Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
File: b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa (raw, json)
Hash identifier: g80UszHHPf5CFqe/tpS9sEYgDc8hllVOSOZhCndVCKQ=
Subject key identifier: 05:B1:44:57:C1:BF:7F:0E:4C:A8:40:82:CB:F5:B0:E7:3C:FE:17:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3187173746DB9CB30B9F459AABFF2A0E2FE6A855
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:87:17:37:46:db:9c:b3:0b:9f:45:9a:ab:ff:2a:0e:2f:e6:a8:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=cc993ebf39b03bda76cb9c5cc27aa367d525f8133930080d0778e2272ad3309b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4e:c8:28:12:36:0d:8d:22:49:cc:97:43:a3:
2b:3e:fa:f8:2e:19:a7:5c:36:b7:3f:56:e5:d3:a3:
e6:ae:04:e3:86:80:65:11:08:20:9e:05:c1:12:64:
7e:81:26:af:3b:65:b9:02:1a:c8:f2:a4:c1:88:2e:
7a:ea:de:8e:cf:21:72:9e:15:6d:b5:7f:33:36:85:
95:75:85:43:d6:46:7c:0f:3a:f3:72:36:e1:da:4f:
0a:bf:8d:8a:32:ab:1b:18:9e:66:f8:66:29:1a:8f:
41:36:d2:cc:3d:42:1a:3c:ed:9e:91:59:4a:5d:08:
4a:a7:97:88:f5:57:e6:54:ce:a3:a1:05:30:de:14:
0d:3c:c6:ad:36:bf:dd:86:95:eb:4a:52:35:5c:8b:
77:59:f4:40:d3:64:c7:9b:f2:73:a5:d2:c7:14:d0:
1a:e1:24:36:26:8a:4a:71:d5:43:dc:45:09:90:4b:
a7:60:ba:31:da:5f:4c:e0:1b:5d:84:89:8e:60:3d:
e5:1a:ca:aa:ed:95:4c:61:9c:77:81:69:01:63:c9:
8a:88:19:7a:b5:a6:5f:97:ca:cb:b7:56:9f:21:f0:
57:12:57:d9:a5:18:4d:5f:7c:ca:de:4b:5f:6b:9a:
81:56:07:22:66:70:46:69:50:9a:c3:f4:3d:68:1d:
3e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B1:44:57:C1:BF:7F:0E:4C:A8:40:82:CB:F5:B0:E7:3C:FE:17:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b540e59d-bfd2-4a72-9bb0-37e848d41cd6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
56:38:ae:97:0b:ec:50:e2:1a:fe:14:72:4f:a8:3e:a7:57:7a:
11:e6:6c:70:58:f1:d1:e4:bd:01:71:4b:bf:76:58:fb:5d:3b:
3e:9f:86:69:55:ac:fa:35:7b:25:09:21:c5:27:2c:d5:a0:a7:
d9:d7:7d:a0:55:3f:fb:78:eb:3c:0a:79:5c:ff:46:f9:93:90:
cf:3b:3b:87:de:de:9b:40:a8:c7:c1:32:d4:58:5d:10:9f:76:
4b:1f:b6:fb:f1:71:c7:64:db:c3:fc:e2:99:ec:e3:e1:97:1e:
d9:96:30:ec:ec:9b:62:ee:d8:f2:02:6f:51:56:d3:d5:43:8d:
13:52:08:5a:d4:44:7a:54:44:db:e8:df:24:db:45:9c:ef:81:
6b:fd:d0:a8:24:68:2f:29:19:01:2e:d0:86:0a:c3:f5:e1:cd:
65:25:11:e0:75:f5:c7:c6:34:ad:1d:59:f0:f4:72:ba:4d:19:
a9:e8:9f:f6:23:d0:49:64:22:86:49:78:3b:aa:38:7f:a2:d7:
77:b4:ac:d7:d9:ff:ca:dc:12:69:56:72:24:9a:f2:de:95:7b:
7b:24:2c:f0:80:36:15:99:a5:17:d3:a5:51:fb:6d:7d:72:80:
af:49:c9:7a:0c:ed:88:b7:5e:a0:e1:d7:44:05:9a:74:15:43:
fa:fe:09:53
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMYcXN0bbnLMLn0Waq/8qDi/mqFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjOTkzZWJmMzliMDNiZGE3NmNiOWM1Y2MyN2FhMzY3ZDUyNWY4MTMzOTMw
MDgwZDA3NzhlMjI3MmFkMzMwOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlOyCgSNg2NIknMl0OjKz76+C4Zp1w2tz9W5dOj5q4E44aAZREIIJ4FwRJk
foEmrztluQIayPKkwYgueurejs8hcp4VbbV/MzaFlXWFQ9ZGfA8683I24dpPCr+N
ijKrGxieZvhmKRqPQTbSzD1CGjztnpFZSl0ISqeXiPVX5lTOo6EFMN4UDTzGrTa/
3YaV60pSNVyLd1n0QNNkx5vyc6XSxxTQGuEkNiaKSnHVQ9xFCZBLp2C6MdpfTOAb
XYSJjmA95RrKqu2VTGGcd4FpAWPJiogZerWmX5fKy7dWnyHwVxJX2aUYTV98yt5L
X2uagVYHImZwRmlQmsP0PWgdPsUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFsURX
wb9/DkyoQILL9bDnPP4XODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjU0MGU1OWQtYmZkMi00YTcyLTliYjAtMzdlODQ4ZDQxY2Q2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBWOK6XC+xQ4hr+FHJPqD6nV3oR5mxwWPHR5L0BcUu/
dlj7XTs+n4ZpVaz6NXslCSHFJyzVoKfZ132gVT/7eOs8Cnlc/0b5k5DPOzuH3t6b
QKjHwTLUWF0Qn3ZLH7b78XHHZNvD/OKZ7OPhlx7ZljDs7Jti7tjyAm9RVtPVQ40T
Ugha1ER6VETb6N8k20Wc74Fr/dCoJGgvKRkBLtCGCsP14c1lJRHgdfXHxjStHVnw
9HK6TRmp6J/2I9BJZCKGSXg7qjh/otd3tKzX2f/K3BJpVnIkmvLelXt7JCzwgDYV
maUX06VR+219coCvScl6DO2It16g4ddEBZp0FUP6/glT
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org