Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa
File: cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa (raw, json)
Hash identifier: 3fX5YyZtQFmFtnnfDfkgmJXgLKfl4/4Jz5HBZVpJMc8=
Subject key identifier: 8D:D4:3B:0B:CF:CA:DE:12:18:71:01:48:47:88:6E:12:6B:DF:8A:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1DEB969B5C2FB0BE8439B33B48CE0E5788568833
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.16.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:eb:96:9b:5c:2f:b0:be:84:39:b3:3b:48:ce:0e:57:88:56:88:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=4e473f6ea1768f3b49607684f19ae891030c3fdbed2c5fb09fc3a4880c9dece6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:6f:c6:0e:31:25:aa:8a:bd:d7:1b:21:28:
91:34:02:e6:e2:52:17:36:5a:ae:1a:04:e3:2c:24:
52:93:e9:e5:11:19:e4:e6:d1:72:76:db:99:5b:3f:
6e:ca:e6:b5:7d:97:e9:ed:75:67:d1:e4:3a:9a:30:
fb:01:c4:af:f3:b3:e2:bc:dc:69:8b:ee:12:b0:cf:
e5:c7:2b:71:24:e2:f2:20:94:8e:27:eb:5c:04:0c:
1f:22:da:bd:a9:09:03:74:53:c1:d8:c1:5f:6f:de:
16:43:80:ed:05:c2:3b:da:f2:3e:cd:99:3a:01:12:
aa:e7:be:5b:81:eb:18:3b:e6:b1:a0:cb:04:6b:b0:
7d:3c:cd:ff:24:c5:b5:e8:9d:09:70:c4:91:94:7f:
a7:1e:b0:f6:47:a1:52:e7:f0:4e:27:2c:6c:53:de:
09:da:3f:fa:4e:c5:3b:bc:6b:6f:00:ce:89:18:f5:
67:5d:51:dc:0d:8e:22:d8:42:b1:ea:93:1e:e1:5e:
1a:70:c3:95:01:cb:ad:3b:33:6f:8c:80:3f:ad:24:
d2:a7:1a:29:3d:65:9c:23:35:f5:c7:d2:f7:cd:1d:
65:99:56:24:05:d0:cc:47:3c:56:a6:fa:2c:ab:45:
98:da:62:af:0b:f5:88:02:d8:d2:4b:31:58:6a:4e:
04:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D4:3B:0B:CF:CA:DE:12:18:71:01:48:47:88:6E:12:6B:DF:8A:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb44d858-7b82-4c47-86cb-b2e623daa8f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d7:f1:f8:f9:e3:28:04:e4:0e:14:15:06:d1:f1:c4:c5:a8:85:
6b:1a:65:76:b1:51:b3:a7:c0:25:da:a8:d1:c3:5b:09:a9:72:
52:94:98:2b:3f:8d:53:c2:f3:56:c9:53:8f:d1:6a:9c:c3:8f:
24:40:af:c8:0c:90:2a:49:00:b3:e1:60:24:9e:13:4b:10:c9:
67:d0:e8:4e:90:b8:0c:1c:b5:30:0d:9c:72:0d:51:11:9c:0a:
0f:13:a4:90:37:c5:39:63:5c:cf:11:cd:90:65:99:15:6e:6b:
f7:bd:8f:cc:6e:c8:f8:a4:d8:41:2d:e3:ee:0c:42:ab:86:7a:
a5:0d:48:f8:0e:f1:d4:45:0a:81:36:1b:09:3b:05:bb:22:04:
66:d8:c6:73:e2:80:8f:56:b1:3b:1b:1f:36:fd:c6:78:3e:dc:
26:a1:ae:e3:fb:29:ad:89:a2:57:13:07:6f:e8:44:92:ab:51:
78:c3:61:ca:42:16:33:f1:85:c5:33:e1:57:90:35:35:17:db:
e4:57:a5:97:8e:fc:71:b8:c1:fb:63:22:27:41:cd:36:56:f0:
77:b4:29:d0:30:cc:ab:76:52:63:65:de:65:be:d5:1d:dc:6b:
b8:14:20:47:69:b4:05:a5:84:03:08:28:5e:dc:58:b0:d1:72:
81:07:50:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHeuWm1wvsL6EObM7SM4OV4hWiDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlNDczZjZlYTE3NjhmM2I0OTYwNzY4NGYxOWFlODkxMDMwYzNmZGJlZDJj
NWZiMDlmYzNhNDg4MGM5ZGVjZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKyb8YOMSWqir3XGyEokTQC5uJSFzZarhoE4ywkUpPp5REZ5ObRcnbbmVs/
bsrmtX2X6e11Z9HkOpow+wHEr/Oz4rzcaYvuErDP5ccrcSTi8iCUjifrXAQMHyLa
vakJA3RTwdjBX2/eFkOA7QXCO9ryPs2ZOgESque+W4HrGDvmsaDLBGuwfTzN/yTF
teidCXDEkZR/px6w9kehUufwTicsbFPeCdo/+k7FO7xrbwDOiRj1Z11R3A2OIthC
seqTHuFeGnDDlQHLrTszb4yAP60k0qcaKT1lnCM19cfS980dZZlWJAXQzEc8Vqb6
LKtFmNpirwv1iALY0ksxWGpOBK0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSN1DsL
z8reEhhxAUhHiG4Sa9+KUTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2I0NGQ4NTgtN2I4Mi00YzQ3LTg2Y2ItYjJlNjIzZGFhOGY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQDX8fj54ygE5A4UFQbR8cTFqIVrGmV2sVGzp8Al2qjR
w1sJqXJSlJgrP41TwvNWyVOP0Wqcw48kQK/IDJAqSQCz4WAknhNLEMln0OhOkLgM
HLUwDZxyDVERnAoPE6SQN8U5Y1zPEc2QZZkVbmv3vY/Mbsj4pNhBLePuDEKrhnql
DUj4DvHURQqBNhsJOwW7IgRm2MZz4oCPVrE7Gx82/cZ4Ptwmoa7j+ymtiaJXEwdv
6ESSq1F4w2HKQhYz8YXFM+FXkDU1F9vkV6WXjvxxuMH7YyInQc02VvB3tCnQMMyr
dlJjZd5lvtUd3Gu4FCBHabQFpYQDCChe3Fiw0XKBB1Aw
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org