Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
File: a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa (raw, json)
Hash identifier: KtgR+KJkcFVIe7ZoYwckk+ucn+H5g8NuqdM5ZuZIB4M=
Subject key identifier: 5B:0F:55:CF:AE:D8:FE:5F:E3:23:C5:22:4E:A5:B8:5B:7F:9A:0F:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28FEB2A8B642BEB71DFA5FF86F3E5932D8117DFF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:fe:b2:a8:b6:42:be:b7:1d:fa:5f:f8:6f:3e:59:32:d8:11:7d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=76ede5ff9c289af84c4ec273899b5d301fc839868eb8ca18bd92036e8e360ce0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:70:0f:f0:64:88:63:3c:f5:10:81:90:ce:fc:
75:39:a6:db:bf:2b:ca:40:93:a2:49:b5:85:70:82:
86:1c:3d:4f:2f:d8:fb:42:2b:9c:e1:f1:e9:b7:26:
02:95:91:26:25:c8:6b:6a:81:50:c8:23:2d:13:82:
7d:3d:2d:49:84:db:d3:82:b8:cb:2e:d2:84:cb:ad:
43:61:ee:a6:a0:d7:d6:49:d3:36:d2:dd:66:da:90:
15:be:37:29:59:40:d0:d4:36:c8:33:f6:d7:cd:03:
77:46:1d:90:f0:1f:27:6b:78:c6:3a:3f:3a:17:8d:
83:48:d3:bd:31:95:e5:9d:79:58:c3:e5:ea:6d:00:
a4:58:10:7b:2e:6f:db:71:8b:10:52:39:e0:ae:2e:
b5:cd:d0:36:4d:c5:de:35:1c:dc:06:72:f5:99:45:
6c:6d:a8:d5:73:ae:67:94:6a:e4:2d:4a:d7:b4:75:
ac:12:34:d6:23:ad:53:78:0a:0a:74:d0:b1:5a:50:
30:2a:0a:95:08:d2:eb:99:c7:64:80:d8:c7:a0:1c:
64:74:23:44:62:63:91:7f:24:8b:f7:bc:8c:ca:c1:
2d:45:31:13:1e:19:cb:da:a4:37:39:67:b9:34:7b:
fc:3c:cf:43:f1:34:fd:66:90:7a:52:70:fb:73:e2:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:0F:55:CF:AE:D8:FE:5F:E3:23:C5:22:4E:A5:B8:5B:7F:9A:0F:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a17c3105-7086-48e5-a3b7-e8b528c5b9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8b:52:09:4b:5c:7a:99:2a:f4:b3:b1:2e:22:71:ae:cc:98:df:
32:bf:e4:e2:40:d9:f5:a9:42:17:96:73:d5:a3:54:ab:ba:1c:
92:02:9c:75:c9:be:f7:cd:8f:03:ac:2c:1c:90:56:c8:b3:cf:
bc:cd:5f:d5:0d:04:8f:8d:5f:b0:4d:8d:98:d6:c6:de:21:6b:
25:b8:17:81:70:4f:e3:11:1a:d1:ee:a2:c5:1d:cc:43:dd:92:
14:a7:94:1b:0f:0b:4b:90:1f:fe:9b:d4:0e:1d:86:5b:ba:dd:
b8:00:97:35:b5:9b:b9:d2:66:6d:98:32:5b:fa:40:80:38:53:
85:93:bb:7e:67:78:6f:24:ae:3e:76:73:f9:ae:9f:7f:bc:be:
f1:63:be:a6:51:b8:ff:3b:0b:80:2d:52:57:98:be:04:08:80:
9b:d7:0d:4a:25:ba:e7:6f:b7:bf:82:55:48:07:24:cd:b3:c3:
7d:dc:98:5b:76:dc:16:14:59:79:f9:5d:d8:05:cc:d7:c4:f3:
b6:d3:70:bc:fb:f7:31:7c:0d:95:0b:a1:3d:10:c1:ad:a3:1d:
a9:0b:9a:a8:08:bc:cb:ba:41:60:e2:bb:49:0d:cc:b7:b4:9d:
06:9f:76:2c:ec:68:72:7b:8b:77:62:a8:68:3e:ce:0a:a0:85:
aa:c5:e9:64
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKP6yqLZCvrcd+l/4bz5ZMtgRff8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2ZWRlNWZmOWMyODlhZjg0YzRlYzI3Mzg5OWI1ZDMwMWZjODM5ODY4ZWI4
Y2ExOGJkOTIwMzZlOGUzNjBjZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJwD/BkiGM89RCBkM78dTmm278rykCTokm1hXCChhw9Ty/Y+0IrnOHx6bcm
ApWRJiXIa2qBUMgjLROCfT0tSYTb04K4yy7ShMutQ2HupqDX1knTNtLdZtqQFb43
KVlA0NQ2yDP2180Dd0YdkPAfJ2t4xjo/OheNg0jTvTGV5Z15WMPl6m0ApFgQey5v
23GLEFI54K4utc3QNk3F3jUc3AZy9ZlFbG2o1XOuZ5Rq5C1K17R1rBI01iOtU3gK
CnTQsVpQMCoKlQjS65nHZIDYx6AcZHQjRGJjkX8ki/e8jMrBLUUxEx4Zy9qkNzln
uTR7/DzPQ/E0/WaQelJw+3Pi8NUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRbD1XP
rtj+X+MjxSJOpbhbf5oP+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTE3YzMxMDUtNzA4Ni00OGU1LWEzYjctZThiNTI4YzViOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQCLUglLXHqZKvSzsS4ica7MmN8yv+TiQNn1qUIXlnPV
o1SruhySApx1yb73zY8DrCwckFbIs8+8zV/VDQSPjV+wTY2Y1sbeIWsluBeBcE/j
ERrR7qLFHcxD3ZIUp5QbDwtLkB/+m9QOHYZbut24AJc1tZu50mZtmDJb+kCAOFOF
k7t+Z3hvJK4+dnP5rp9/vL7xY76mUbj/OwuALVJXmL4ECICb1w1KJbrnb7e/glVI
ByTNs8N93JhbdtwWFFl5+V3YBczXxPO203C8+/cxfA2VC6E9EMGtox2pC5qoCLzL
ukFg4rtJDcy3tJ0Gn3Ys7Ghye4t3YqhoPs4KoIWqxelk
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org