Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa
File: ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa (raw, json)
Hash identifier: H9rHyCWSkWDXrLMoHBqhqlTKVQGikoJbDOfN25XX0nk=
Subject key identifier: 20:F9:A1:CB:3C:9E:14:3B:FA:AB:B1:EB:AE:3D:92:A8:87:17:DD:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F8AA932053AA71FD32AB9701E4142AC71F03F54
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa
Signing time: Tue 27 Aug 2024 00:00:00 +0000
ROA not before: Tue 27 Aug 2024 00:00:00 +0000
ROA not after: Tue 01 Oct 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:8a:a9:32:05:3a:a7:1f:d3:2a:b9:70:1e:41:42:ac:71:f0:3f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 27 00:00:00 2024 GMT
Not After : Oct 1 23:59:59 2024 GMT
Subject: serialNumber=d40fba14a87de1adf56ab08c4488d2a33f9bb1be9e234fc0c2bdb233f6f5f4c9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:61:e2:0e:3d:b6:0f:94:e7:df:d4:a9:15:e6:
f4:cb:c3:56:0f:b0:5b:30:a5:8f:1c:a9:61:f8:8d:
d0:32:65:fb:5d:bd:b9:c0:e9:96:af:d9:dc:01:e1:
63:52:3b:24:a8:f3:30:1c:99:70:93:16:2f:f5:09:
54:16:de:ce:cd:91:6d:f8:14:53:3e:4c:22:1f:66:
93:23:23:ae:1a:82:c1:d0:c6:72:56:d3:08:12:18:
39:f0:29:83:e3:93:df:38:ae:4a:78:15:d0:69:b1:
3e:7f:ce:5e:a6:43:2b:e5:c2:4f:ff:d8:c1:37:2b:
5b:7b:08:4b:b8:dd:c8:b6:2e:b7:9c:f1:77:98:ce:
98:cb:4c:1d:87:50:ed:81:9a:bf:27:73:12:11:a4:
8b:eb:aa:dc:35:c4:8a:52:d9:8d:db:51:19:dc:d7:
ab:6d:49:48:9b:99:a9:5a:f0:ff:5b:ba:7a:55:3a:
31:07:8a:83:e8:51:d9:0f:02:a7:fe:65:6f:91:bc:
95:31:aa:d4:b8:27:bb:a3:93:72:e1:be:e4:88:98:
b6:df:e5:c3:1b:76:05:25:b6:d5:22:f7:50:a5:5c:
1f:d2:a1:9e:80:fa:9f:14:e2:18:41:b7:86:cf:c7:
e7:6c:c9:6b:9a:c6:08:fa:18:7a:e6:cd:d7:50:f7:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F9:A1:CB:3C:9E:14:3B:FA:AB:B1:EB:AE:3D:92:A8:87:17:DD:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ccc6fe8f-1de9-480c-ae02-2a627e6b3e4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:b2:89:0e:88:e9:1a:44:b1:d8:64:c9:f7:e9:86:32:43:96:
9d:f2:25:0b:1d:7b:74:fc:05:bc:13:49:f3:4e:c2:a1:4d:f3:
1e:c3:f5:dd:62:46:42:de:b1:af:6d:86:1e:45:d7:dc:26:55:
0b:f4:18:86:08:1e:64:9c:31:73:46:92:80:60:a3:cb:4f:6e:
62:6e:cc:bc:13:20:a5:c1:57:79:f5:5e:bb:e0:f3:f3:2d:6f:
21:97:f2:be:8f:4b:94:9a:29:4e:29:d3:c6:0a:42:03:10:a4:
d2:01:98:7b:b5:11:38:10:28:48:d7:9d:e9:b4:3d:d7:c5:55:
cb:b1:c5:93:74:5d:bb:e5:66:36:25:7a:42:f1:72:ab:6a:d2:
0a:b3:6f:26:ae:6a:c4:17:96:41:d6:22:27:89:d4:9c:b6:9a:
2a:1b:58:ef:9a:6e:1c:c8:5a:f4:5e:1d:6e:a7:a0:67:b9:1d:
d9:c8:b8:67:47:ad:36:5b:53:a7:0d:9f:de:e1:d7:59:f6:e1:
43:42:e2:0a:85:2c:17:2b:77:e8:df:42:b9:1b:73:6f:9c:80:
67:ea:d2:45:66:35:0d:3e:f3:9c:f1:a4:f4:9a:69:dd:3d:a1:
1a:11:4e:ec:46:8c:60:a3:61:97:77:02:9b:a0:c5:0d:57:70:
d6:d5:f9:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL4qpMgU6px/TKrlwHkFCrHHwP1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA4MjcwMDAwMDBaFw0yNDEwMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0MGZiYTE0YTg3ZGUxYWRmNTZhYjA4YzQ0ODhkMmEzM2Y5YmIxYmU5ZTIz
NGZjMGMyYmRiMjMzZjZmNWY0YzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFh4g49tg+U59/UqRXm9MvDVg+wWzCljxypYfiN0DJl+129ucDplq/Z3AHh
Y1I7JKjzMByZcJMWL/UJVBbezs2RbfgUUz5MIh9mkyMjrhqCwdDGclbTCBIYOfAp
g+OT3ziuSngV0GmxPn/OXqZDK+XCT//YwTcrW3sIS7jdyLYut5zxd5jOmMtMHYdQ
7YGavydzEhGki+uq3DXEilLZjdtRGdzXq21JSJuZqVrw/1u6elU6MQeKg+hR2Q8C
p/5lb5G8lTGq1Lgnu6OTcuG+5IiYtt/lwxt2BSW21SL3UKVcH9KhnoD6nxTiGEG3
hs/H52zJa5rGCPoYeubN11D3XFkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQg+aHL
PJ4UO/qrseuuPZKohxfd2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2NjNmZlOGYtMWRlOS00ODBjLWFlMDItMmE2MjdlNmIzZTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G
CSqGSIb3DQEBCwUAA4IBAQCfsokOiOkaRLHYZMn36YYyQ5ad8iULHXt0/AW8E0nz
TsKhTfMew/XdYkZC3rGvbYYeRdfcJlUL9BiGCB5knDFzRpKAYKPLT25ibsy8EyCl
wVd59V674PPzLW8hl/K+j0uUmilOKdPGCkIDEKTSAZh7tRE4EChI153ptD3XxVXL
scWTdF275WY2JXpC8XKratIKs28mrmrEF5ZB1iInidSctpoqG1jvmm4cyFr0Xh1u
p6BnuR3ZyLhnR602W1OnDZ/e4ddZ9uFDQuIKhSwXK3fo30K5G3NvnIBn6tJFZjUN
PvOc8aT0mmndPaEaEU7sRoxgo2GXdwKboMUNV3DW1fn9
-----END CERTIFICATE-----
Generated at Sat Sep 7 19:17:39 2024 by rpki-client on console-fra.rpki-client.org