Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa
File: b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa (raw, json)
Hash identifier: 9QTsgeDmJuZ894fcNRqhMP9ZuzVnX3PiWjqnxnMDiVs=
Subject key identifier: 50:47:0C:D3:4A:DB:29:46:93:B2:34:79:7B:06:52:3F:86:29:9D:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 829BAD1C28D1F7B2A689088DB5F7863D7C90B7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
82:9b:ad:1c:28:d1:f7:b2:a6:89:08:8d:b5:f7:86:3d:7c:90:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=b63d4b053f41381916fac9bbe75b594cf25724bfac79bb97d2881bb1e449a9fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d8:6b:a5:0a:40:11:d9:4b:29:13:7e:5f:d1:
94:14:ab:7b:ee:90:61:52:7d:92:06:63:6a:6d:42:
e3:6d:c8:0b:78:cc:14:f2:81:56:65:38:4e:ae:49:
07:a8:25:26:cb:92:be:03:40:f0:06:d5:d3:2b:35:
21:f6:3a:5e:de:1a:d3:8b:4c:79:7f:a3:eb:64:6c:
30:14:88:ed:fc:0f:f2:34:b7:b3:b9:73:a7:30:69:
99:8f:9b:bd:69:ff:8b:5b:69:44:b9:92:21:d9:57:
b4:bc:63:15:5f:26:13:87:57:2e:69:ec:56:ad:56:
6e:2d:37:53:c3:99:32:c5:6d:11:b1:6d:f2:d1:fb:
a7:67:26:f7:e0:16:05:e4:6f:cd:2d:05:7f:d0:aa:
f4:86:7e:c1:cf:eb:b7:4c:d9:99:5d:7b:ae:43:3c:
27:4c:90:3e:4e:09:d1:ab:4c:ad:74:78:3c:9b:20:
27:7b:a4:40:fc:c6:43:a9:84:04:3e:cc:8b:9f:c6:
3c:2b:f7:86:9e:95:30:a6:4f:fa:a7:5c:07:1c:f7:
11:02:3b:72:23:9d:8f:ac:80:a2:4b:b2:5e:4f:a4:
0e:47:28:b1:6a:46:fb:cb:86:6d:76:39:fd:90:19:
d6:2c:7a:a0:1d:fe:7b:73:f0:24:08:e0:fb:39:2d:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:47:0C:D3:4A:DB:29:46:93:B2:34:79:7B:06:52:3F:86:29:9D:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b88c226f-e19c-4f39-bbb3-1928bd2cdd62.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cf:c7:c2:df:67:05:6f:cd:20:bb:90:79:e3:f7:d7:4c:9d:45:
52:60:60:05:f6:50:f4:da:6e:1f:03:57:6e:ff:09:91:dd:46:
7f:6d:75:84:5c:71:c9:e2:a7:ea:c2:8e:be:32:57:5f:9f:25:
c7:1b:81:6c:3b:c5:cf:65:e1:68:7f:b4:33:52:fb:05:5d:54:
5e:b8:d6:dc:d2:30:76:b6:82:14:81:2b:a6:96:4a:f1:f0:c7:
68:fe:fe:60:13:81:d1:2f:82:71:a9:f7:1a:8c:35:91:46:ee:
51:cd:9d:b0:69:3f:a2:0a:b8:64:98:7e:d6:1a:6a:d8:b8:e8:
aa:f1:ee:5e:de:f5:88:78:19:c7:af:68:05:f7:5f:c1:6e:06:
0f:e2:15:b5:0b:93:19:2c:8e:0d:d0:c8:65:14:43:33:c2:3e:
cb:77:8e:9d:06:f8:57:65:93:ba:70:57:7b:f4:b8:de:a4:cc:
c1:72:80:72:b9:61:13:74:d9:7d:31:92:e2:ec:27:b6:73:ba:
7f:bf:ae:0d:17:57:a1:5f:f1:49:53:90:b4:d9:5a:30:8a:ad:
38:59:81:6b:ab:94:83:e0:4e:89:63:0b:6c:83:df:d8:33:02:
6c:58:ca:af:27:8a:19:09:1e:11:5d:fb:5d:ba:f2:f0:2d:b5:
61:29:cc:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAIKbrRwo0feypokIjbX3hj18kLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2M2Q0YjA1M2Y0MTM4MTkxNmZhYzliYmU3NWI1OTRjZjI1NzI0YmZhYzc5
YmI5N2QyODgxYmIxZTQ0OWE5ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3Ya6UKQBHZSykTfl/RlBSre+6QYVJ9kgZjam1C423IC3jMFPKBVmU4Tq5J
B6glJsuSvgNA8AbV0ys1IfY6Xt4a04tMeX+j62RsMBSI7fwP8jS3s7lzpzBpmY+b
vWn/i1tpRLmSIdlXtLxjFV8mE4dXLmnsVq1Wbi03U8OZMsVtEbFt8tH7p2cm9+AW
BeRvzS0Ff9Cq9IZ+wc/rt0zZmV17rkM8J0yQPk4J0atMrXR4PJsgJ3ukQPzGQ6mE
BD7Mi5/GPCv3hp6VMKZP+qdcBxz3EQI7ciOdj6yAokuyXk+kDkcosWpG+8uGbXY5
/ZAZ1ix6oB3+e3PwJAjg+zktCpcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRQRwzT
StspRpOyNHl7BlI/himdAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjg4YzIyNmYtZTE5Yy00ZjM5LWJiYjMtMTkyOGJkMmNkZDYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQDPx8LfZwVvzSC7kHnj99dMnUVSYGAF9lD02m4fA1du
/wmR3UZ/bXWEXHHJ4qfqwo6+MldfnyXHG4FsO8XPZeFof7QzUvsFXVReuNbc0jB2
toIUgSumlkrx8Mdo/v5gE4HRL4JxqfcajDWRRu5RzZ2waT+iCrhkmH7WGmrYuOiq
8e5e3vWIeBnHr2gF91/BbgYP4hW1C5MZLI4N0MhlFEMzwj7Ld46dBvhXZZO6cFd7
9LjepMzBcoByuWETdNl9MZLi7Ce2c7p/v64NF1ehX/FJU5C02Vowiq04WYFrq5SD
4E6JYwtsg9/YMwJsWMqvJ4oZCR4RXftduvLwLbVhKcx+
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org