1b:47:eb:4c:1f:93:13:55:d4:44:
02:08:aa:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPrjyAX8g3nXEKGaC60e+4itupRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVhZmE3YWIxZjRjOGFiYjkxN2ZjZDBlYzJkMGExM2ZhMTgwMTZlNDIzYTZk
NzExZWNlMDA4OGU0ZjZjZTc2YmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/Hq3FR08CHtqVVAQ7P7kiksRB0vpUNotG0vFZ8/MVBRm+r4E1fUiv/iC9M
VCfFia1/qWKshy08IKCFnsMi8yjXPx2NqqR0YZVytDNEP/t8hCOzufYzmD4ZVVwE
k7AqTuyAb1JUEb3A+3z9k/WinJNhdPcPOxLGOg0NWR/rdsYnsne98WadPMlqdcIN
Lw8Re8z/Yq+eVodSpSkYhC3Nl/+5bgCAc0gm3QSw3flEkerv+rl/CaH9p+pnA6K0
oDrnfkbNxv+7MbvyCI0L+RrHJvV1nl9XV8BmK/8Uajx3ZXdNb5oL0un92ukXhSUi
goyCWD6HlCW/ghbY71n5Zf2mKWsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ3UdFq
pfVGETbRnYpGG03WB7TOmjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQByRs0JlCq7VHhPZoP1VGv57zcC5OyFj7V7YyJQvK/t
P6AT74UqhNIRSYik9aV78BM2bn66DAXhWEjzf01fN8YM7MWNj5VoSEc+h89QMwBC
DACsI8Npn9hFlwLyCokM1oj8M/VC7Fq9swWV4u9G97pZJqPfBQClS7fyqImmxaB7
A5R1Oo0IHktpjUcbxfYe87gMdNtaInSCNHPAxfufvnbyP/Ugfx0yzMSj79lwdi09
M5MCp/1OVX8xZhHLRhUKAjr4iPLtDg38Xg9L6cWyngWC2NWkDOYbYghY9zTtDG7P
bWMPv9tA5+zUUTjojX3BLWA7XhtH60wfkxNV1EQCCKqS
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org