Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0052f73-ff8c-4115-b687-7e589c069d7e.roa
File: b0052f73-ff8c-4115-b687-7e589c069d7e.roa (raw, json)
Hash identifier: 53KMiMdunibVL8BzRDqQcOm/zZAHCCh06T7/b+2Le+8=
Subject key identifier: 16:C7:E4:47:15:0C:59:8B:23:87:8E:62:BD:0D:32:FC:A3:82:E4:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2667034915EB563369552934F014EA21280E58B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0052f73-ff8c-4115-b687-7e589c069d7e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:67:03:49:15:eb:56:33:69:55:29:34:f0:14:ea:21:28:0e:58:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=6a95bdb8ef40a1465f6d84f6d94d745c7d2821e891272d5d68176f7452d94385, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:77:e0:18:9e:f6:e6:1a:6b:9d:64:3e:91:e6:
2b:ff:71:77:88:8b:63:37:e7:fc:c9:61:4d:10:01:
f9:d4:1f:2c:61:b7:bd:15:ab:fd:21:7d:dc:57:22:
6e:40:66:d4:75:10:a5:3c:95:58:c1:fe:8a:42:ab:
66:ea:cc:10:91:0d:5c:52:68:bb:e6:0f:e6:d9:94:
2d:de:dc:e4:ae:16:5b:0b:65:01:53:6d:c8:7a:74:
0d:0d:cb:e0:23:59:a1:fe:c3:c2:6f:5f:b9:d0:98:
8d:a9:55:84:29:33:db:5e:6f:c9:56:e9:9c:3f:0c:
1c:e8:59:c0:87:6e:29:0e:24:09:90:c1:f1:85:e1:
43:31:d4:fb:53:9c:df:dd:6d:40:4a:f3:58:8d:6b:
25:1a:22:df:d1:cf:3f:7c:15:b6:4f:82:fc:65:62:
41:6a:55:53:2e:96:b0:37:38:7c:a8:ac:f0:fa:98:
a3:f0:92:15:d1:ee:fe:d5:62:01:93:6d:9f:4c:58:
ca:36:fb:01:8a:4b:8f:3e:fa:94:4f:61:da:2c:d2:
07:a1:45:fa:6b:f8:3e:72:45:3c:93:9a:4c:27:37:
68:b8:8a:c8:81:a0:99:7c:af:c6:e4:b7:41:5f:a1:
76:46:be:1e:08:70:c9:b1:dd:ea:ee:1c:a1:7d:8e:
8f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C7:E4:47:15:0C:59:8B:23:87:8E:62:BD:0D:32:FC:A3:82:E4:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0052f73-ff8c-4115-b687-7e589c069d7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:50:62:68:d7:da:4d:d7:37:09:63:3d:49:10:65:8e:46:6e:
4c:1d:29:2d:74:ed:d0:82:e1:f4:44:75:5d:4c:46:56:32:12:
50:3c:a5:26:1f:81:24:98:11:d4:5d:95:a2:81:cc:bd:fd:3c:
80:42:16:5c:a5:3a:0a:74:25:d4:c5:d6:1b:00:64:00:27:67:
c4:75:2e:20:93:ef:e2:c0:eb:80:94:66:76:84:fa:37:65:bc:
4a:7d:3a:46:eb:b8:18:74:ee:1d:d7:00:b5:ca:ba:82:3a:bd:
3c:a6:3a:b1:96:c2:e3:98:a2:38:c9:da:66:78:ca:98:17:2d:
d7:44:d9:b7:3b:f5:56:71:96:c9:48:63:2d:e5:ad:06:d6:ee:
0c:87:cb:0a:51:96:9d:8e:b2:2b:b6:52:61:79:a3:5a:4b:bb:
38:9e:50:f0:dc:5b:7e:64:e1:a9:d8:8f:37:d4:b6:72:6b:1d:
ff:3f:c6:22:7a:1a:48:a4:3d:a7:84:e8:96:6b:3c:12:e8:88:
bd:6f:7b:3c:f1:8f:eb:c9:00:ef:82:a6:18:61:8e:2c:e2:93:
2c:23:e1:6c:55:7c:b4:33:2c:ed:1b:6f:b8:b2:b2:39:e4:4b:
c9:56:16:3a:f5:85:82:aa:ea:5a:14:6d:d9:ac:8d:f8:f4:ba:
5f:72:19:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJmcDSRXrVjNpVSk08BTqISgOWLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhOTViZGI4ZWY0MGExNDY1ZjZkODRmNmQ5NGQ3NDVjN2QyODIxZTg5MTI3
MmQ1ZDY4MTc2Zjc0NTJkOTQzODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh34Bie9uYaa51kPpHmK/9xd4iLYzfn/MlhTRAB+dQfLGG3vRWr/SF93Fci
bkBm1HUQpTyVWMH+ikKrZurMEJENXFJou+YP5tmULd7c5K4WWwtlAVNtyHp0DQ3L
4CNZof7Dwm9fudCYjalVhCkz215vyVbpnD8MHOhZwIduKQ4kCZDB8YXhQzHU+1Oc
391tQErzWI1rJRoi39HPP3wVtk+C/GViQWpVUy6WsDc4fKis8PqYo/CSFdHu/tVi
AZNtn0xYyjb7AYpLjz76lE9h2izSB6FF+mv4PnJFPJOaTCc3aLiKyIGgmXyvxuS3
QV+hdka+HghwybHd6u4coX2Oj/sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWx+RH
FQxZiyOHjmK9DTL8o4LknTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjAwNTJmNzMtZmY4Yy00MTE1LWI2ODctN2U1ODljMDY5ZDdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQAXUGJo19pN1zcJYz1JEGWORm5MHSktdO3QguH0RHVd
TEZWMhJQPKUmH4EkmBHUXZWigcy9/TyAQhZcpToKdCXUxdYbAGQAJ2fEdS4gk+/i
wOuAlGZ2hPo3ZbxKfTpG67gYdO4d1wC1yrqCOr08pjqxlsLjmKI4ydpmeMqYFy3X
RNm3O/VWcZbJSGMt5a0G1u4Mh8sKUZadjrIrtlJheaNaS7s4nlDw3Ft+ZOGp2I83
1LZyax3/P8YiehpIpD2nhOiWazwS6Ii9b3s88Y/ryQDvgqYYYY4s4pMsI+FsVXy0
MyztG2+4srI55EvJVhY69YWCqupaFG3ZrI349Lpfchk6
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org