Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bccdd23d-b92c-4f87-ada7-26de87fddc89.roa
File: bccdd23d-b92c-4f87-ada7-26de87fddc89.roa (raw, json)
Hash identifier: CJV82jG0BbXgy8xq3q/szAmo1+HkqYCCjAJGHFKokGg=
Subject key identifier: 3A:B9:61:3B:A2:C0:E7:9B:47:66:23:B8:38:BD:81:02:8C:DA:D2:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78C66C472F842182B5FF71F223CD811107C46901
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bccdd23d-b92c-4f87-ada7-26de87fddc89.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c6:6c:47:2f:84:21:82:b5:ff:71:f2:23:cd:81:11:07:c4:69:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=610f697972a5111c288c8fba3901d15d77535393c27bd998f47f378739ac8b99, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:b9:4d:92:bb:2f:2b:d0:9a:d9:31:64:a0:
f0:85:84:8e:b9:d0:51:12:ab:ed:01:f6:0a:11:81:
8b:68:3e:46:56:64:76:a3:9c:50:06:da:8a:af:28:
cb:5a:28:1d:8d:07:34:c2:58:80:d6:44:bf:d4:2a:
02:15:f2:ad:72:82:2b:83:18:0f:03:50:82:a8:01:
20:21:91:3f:31:06:1b:d2:27:31:e8:b5:88:6d:a6:
dc:4c:05:19:8c:18:7c:59:01:64:36:fc:7c:dc:64:
66:d6:50:07:a3:aa:76:92:e2:98:8c:3f:5b:c4:af:
92:83:7a:ca:c8:50:ca:d2:11:19:cd:0e:d6:04:f4:
4f:c4:12:fd:f1:39:8f:88:a0:28:35:9a:df:27:8c:
7a:72:27:22:52:72:c4:0f:cc:94:cc:60:34:05:2e:
1f:49:c0:c8:f1:1e:1e:c5:05:0b:78:1d:0c:53:98:
3d:03:f9:c2:05:7f:64:34:25:d9:f6:bd:a0:11:0c:
a7:79:44:67:62:c8:c3:f7:d2:8c:4f:80:33:d3:3e:
b2:7b:e9:b6:f6:e8:dc:23:97:90:cc:40:24:7b:cd:
1d:5b:13:30:6d:93:12:77:15:02:e6:f4:48:0e:07:
89:ab:f8:c1:18:be:74:35:f0:07:be:9b:63:2a:8b:
0b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B9:61:3B:A2:C0:E7:9B:47:66:23:B8:38:BD:81:02:8C:DA:D2:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bccdd23d-b92c-4f87-ada7-26de87fddc89.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9c:59:ef:5e:a1:9d:28:18:c7:b5:4a:c2:6d:d0:b7:43:67:be:
4b:f2:bb:e8:1f:5e:23:84:e4:22:d7:70:af:e7:28:3f:84:97:
9a:78:8a:72:7e:f5:fa:08:77:92:ec:19:55:a2:14:29:cd:7d:
07:c8:9a:6c:e3:8d:32:d2:fe:6e:2b:37:d2:2f:23:45:70:78:
78:54:0a:94:ab:70:eb:6e:9e:97:db:e9:d1:b2:3d:ed:96:ad:
51:7a:a2:08:b9:7a:21:be:bd:f8:e0:9e:94:27:01:b7:9c:79:
98:25:82:cf:5e:fc:82:59:7a:a2:bf:5e:b9:6b:a1:a4:82:c1:
a6:53:60:92:81:bd:d1:28:14:44:d2:92:f5:33:d0:25:a6:33:
3d:0a:b5:04:44:75:bd:ef:49:ee:4e:b0:8e:f4:e0:45:dc:35:
d4:a3:c4:b9:ab:f4:c6:76:1b:55:e1:a4:a4:db:fe:cd:a9:a4:
dd:8c:39:a1:2a:cf:79:ce:73:97:d4:f1:78:dd:17:f0:a9:6c:
47:c6:d7:63:99:32:ad:2e:b3:75:dd:6b:fc:7b:a5:09:7f:28:
65:d2:07:cc:a4:79:ca:03:7c:ae:14:ff:d6:b6:4f:b0:15:9c:
4e:d7:df:d2:11:e1:8c:a3:38:4e:78:85:33:d0:a9:b9:2b:b1:
28:5d:15:36
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeMZsRy+EIYK1/3HyI82BEQfEaQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxMGY2OTc5NzJhNTExMWMyODhjOGZiYTM5MDFkMTVkNzc1MzUzOTNjMjdi
ZDk5OGY0N2YzNzg3MzlhYzhiOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7AuU2Suy8r0JrZMWSg8IWEjrnQURKr7QH2ChGBi2g+RlZkdqOcUAbaiq8o
y1ooHY0HNMJYgNZEv9QqAhXyrXKCK4MYDwNQgqgBICGRPzEGG9InMei1iG2m3EwF
GYwYfFkBZDb8fNxkZtZQB6OqdpLimIw/W8SvkoN6yshQytIRGc0O1gT0T8QS/fE5
j4igKDWa3yeMenInIlJyxA/MlMxgNAUuH0nAyPEeHsUFC3gdDFOYPQP5wgV/ZDQl
2fa9oBEMp3lEZ2LIw/fSjE+AM9M+snvptvbo3COXkMxAJHvNHVsTMG2TEncVAub0
SA4Hiav4wRi+dDXwB76bYyqLC+MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6uWE7
osDnm0dmI7g4vYECjNrSajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmNjZGQyM2QtYjkyYy00Zjg3LWFkYTctMjZkZTg3ZmRkYzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQCcWe9eoZ0oGMe1SsJt0LdDZ75L8rvoH14jhOQi13Cv
5yg/hJeaeIpyfvX6CHeS7BlVohQpzX0HyJps440y0v5uKzfSLyNFcHh4VAqUq3Dr
bp6X2+nRsj3tlq1ReqIIuXohvr344J6UJwG3nHmYJYLPXvyCWXqiv165a6GkgsGm
U2CSgb3RKBRE0pL1M9AlpjM9CrUERHW970nuTrCO9OBF3DXUo8S5q/TGdhtV4aSk
2/7NqaTdjDmhKs95znOX1PF43RfwqWxHxtdjmTKtLrN13Wv8e6UJfyhl0gfMpHnK
A3yuFP/Wtk+wFZxO19/SEeGMozhOeIUz0Km5K7EoXRU2
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org