Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9f138a04-74b4-40a4-b21b-04714bb0f86e.roa
File: 9f138a04-74b4-40a4-b21b-04714bb0f86e.roa (raw, json)
Hash identifier: LAFHCIc279faau2qi1RSeFVvdBJvZxsa9iRc2J6CwMc=
Subject key identifier: FE:BB:2B:86:4F:04:7C:FB:37:B2:FA:F9:CA:AB:11:A3:DE:DF:51:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BF2D191254FA23F3186107DDF073D50064DF46D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9f138a04-74b4-40a4-b21b-04714bb0f86e.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:f2:d1:91:25:4f:a2:3f:31:86:10:7d:df:07:3d:50:06:4d:f4:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=d3256e5ce3ea6b4ae72ec46a0452299eaa0f8e4d165b7fb901cf3b4b27ba9d39, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cf:95:7a:55:ac:37:f6:fa:8a:d8:e7:d2:f0:
8c:55:83:d5:0a:67:1c:84:1c:65:22:2a:f9:15:95:
28:47:f1:ce:6d:57:80:ba:71:29:92:63:42:53:83:
5c:62:40:69:18:74:02:ee:e9:09:2d:90:ad:50:e5:
e1:88:8f:29:72:8c:4f:9b:99:20:b1:13:36:ee:fa:
98:a1:62:c6:53:7f:fc:99:57:57:55:2d:d9:a8:b6:
2d:ea:5a:fc:bd:f8:f4:f2:f2:54:15:30:90:58:13:
26:e6:f6:db:e7:24:a7:eb:9e:9e:c5:0a:9f:89:62:
81:5e:2d:18:00:c8:8c:9e:8a:c5:ba:d5:44:1b:31:
c7:1f:d9:61:a2:0f:b8:aa:db:41:f1:25:38:2d:6e:
f6:93:07:ff:cd:a1:bb:0a:07:80:ac:9a:ec:7c:a6:
4c:74:f6:dd:c1:ac:20:32:b5:91:fe:7b:f7:99:6e:
39:35:bb:4a:aa:f7:7f:fe:d8:e4:09:c1:ce:f8:65:
b0:66:16:5b:8b:12:0b:f4:9e:4e:65:e6:6b:fd:f1:
d7:2c:c6:e3:38:ce:fb:86:05:3a:18:e5:58:e8:6e:
b4:14:6b:49:f3:d0:d0:0c:4e:a3:13:68:ea:ef:a1:
0b:65:42:80:07:5b:d1:d9:a9:ff:26:80:4a:68:70:
33:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:BB:2B:86:4F:04:7C:FB:37:B2:FA:F9:CA:AB:11:A3:DE:DF:51:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9f138a04-74b4-40a4-b21b-04714bb0f86e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
d0:fc:08:97:9f:e8:06:54:5b:10:5e:cb:d5:32:22:23:ed:79:
35:29:57:21:27:e2:f3:f7:6c:3e:af:1f:2b:68:6b:dc:20:fe:
1e:bc:d6:9c:05:d3:d4:cf:6d:99:57:f8:de:dd:a0:6e:af:00:
37:df:0c:5e:51:20:1d:9f:28:a7:e1:4b:4b:de:a8:51:e2:03:
d3:d0:f4:2b:9f:9e:5d:95:28:08:d2:93:e8:a2:32:59:5f:13:
dc:7f:8d:a4:2e:05:08:17:68:99:76:25:63:ce:52:ae:fa:4b:
09:10:39:55:bf:4d:65:5a:d9:a4:5a:5f:3d:47:24:d2:8d:f7:
4c:2f:58:3c:b1:8b:56:59:54:b1:8b:e2:1a:8c:b3:38:9d:9b:
af:21:9a:8b:7a:f2:95:ce:e7:f0:e9:74:9e:87:17:9a:e7:53:
1e:e6:9a:24:aa:29:17:10:79:9e:a0:5f:46:25:b7:d2:1b:05:
d3:37:fd:e7:12:09:ae:59:71:d2:bb:bb:b2:aa:9b:e7:c4:e6:
b6:92:37:68:25:a4:96:9d:d8:d3:f7:b1:de:23:89:d0:5f:f3:
89:a0:72:9b:23:12:a7:db:d4:6b:3e:a2:7f:43:a6:51:bd:15:
0f:b0:f7:3f:e3:19:ed:da:10:be:d5:80:5e:87:b3:36:5e:08:
0e:7b:16:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC/LRkSVPoj8xhhB93wc9UAZN9G0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzMjU2ZTVjZTNlYTZiNGFlNzJlYzQ2YTA0NTIyOTllYWEwZjhlNGQxNjVi
N2ZiOTAxY2YzYjRiMjdiYTlkMzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjPlXpVrDf2+orY59LwjFWD1QpnHIQcZSIq+RWVKEfxzm1XgLpxKZJjQlOD
XGJAaRh0Au7pCS2QrVDl4YiPKXKMT5uZILETNu76mKFixlN//JlXV1Ut2ai2Lepa
/L349PLyVBUwkFgTJub22+ckp+uensUKn4ligV4tGADIjJ6KxbrVRBsxxx/ZYaIP
uKrbQfElOC1u9pMH/82huwoHgKya7HymTHT23cGsIDK1kf5795luOTW7Sqr3f/7Y
5AnBzvhlsGYWW4sSC/SeTmXma/3x1yzG4zjO+4YFOhjlWOhutBRrSfPQ0AxOoxNo
6u+hC2VCgAdb0dmp/yaASmhwMy0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT+uyuG
TwR8+zey+vnKqxGj3t9RLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWYxMzhhMDQtNzRiNC00MGE0LWIyMWItMDQ3MTRiYjBmODZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEA0PwIl5/oBlRbEF7L1TIiI+15NSlXISfi8/dsPq8f
K2hr3CD+HrzWnAXT1M9tmVf43t2gbq8AN98MXlEgHZ8op+FLS96oUeID09D0K5+e
XZUoCNKT6KIyWV8T3H+NpC4FCBdomXYlY85SrvpLCRA5Vb9NZVrZpFpfPUck0o33
TC9YPLGLVllUsYviGoyzOJ2bryGai3rylc7n8Ol0nocXmudTHuaaJKopFxB5nqBf
RiW30hsF0zf95xIJrllx0ru7sqqb58TmtpI3aCWklp3Y0/ex3iOJ0F/ziaBymyMS
p9vUaz6if0OmUb0VD7D3P+MZ7doQvtWAXoezNl4IDnsW9g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org