Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa
File: ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa (raw, json)
Hash identifier: QaY6H7ZOUvbLl83nIkngqt2/R3IB6ENOdG3xgLiKeLM=
Subject key identifier: 63:33:40:A9:62:26:8F:87:61:6A:93:D1:F2:34:DB:8F:47:11:D7:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6342852CD59D1C500DE930396D19577A9F6C58A2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:42:85:2c:d5:9d:1c:50:0d:e9:30:39:6d:19:57:7a:9f:6c:58:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=0ce38cf3cbe3f3d02327c94559b67b89a986eed84c7278f48ec2a5bfae6d0b90, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3e:54:c5:95:7f:21:11:1e:75:e1:93:ff:a6:
f2:71:b2:6e:fe:28:83:03:83:24:4c:87:81:e9:11:
54:64:52:d0:77:6f:0c:69:fe:1f:15:b0:90:a0:dc:
a7:da:5f:4b:47:05:99:8e:f9:62:0a:5e:e2:ad:2f:
a2:e4:c4:4b:8a:aa:0b:63:43:f7:77:1d:dc:91:62:
4b:58:4a:39:65:b3:ba:26:71:b0:23:76:7d:c4:5f:
ba:53:6f:b4:cc:1b:38:8e:a6:c1:3b:f5:bc:2f:56:
7a:d0:7c:0b:32:db:b4:ab:92:3a:16:40:b5:79:f2:
eb:44:d2:3d:c8:67:dd:09:c5:e3:0d:f1:14:e0:33:
f4:6c:49:b0:db:a6:e3:50:90:c9:92:ca:34:d4:f8:
d3:fb:0f:46:97:bd:aa:be:36:86:10:ac:50:6c:55:
f0:95:9c:c6:4a:46:63:d5:15:53:6a:a6:06:00:dc:
91:1c:d2:99:1f:ca:02:49:ea:d0:37:4d:6e:26:e4:
e5:a7:40:6d:d8:ee:d6:5c:eb:be:e4:3a:b5:1d:e8:
c9:6d:8d:9b:f4:0d:8b:ab:e5:6c:4b:90:83:51:16:
8b:e8:cb:62:ee:5b:25:5e:a3:bc:ee:97:78:c3:02:
60:b6:95:68:a8:81:ad:b1:12:c5:b2:8c:0a:15:50:
c3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:33:40:A9:62:26:8F:87:61:6A:93:D1:F2:34:DB:8F:47:11:D7:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca0f75ca-e966-4e9d-99ae-b78535acfaf7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
70:03:8d:0a:8f:f0:35:1a:14:d8:8a:92:54:03:fd:7e:8d:35:
fc:a5:85:40:b2:56:4d:dc:4b:7d:5c:0c:f4:27:f8:ab:90:66:
e0:e0:36:a4:45:b4:41:78:1d:d9:8b:f3:7c:48:a4:fe:71:64:
2a:eb:e0:4b:2b:40:0e:67:31:a4:ec:7b:01:78:e3:14:2d:ca:
99:95:9a:e4:91:8e:e9:4f:35:41:7d:60:ec:0e:cd:23:c6:ea:
f9:a4:13:29:e8:73:5b:9c:1c:8a:60:d1:46:d8:5a:d5:12:ca:
2d:e4:ff:55:2f:f6:12:db:af:5e:c7:48:d5:51:2c:5f:76:1b:
97:1d:47:dd:99:4c:a9:65:5d:37:d5:36:a3:8e:a6:4d:0c:f7:
49:1c:fd:9b:6e:e3:18:59:97:a1:2e:38:1a:de:c2:03:fa:b6:
b8:ee:37:a2:19:09:75:98:b9:a4:cd:67:e1:c3:22:c7:5d:4f:
9c:85:ea:dd:95:eb:70:9c:e1:dc:d6:04:18:f9:fa:74:53:14:
17:31:79:61:f8:37:42:3b:4f:2b:f7:8b:45:22:1c:27:b0:fc:
77:6f:e7:80:da:dc:75:e2:b9:e8:48:10:7c:cd:43:9c:67:d8:
c8:d6:e8:bb:34:52:55:19:35:1c:35:d1:38:89:bd:7d:11:e5:
da:83:87:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY0KFLNWdHFAN6TA5bRlXep9sWKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZTM4Y2YzY2JlM2YzZDAyMzI3Yzk0NTU5YjY3Yjg5YTk4NmVlZDg0Yzcy
NzhmNDhlYzJhNWJmYWU2ZDBiOTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJE+VMWVfyERHnXhk/+m8nGybv4ogwODJEyHgekRVGRS0HdvDGn+HxWwkKDc
p9pfS0cFmY75Ygpe4q0vouTES4qqC2ND93cd3JFiS1hKOWWzuiZxsCN2fcRfulNv
tMwbOI6mwTv1vC9WetB8CzLbtKuSOhZAtXny60TSPchn3QnF4w3xFOAz9GxJsNum
41CQyZLKNNT40/sPRpe9qr42hhCsUGxV8JWcxkpGY9UVU2qmBgDckRzSmR/KAknq
0DdNbibk5adAbdju1lzrvuQ6tR3oyW2Nm/QNi6vlbEuQg1EWi+jLYu5bJV6jvO6X
eMMCYLaVaKiBrbESxbKMChVQw5ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRjM0Cp
YiaPh2Fqk9HyNNuPRxHXYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2EwZjc1Y2EtZTk2Ni00ZTlkLTk5YWUtYjc4NTM1YWNmYWY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQBwA40Kj/A1GhTYipJUA/1+jTX8pYVAslZN3Et9XAz0
J/irkGbg4DakRbRBeB3Zi/N8SKT+cWQq6+BLK0AOZzGk7HsBeOMULcqZlZrkkY7p
TzVBfWDsDs0jxur5pBMp6HNbnByKYNFG2FrVEsot5P9VL/YS269ex0jVUSxfdhuX
HUfdmUypZV031TajjqZNDPdJHP2bbuMYWZehLjga3sID+ra47jeiGQl1mLmkzWfh
wyLHXU+cherdletwnOHc1gQY+fp0UxQXMXlh+DdCO08r94tFIhwnsPx3b+eA2tx1
4rnoSBB8zUOcZ9jI1ui7NFJVGTUcNdE4ib19EeXag4cr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org