Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
File: b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa (raw, json)
Hash identifier: KqMRXermTVw1GvaqhiGmDgOkGs7++VV2KG06zs+gXBY=
Subject key identifier: EC:EF:E8:85:6F:57:75:2B:AC:1B:E7:9B:74:CA:8A:CD:35:EF:99:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D9B676979C0BC4EE83D5BB5A659E688FC582E66
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
Signing time: Fri 15 Nov 2024 00:00:00 +0000
ROA not before: Fri 15 Nov 2024 00:00:00 +0000
ROA not after: Fri 20 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:9b:67:69:79:c0:bc:4e:e8:3d:5b:b5:a6:59:e6:88:fc:58:2e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 00:00:00 2024 GMT
Not After : Dec 20 23:59:59 2024 GMT
Subject: serialNumber=5304a0c6e761fad66cfa141718a8f023eca72abca41f3da01a550b4d63a2bbad, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:c4:82:90:40:b7:5f:84:28:99:28:1e:7c:
b2:91:63:ac:82:ba:c0:9c:87:1e:4d:4a:10:2e:2a:
39:5e:cf:fe:67:9e:ac:12:62:c6:cc:63:7e:50:8c:
5e:5d:86:93:7a:a2:01:01:ec:dc:bc:19:d9:ba:4c:
89:33:88:d1:4b:e6:62:76:a6:e7:35:21:87:02:21:
3c:e4:0d:dd:7c:56:13:4d:b6:1d:b1:ff:f2:11:9b:
c3:bc:d7:87:24:91:c9:0c:96:0e:b3:de:3e:fa:1b:
65:78:f4:ce:14:11:e4:71:18:14:7b:d4:ad:71:4f:
5c:34:56:c8:0b:a0:92:c6:10:ef:48:ab:76:75:0d:
68:98:fa:eb:6c:45:63:a1:de:75:78:c7:21:8b:18:
39:c0:ad:e4:96:8f:0c:ad:2c:73:6b:1f:0e:5e:9c:
97:4e:a4:40:3e:fe:0a:de:5d:34:4f:73:8a:be:f8:
d8:22:78:48:64:9b:7e:83:6a:6e:64:36:da:56:b8:
09:66:80:67:52:d3:55:1c:7b:12:28:e1:d0:0b:52:
be:25:e4:76:b3:42:54:5f:d4:e5:fa:94:5a:36:26:
40:2a:fd:f4:ec:ff:63:56:36:ed:bf:b1:d8:f4:12:
0f:48:e1:57:38:ed:9f:32:b8:f3:d8:ee:ea:62:85:
60:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:EF:E8:85:6F:57:75:2B:AC:1B:E7:9B:74:CA:8A:CD:35:EF:99:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:bb:e9:5b:da:89:1b:7d:5f:91:57:7d:53:81:0a:27:84:45:
06:52:3c:95:bf:6a:2d:cb:b7:a7:de:1f:20:74:47:20:91:64:
17:7d:0d:ef:bb:f8:1e:07:1b:39:5a:7c:b6:cf:2f:2f:2b:b6:
2b:87:2a:ed:c1:45:91:72:ba:77:98:a6:54:b7:87:ad:df:cf:
14:94:81:a9:8c:14:f9:ff:a7:c3:5a:8d:98:b5:74:b1:f3:de:
5f:6d:92:2b:ff:a1:cb:54:84:d0:0a:49:b8:dd:28:96:16:a1:
39:12:7c:84:87:e3:64:75:9d:00:1f:34:90:19:72:c0:ed:5d:
f2:3e:c4:50:ce:62:3c:5d:ae:99:53:9f:29:05:55:5d:1d:e2:
02:c3:a3:38:3d:06:e7:32:00:92:f7:5a:01:da:1b:25:08:59:
45:53:ff:50:8a:03:ab:1c:50:de:45:b3:97:11:1d:27:06:cd:
67:fc:1f:70:d5:b3:3b:7d:71:57:67:7f:c1:93:14:6d:19:5e:
d3:c7:48:a4:3b:5e:a2:76:77:76:e8:90:76:49:50:4b:dd:e6:
a4:60:a6:df:6a:ca:0b:06:5d:37:89:65:89:a1:21:7d:4b:d1:
46:af:f2:94:b7:c6:5b:86:35:61:c5:e8:1c:2e:c1:53:fe:ed:
fb:d1:db:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXZtnaXnAvE7oPVu1plnmiPxYLmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTUwMDAwMDBaFw0yNDEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMDRhMGM2ZTc2MWZhZDY2Y2ZhMTQxNzE4YThmMDIzZWNhNzJhYmNhNDFm
M2RhMDFhNTUwYjRkNjNhMmJiYWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxixIKQQLdfhCiZKB58spFjrIK6wJyHHk1KEC4qOV7P/meerBJixsxjflCM
Xl2Gk3qiAQHs3LwZ2bpMiTOI0UvmYnam5zUhhwIhPOQN3XxWE022HbH/8hGbw7zX
hySRyQyWDrPePvobZXj0zhQR5HEYFHvUrXFPXDRWyAugksYQ70irdnUNaJj662xF
Y6HedXjHIYsYOcCt5JaPDK0sc2sfDl6cl06kQD7+Ct5dNE9zir742CJ4SGSbfoNq
bmQ22la4CWaAZ1LTVRx7Eijh0AtSviXkdrNCVF/U5fqUWjYmQCr99Oz/Y1Y27b+x
2PQSD0jhVzjtnzK489ju6mKFYKMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTs7+iF
b1d1K6wb55t0yorNNe+ZsTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmOGZhODMtNTRmMS00NGNjLWE5MTUtNjI0OWE2ZjZhMjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBku+lb2okbfV+RV31TgQonhEUGUjyVv2oty7en3h8g
dEcgkWQXfQ3vu/geBxs5Wny2zy8vK7YrhyrtwUWRcrp3mKZUt4et388UlIGpjBT5
/6fDWo2YtXSx895fbZIr/6HLVITQCkm43SiWFqE5EnyEh+NkdZ0AHzSQGXLA7V3y
PsRQzmI8Xa6ZU58pBVVdHeICw6M4PQbnMgCS91oB2hslCFlFU/9QigOrHFDeRbOX
ER0nBs1n/B9w1bM7fXFXZ3/BkxRtGV7Tx0ikO16idnd26JB2SVBL3eakYKbfasoL
Bl03iWWJoSF9S9FGr/KUt8ZbhjVhxegcLsFT/u370dub
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org