Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: FfxHbNAubo5+oEfGTtALWptP/3BlDSRkYbgqVUSj1oo=
Subject key identifier: 8A:F3:BF:52:0D:A8:A5:32:A8:7A:DB:BB:1F:EF:2C:36:55:67:DE:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1CAC9EA826B0D36D858F77E211BF34680EDC5C9F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:ac:9e:a8:26:b0:d3:6d:85:8f:77:e2:11:bf:34:68:0e:dc:5c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=60d244f7fdf70760b16c0b179aeb40ecdc53b9be5865b24dbd4eff3200621490, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:74:d5:d5:07:c3:a2:75:5c:31:ea:ab:a0:7a:
5c:8a:87:ea:95:7c:14:40:b4:e3:28:c1:55:cd:ec:
d6:60:6b:ce:8a:95:68:e4:78:06:74:46:51:f1:fc:
0b:16:c5:dd:44:4a:34:75:b2:2c:9d:9e:b5:de:72:
0f:d9:b1:fb:c8:b1:98:f0:b3:f7:1b:3c:c3:e8:69:
bf:96:9f:2b:10:f6:3b:a3:b8:53:71:1e:5b:11:8b:
61:83:cf:17:f9:db:0b:86:60:b5:72:5b:36:c8:4b:
be:9c:d4:88:bc:6b:dd:93:a6:fa:72:00:5c:7e:a9:
8f:44:a2:e6:6b:f0:8d:12:3e:9e:9f:c8:56:c2:43:
ae:04:f3:27:e2:cf:35:77:f6:b9:9e:d8:2f:5e:29:
10:f9:3d:42:95:2b:b1:50:f4:4a:50:db:39:21:79:
d4:4d:ad:8a:62:eb:29:67:bf:22:5c:4f:3e:bc:fb:
48:55:87:6f:d5:bd:2d:79:bf:4c:33:93:d8:4c:25:
1e:30:6c:fb:8f:fe:79:6e:d7:bd:95:56:54:34:8f:
11:b8:c2:9d:40:9d:df:98:0c:32:86:56:d6:b5:b5:
fe:11:47:cc:b8:f5:0e:48:6d:09:7e:09:06:40:79:
78:76:2d:39:03:4c:89:00:c8:ea:6f:b1:27:cf:a1:
95:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F3:BF:52:0D:A8:A5:32:A8:7A:DB:BB:1F:EF:2C:36:55:67:DE:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:49:1f:f6:81:aa:f2:17:f3:7c:b0:2d:20:4a:27:0d:f9:bc:
91:d7:e0:e3:e8:b2:5a:7d:74:12:19:06:60:08:45:ec:c8:ca:
30:02:4b:e2:43:ef:26:34:d0:d4:e8:b9:e2:e9:e8:c2:d8:25:
60:fe:62:11:bd:de:de:e2:cc:c4:6c:8e:cc:bd:f9:cf:40:e6:
d5:bb:ee:44:08:5a:91:ad:c0:52:f7:c6:36:68:df:1a:5b:02:
25:d4:81:11:bf:1b:fe:8b:1a:b1:0a:e0:6a:e9:15:1d:38:42:
92:f0:94:18:0d:ba:b5:23:00:ca:df:8a:44:be:3b:87:dd:57:
16:29:2d:f5:f8:fc:4f:9c:bb:98:80:7e:b8:4f:78:51:48:09:
38:48:b6:38:a2:ad:37:e7:b0:37:98:27:f6:ba:a2:77:4b:d8:
32:df:d3:99:b1:17:2f:7e:58:d6:8d:a8:8d:4e:5d:24:53:07:
2f:b9:7e:ff:34:40:19:16:c9:c9:9a:ea:07:ac:88:27:44:bb:
ce:ed:f4:fd:94:6d:dd:38:95:9b:13:27:24:9c:e6:dd:a8:3b:
48:b9:db:96:29:f8:36:c1:61:77:0c:92:d7:6b:f3:e9:03:70:
9d:0e:f9:76:15:b2:6f:5c:7f:fc:cc:9f:f4:df:5e:38:58:9f:
cd:6d:dd:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHKyeqCaw022Fj3fiEb80aA7cXJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZDI0NGY3ZmRmNzA3NjBiMTZjMGIxNzlhZWI0MGVjZGM1M2I5YmU1ODY1
YjI0ZGJkNGVmZjMyMDA2MjE0OTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMh01dUHw6J1XDHqq6B6XIqH6pV8FEC04yjBVc3s1mBrzoqVaOR4BnRGUfH8
CxbF3URKNHWyLJ2etd5yD9mx+8ixmPCz9xs8w+hpv5afKxD2O6O4U3EeWxGLYYPP
F/nbC4ZgtXJbNshLvpzUiLxr3ZOm+nIAXH6pj0Si5mvwjRI+np/IVsJDrgTzJ+LP
NXf2uZ7YL14pEPk9QpUrsVD0SlDbOSF51E2timLrKWe/IlxPPrz7SFWHb9W9LXm/
TDOT2EwlHjBs+4/+eW7XvZVWVDSPEbjCnUCd35gMMoZW1rW1/hFHzLj1DkhtCX4J
BkB5eHYtOQNMiQDI6m+xJ8+hlZ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSK879S
DailMqh627sf7yw2VWfeKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQBqSR/2garyF/N8sC0gSicN+byR1+Dj6LJafXQSGQZg
CEXsyMowAkviQ+8mNNDU6Lni6ejC2CVg/mIRvd7e4szEbI7MvfnPQObVu+5ECFqR
rcBS98Y2aN8aWwIl1IERvxv+ixqxCuBq6RUdOEKS8JQYDbq1IwDK34pEvjuH3VcW
KS31+PxPnLuYgH64T3hRSAk4SLY4oq0357A3mCf2uqJ3S9gy39OZsRcvfljWjaiN
Tl0kUwcvuX7/NEAZFsnJmuoHrIgnRLvO7fT9lG3dOJWbEycknObdqDtIuduWKfg2
wWF3DJLXa/PpA3CdDvl2FbJvXH/8zJ/03144WJ/Nbd24
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org