Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa
File: ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa (raw, json)
Hash identifier: nsu2h/awVuCMBl2lS+yes+dOIgZ6WBw5guVTvfA9Sw4=
Subject key identifier: A8:92:B1:16:24:65:BD:0D:46:31:D3:65:DA:91:5F:A1:04:5A:B0:15
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FE73109E2E152CC60CAE1AA5FF559C3E271334F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa
Signing time: Tue 12 Nov 2024 00:00:00 +0000
ROA not before: Tue 12 Nov 2024 00:00:00 +0000
ROA not after: Tue 17 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:e7:31:09:e2:e1:52:cc:60:ca:e1:aa:5f:f5:59:c3:e2:71:33:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 12 00:00:00 2024 GMT
Not After : Dec 17 23:59:59 2024 GMT
Subject: serialNumber=3444c3898366462902fa45787433f70a58b2e48916687bd4e4d0cc5d1583099e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:e8:b9:bc:a3:b6:34:b5:e0:f2:55:8f:bf:
80:1c:c1:40:52:6a:a7:c9:6f:66:5f:91:3a:c1:5c:
25:4f:cf:ee:af:80:3f:af:29:c0:5f:ac:2b:25:5b:
72:db:83:b5:64:1b:bd:19:99:5f:af:19:ad:0e:0f:
39:27:97:10:50:73:fe:4c:68:c7:4f:c2:95:c7:a4:
c8:97:88:a3:a5:e4:b1:08:fe:1a:49:be:5a:13:4c:
3f:51:67:25:32:8c:91:cb:ac:63:ca:88:11:9e:e5:
8b:f9:ee:2a:6f:c3:df:90:90:7d:95:51:23:76:d7:
82:c0:df:27:cb:92:a8:78:b1:01:6b:cc:84:69:42:
64:4b:c2:ad:ee:78:10:66:e3:af:1b:75:d0:ba:7e:
51:2f:09:70:cc:1f:91:fc:a3:65:48:be:bc:fe:53:
80:6d:ef:b5:15:3f:b6:ff:f8:bf:7b:f4:cf:7a:df:
b7:d0:56:09:18:d5:bb:5c:f6:91:f1:59:8e:91:66:
d0:93:d2:54:cd:31:3e:15:b9:af:cd:fa:d2:33:e5:
05:53:e8:2f:74:93:1b:4c:cf:23:92:50:cb:6e:a2:
d0:15:a3:b9:30:4d:72:a0:e7:dd:52:ec:32:a1:4c:
19:f7:d1:41:c0:68:9a:3b:61:8a:6d:0e:76:a9:92:
c9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:92:B1:16:24:65:BD:0D:46:31:D3:65:DA:91:5F:A1:04:5A:B0:15
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:e8:f9:14:1b:69:6e:2f:73:fb:f7:4b:77:f6:2e:ad:92:6f:
af:c7:b3:00:ba:e3:d6:f3:94:45:42:2a:29:13:1f:ff:f4:7d:
a5:e3:c4:bc:73:2d:27:aa:ff:7c:a2:6d:d4:28:eb:5f:08:73:
1c:16:83:65:cb:82:33:35:3a:ad:1b:4d:1c:80:1b:f9:36:8d:
63:55:69:c5:34:5e:cf:c9:06:36:52:75:c7:90:9f:3f:9f:fd:
a9:cb:a7:0b:1d:8d:3b:9d:68:e1:19:85:64:bb:94:1b:c5:ee:
57:83:7b:ff:f2:cc:9c:d1:70:49:52:d9:4e:9f:92:79:90:27:
76:41:4e:90:09:d5:a3:28:62:5b:d7:47:85:d4:ab:a1:53:29:
53:48:c5:b3:97:e9:11:cc:ba:ed:c1:74:46:45:d7:e5:c0:c1:
c0:5b:9b:b6:0a:14:13:9c:87:66:15:3d:97:ee:d3:f5:05:41:
d4:19:fe:bd:7f:ad:fb:f7:76:a7:81:a1:94:d3:bf:21:34:3d:
c0:31:d4:6b:31:3a:ba:80:0f:a7:bc:c8:9d:30:71:43:45:50:
68:ce:a7:88:47:ab:c0:e4:b2:ac:fa:d5:8e:70:f4:8f:ea:9c:
f0:24:67:70:08:e7:9d:a0:df:2d:b2:27:7e:e6:d2:9f:8d:6e:
94:e5:bb:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb+cxCeLhUsxgyuGqX/VZw+JxM08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTIwMDAwMDBaFw0yNDEyMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NDRjMzg5ODM2NjQ2MjkwMmZhNDU3ODc0MzNmNzBhNThiMmU0ODkxNjY4
N2JkNGU0ZDBjYzVkMTU4MzA5OWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6t6Lm8o7Y0teDyVY+/gBzBQFJqp8lvZl+ROsFcJU/P7q+AP68pwF+sKyVb
ctuDtWQbvRmZX68ZrQ4POSeXEFBz/kxox0/ClcekyJeIo6XksQj+Gkm+WhNMP1Fn
JTKMkcusY8qIEZ7li/nuKm/D35CQfZVRI3bXgsDfJ8uSqHixAWvMhGlCZEvCre54
EGbjrxt10Lp+US8JcMwfkfyjZUi+vP5TgG3vtRU/tv/4v3v0z3rft9BWCRjVu1z2
kfFZjpFm0JPSVM0xPhW5r8360jPlBVPoL3STG0zPI5JQy26i0BWjuTBNcqDn3VLs
MqFMGffRQcBomjthim0OdqmSyb0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSokrEW
JGW9DUYx02XakV+hBFqwFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2NjNmZlOGYtMWRlOS00ODBjLWFlMDItMmE2MjdlNmIzZTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G
CSqGSIb3DQEBCwUAA4IBAQA/6PkUG2luL3P790t39i6tkm+vx7MAuuPW85RFQiop
Ex//9H2l48S8cy0nqv98om3UKOtfCHMcFoNly4IzNTqtG00cgBv5No1jVWnFNF7P
yQY2UnXHkJ8/n/2py6cLHY07nWjhGYVku5Qbxe5Xg3v/8syc0XBJUtlOn5J5kCd2
QU6QCdWjKGJb10eF1KuhUylTSMWzl+kRzLrtwXRGRdflwMHAW5u2ChQTnIdmFT2X
7tP1BUHUGf69f63793angaGU078hND3AMdRrMTq6gA+nvMidMHFDRVBozqeIR6vA
5LKs+tWOcPSP6pzwJGdwCOedoN8tsid+5tKfjW6U5btM
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org