Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
File: bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa (raw, json)
Hash identifier: /0EwPJ5mz6gBq/uaRLWfXa7xNjx7a+i+b2vgKJueZL4=
Subject key identifier: E9:AC:F0:AF:43:52:D2:47:1F:00:7E:07:69:DF:DC:D2:0D:F0:F7:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EB1080D717037A86EFC9B07810099DAB28AFCDA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:b1:08:0d:71:70:37:a8:6e:fc:9b:07:81:00:99:da:b2:8a:fc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=25621efb14d5c835fce7013fad0e54952f394887b9fe4432ba7dab376dff106e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b8:f9:f1:f2:96:1d:7a:a5:d8:f2:5d:78:ad:
a3:99:04:83:c8:e6:e3:dc:da:05:b0:a2:03:7d:16:
c2:33:0b:4a:6a:ed:72:f1:e9:40:d5:12:da:26:38:
a8:11:07:58:d8:ba:51:96:39:af:5e:44:14:78:7a:
9c:f0:86:80:f4:1c:a4:66:88:cc:61:72:a8:02:bd:
42:d7:3e:56:40:6b:6c:95:73:40:ba:6a:84:e2:2e:
5d:47:66:f5:c3:79:8d:3b:26:7c:15:ce:4e:75:03:
60:f5:22:78:59:33:4f:f1:63:1f:34:4b:01:bc:e9:
77:6a:8a:8b:e9:a8:e2:8e:1b:1e:52:b8:29:ca:d5:
7d:9a:81:50:b0:75:bd:a2:b5:a2:ad:a3:5f:66:e3:
26:32:df:bb:df:62:c9:8b:b1:d9:39:85:0f:00:6a:
53:66:2c:8a:94:db:54:9d:1a:c1:38:b5:d1:26:ce:
40:e7:74:83:e0:f9:92:f3:20:97:95:f5:2a:43:34:
43:ac:78:13:52:72:9d:ef:29:9c:b9:88:d5:5a:12:
31:b6:e9:19:00:63:ad:cd:b2:70:61:cf:a6:26:b7:
dd:50:f3:7a:83:96:76:b7:db:1b:4c:e3:13:42:46:
8e:98:2d:bf:64:ec:c1:79:b6:7d:9b:4f:d0:27:4b:
4a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AC:F0:AF:43:52:D2:47:1F:00:7E:07:69:DF:DC:D2:0D:F0:F7:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
93:b4:58:3e:a7:16:67:55:41:d8:48:de:2c:44:41:7d:4c:77:
c5:7d:87:1c:df:10:43:ea:5c:9e:ec:af:ce:10:4d:6f:d9:20:
a6:e6:f7:e5:d5:d3:be:51:c7:a6:28:aa:c7:97:bb:15:20:a5:
85:43:16:82:f7:1f:8d:8e:de:60:67:34:cf:36:61:8d:4f:82:
10:5c:c3:84:9b:b1:51:8b:df:9c:da:99:21:f8:32:b4:a9:af:
34:c6:06:e2:54:3b:e1:84:b3:b0:a8:47:b1:dc:1b:8d:aa:94:
f6:74:54:09:a7:28:3e:c4:c2:37:40:4e:1c:cb:4d:31:d4:a3:
61:bd:df:f3:9e:30:6c:07:21:df:99:dc:ce:93:93:d8:1f:8d:
9b:cf:d7:11:08:df:cf:24:04:6b:38:b3:6f:73:aa:96:ee:75:
dd:87:d2:af:6a:63:c4:05:12:20:2c:aa:f8:2f:69:de:d3:d6:
5b:6d:d3:58:fe:ef:07:4e:85:8f:e9:7b:a7:1f:25:af:85:90:
88:50:ea:99:6a:05:6c:64:c6:08:b5:37:30:e5:58:29:ee:a0:
56:b5:00:b9:3d:44:74:df:8f:8c:ec:f7:4c:22:ad:3d:12:b4:
9c:fa:50:07:7c:a3:ba:2f:69:5c:9a:84:1f:17:b0:8e:8e:49:
56:01:c2:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXrEIDXFwN6hu/JsHgQCZ2rKK/NowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NjIxZWZiMTRkNWM4MzVmY2U3MDEzZmFkMGU1NDk1MmYzOTQ4ODdiOWZl
NDQzMmJhN2RhYjM3NmRmZjEwNmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMC4+fHylh16pdjyXXito5kEg8jm49zaBbCiA30WwjMLSmrtcvHpQNUS2iY4
qBEHWNi6UZY5r15EFHh6nPCGgPQcpGaIzGFyqAK9Qtc+VkBrbJVzQLpqhOIuXUdm
9cN5jTsmfBXOTnUDYPUieFkzT/FjHzRLAbzpd2qKi+mo4o4bHlK4KcrVfZqBULB1
vaK1oq2jX2bjJjLfu99iyYux2TmFDwBqU2YsipTbVJ0awTi10SbOQOd0g+D5kvMg
l5X1KkM0Q6x4E1Jyne8pnLmI1VoSMbbpGQBjrc2ycGHPpia33VDzeoOWdrfbG0zj
E0JGjpgtv2TswXm2fZtP0CdLStsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTprPCv
Q1LSRx8Afgdp39zSDfD3czAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmMyZjRmOWYtNjJhYi00ZDUzLTg5NWMtMjI0NjlmNWNiZWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQCTtFg+pxZnVUHYSN4sREF9THfFfYcc3xBD6lye7K/O
EE1v2SCm5vfl1dO+UcemKKrHl7sVIKWFQxaC9x+Njt5gZzTPNmGNT4IQXMOEm7FR
i9+c2pkh+DK0qa80xgbiVDvhhLOwqEex3BuNqpT2dFQJpyg+xMI3QE4cy00x1KNh
vd/znjBsByHfmdzOk5PYH42bz9cRCN/PJARrOLNvc6qW7nXdh9KvamPEBRIgLKr4
L2ne09ZbbdNY/u8HToWP6XunHyWvhZCIUOqZagVsZMYItTcw5Vgp7qBWtQC5PUR0
34+M7PdMIq09ErSc+lAHfKO6L2lcmoQfF7COjklWAcKn
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org