Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0e4a315-0256-4fb7-917f-d9d79ce0c782.roa
File: b0e4a315-0256-4fb7-917f-d9d79ce0c782.roa (raw, json)
Hash identifier: lPqJbgYGp4Nt5eTYEGFIwfQyrSDRgdrCDnuCwHtd/xE=
Subject key identifier: F0:41:17:70:61:D1:B2:B2:58:44:03:08:C6:14:E1:70:EF:9E:54:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5885C735CA32F64FECCEFBAC480E966034A066F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0e4a315-0256-4fb7-917f-d9d79ce0c782.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:85:c7:35:ca:32:f6:4f:ec:ce:fb:ac:48:0e:96:60:34:a0:66:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5730cb8c3fa8e4674e924c8bcbceb7ddb4b54e65678541818963a7cc59146b7c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e1:91:7f:03:5d:bc:52:74:4e:32:d2:b9:bb:
38:7a:f6:10:0e:df:da:16:11:4a:31:0e:e0:17:42:
ca:0c:17:a5:85:22:0f:0f:bc:62:82:27:74:87:9e:
5d:7b:1f:7b:17:98:b0:cc:47:2e:50:dd:41:e8:96:
9f:d8:e9:6b:f1:42:62:0f:d8:06:5d:03:e1:af:50:
1b:92:66:35:3d:a3:e1:77:3e:43:a0:4d:f2:93:95:
2b:72:a7:85:4f:74:f9:be:89:5d:c9:d0:e7:63:23:
f1:56:8f:bb:33:70:48:7f:e4:ac:99:3b:ac:1b:7f:
f3:37:68:b3:ac:b3:74:c7:d4:f4:2f:c4:e8:7f:67:
b3:3a:d3:fc:03:c2:cb:f1:c7:ba:94:b7:18:ea:1d:
35:46:cc:5d:04:d4:e5:e9:c7:f1:67:5e:a4:91:da:
1b:91:89:23:77:2f:d5:32:f7:ce:08:4c:87:6b:48:
6e:d5:d1:53:b4:26:b5:5e:ef:ee:72:0a:7a:ca:fd:
d9:02:24:99:c7:85:54:98:50:4b:8f:ab:e3:97:66:
4f:59:b1:4c:83:6a:57:ce:36:d1:b3:b4:b9:7d:be:
27:02:30:12:96:6c:fe:ec:8b:e5:94:4d:2c:0b:19:
0d:55:9a:66:1c:d2:40:8b:b8:65:3b:c1:a6:8b:33:
c1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:41:17:70:61:D1:B2:B2:58:44:03:08:C6:14:E1:70:EF:9E:54:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b0e4a315-0256-4fb7-917f-d9d79ce0c782.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:7c:e8:5b:b1:4e:d5:70:95:e3:8d:28:88:99:21:45:ed:ba:
dd:ca:53:d1:c1:99:8b:41:d5:52:39:c1:5f:c8:6b:cf:26:5d:
e6:bd:ad:89:77:53:25:d2:4c:8e:ff:e9:ed:a7:d3:14:8d:35:
b8:c1:ae:0a:8f:57:2b:c5:d6:8d:af:31:e2:8d:c3:b6:14:2f:
84:a6:c3:2e:31:1b:10:7e:20:34:02:06:23:8f:08:d8:5c:81:
67:17:21:60:9f:5d:c9:6c:fa:ff:4e:bd:1c:d8:ce:44:0a:0e:
5d:0f:cf:7c:25:ff:10:1d:c8:aa:7b:09:69:e2:82:c6:2e:5e:
56:ad:c0:9b:ec:c0:ef:b9:fa:83:29:bd:e1:f4:8e:fa:37:70:
1a:de:0d:4a:1f:37:f9:c5:55:fd:1b:83:c5:d2:3a:75:ba:43:
57:9d:ea:98:2f:b7:ef:32:45:ce:49:d7:98:8d:08:01:f8:23:
e4:9d:ed:42:4d:2e:bb:02:56:04:1d:f1:63:37:0a:fb:d8:b2:
57:52:d3:1c:02:ea:d8:83:16:ba:56:4c:20:4f:11:11:90:f3:
6e:a4:44:5d:2d:bf:d6:42:53:8b:99:3e:7f:d5:9e:14:5a:56:
8c:e5:9a:1d:75:18:a3:ca:77:98:d6:cc:4a:83:a6:cc:a3:80:
7a:8a:7a:cb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWIXHNcoy9k/szvusSA6WYDSgZvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3MzBjYjhjM2ZhOGU0Njc0ZTkyNGM4YmNiY2ViN2RkYjRiNTRlNjU2Nzg1
NDE4MTg5NjNhN2NjNTkxNDZiN2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPLhkX8DXbxSdE4y0rm7OHr2EA7f2hYRSjEO4BdCygwXpYUiDw+8YoIndIee
XXsfexeYsMxHLlDdQeiWn9jpa/FCYg/YBl0D4a9QG5JmNT2j4Xc+Q6BN8pOVK3Kn
hU90+b6JXcnQ52Mj8VaPuzNwSH/krJk7rBt/8zdos6yzdMfU9C/E6H9nszrT/APC
y/HHupS3GOodNUbMXQTU5enH8WdepJHaG5GJI3cv1TL3zghMh2tIbtXRU7QmtV7v
7nIKesr92QIkmceFVJhQS4+r45dmT1mxTINqV8420bO0uX2+JwIwEpZs/uyL5ZRN
LAsZDVWaZhzSQIu4ZTvBposzwQ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwQRdw
YdGyslhEAwjGFOFw755UEDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjBlNGEzMTUtMDI1Ni00ZmI3LTkxN2YtZDlkNzljZTBjNzgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQCbfOhbsU7VcJXjjSiImSFF7brdylPRwZmLQdVSOcFf
yGvPJl3mva2Jd1Ml0kyO/+ntp9MUjTW4wa4Kj1crxdaNrzHijcO2FC+EpsMuMRsQ
fiA0AgYjjwjYXIFnFyFgn13JbPr/Tr0c2M5ECg5dD898Jf8QHciqewlp4oLGLl5W
rcCb7MDvufqDKb3h9I76N3Aa3g1KHzf5xVX9G4PF0jp1ukNXneqYL7fvMkXOSdeY
jQgB+CPkne1CTS67AlYEHfFjNwr72LJXUtMcAurYgxa6VkwgTxERkPNupERdLb/W
QlOLmT5/1Z4UWlaM5ZoddRijyneY1sxKg6bMo4B6inrL
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org