Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cefec67c-4401-4bc7-ac7b-46a110be0c45.roa
File: cefec67c-4401-4bc7-ac7b-46a110be0c45.roa (raw, json)
Hash identifier: QFxqUL8e12jvl2y+1lEIHicXrE7Yy39nQY85ij1iWzc=
Subject key identifier: 00:EE:F7:D9:FC:45:3D:E5:E1:28:60:81:88:44:F9:B3:3A:82:7F:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5CB12C0577AABE42A8CC63C5BE0B01EA1597CFF7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cefec67c-4401-4bc7-ac7b-46a110be0c45.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:b1:2c:05:77:aa:be:42:a8:cc:63:c5:be:0b:01:ea:15:97:cf:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5f18de5d9c7c2be0cc9755d72ee97705fdf2bfb7ad1c65fd0bd17393cc88d3b0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7f:fc:a7:af:e8:c5:c8:3f:c8:f5:1d:d2:fb:
3f:94:ec:9a:3e:ab:28:0a:f7:c7:be:f3:99:06:63:
d1:7c:b1:cf:6e:f8:dc:c7:25:c8:94:bf:78:32:2d:
84:af:92:fa:6b:1b:b8:8e:c8:b2:8b:50:f2:58:76:
18:d9:28:0c:0a:14:f8:7a:0d:78:63:49:52:70:ac:
21:c0:8d:e4:aa:61:66:02:b5:f8:00:62:dd:6a:37:
a6:81:f2:16:9f:8e:a0:13:03:cc:2b:d7:21:12:7b:
46:2c:3c:a6:76:33:d9:f7:d2:00:c6:0a:93:c1:2f:
f0:67:b2:84:97:76:e8:a0:ff:44:e3:d1:67:3d:97:
b0:a0:9d:ff:d5:10:87:a2:2a:8d:54:9f:c6:61:aa:
8e:bf:40:c0:a5:65:d5:03:e6:8d:f5:df:e1:6b:ec:
41:1b:94:b1:89:2f:80:ad:23:26:5a:d3:fd:ee:41:
22:db:e5:1f:a1:3b:9d:29:40:2a:e0:da:9b:5c:17:
78:af:fb:74:89:82:f9:19:9c:d3:95:73:94:68:6a:
69:62:a2:bc:64:21:91:d0:25:17:1a:0c:38:4d:be:
fc:87:2d:6e:cb:13:d8:ae:26:7b:46:33:fc:63:0f:
72:4d:43:9b:fd:79:10:11:34:5e:72:d4:96:2b:31:
a7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EE:F7:D9:FC:45:3D:E5:E1:28:60:81:88:44:F9:B3:3A:82:7F:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cefec67c-4401-4bc7-ac7b-46a110be0c45.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
02:3f:7b:cf:0d:5a:d8:fe:39:0b:81:59:5b:68:c5:86:68:e5:
54:0e:d8:1a:1a:0a:57:9f:62:ed:e3:c0:9e:53:7d:e8:0e:6e:
92:59:e0:f0:b6:a0:ae:b7:c3:16:49:7d:cd:34:91:4f:05:67:
49:6b:92:9b:c4:21:29:b6:7c:f2:5a:8d:cc:18:ac:4f:d5:3a:
01:9b:02:07:97:82:e5:d0:fd:b5:88:9e:55:c5:ea:3f:75:b0:
e1:4c:ff:41:4b:f4:90:46:ed:f3:31:47:be:ec:69:88:4e:f0:
a1:81:6c:25:88:15:95:a8:8f:68:6a:17:35:03:36:81:85:9e:
0b:e4:96:db:75:14:f5:7d:40:15:47:c4:60:e1:a4:6b:c5:80:
8a:81:cf:dc:0d:1f:91:bd:34:0d:d5:96:75:c6:85:75:c5:09:
b2:9c:59:e7:59:b6:09:21:a5:75:b1:c5:07:c9:4b:04:27:35:
ff:ed:cc:18:7e:79:e9:67:ce:32:b4:d3:a4:b6:72:ab:b1:54:
2e:0b:f8:d8:9a:2e:42:17:f3:f2:94:ef:be:64:49:cc:3f:8f:
f1:52:c4:ec:a3:6a:7b:4c:be:88:59:e5:2f:57:16:cb:0c:5b:
8b:7c:4a:95:cb:99:9a:ea:56:5e:0d:cc:eb:eb:c5:75:cd:63:
65:69:c5:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXLEsBXeqvkKozGPFvgsB6hWXz/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmMThkZTVkOWM3YzJiZTBjYzk3NTVkNzJlZTk3NzA1ZmRmMmJmYjdhZDFj
NjVmZDBiZDE3MzkzY2M4OGQzYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMR//Kev6MXIP8j1HdL7P5Tsmj6rKAr3x77zmQZj0Xyxz2743MclyJS/eDIt
hK+S+msbuI7IsotQ8lh2GNkoDAoU+HoNeGNJUnCsIcCN5KphZgK1+ABi3Wo3poHy
Fp+OoBMDzCvXIRJ7Riw8pnYz2ffSAMYKk8Ev8GeyhJd26KD/ROPRZz2XsKCd/9UQ
h6IqjVSfxmGqjr9AwKVl1QPmjfXf4WvsQRuUsYkvgK0jJlrT/e5BItvlH6E7nSlA
KuDam1wXeK/7dImC+Rmc05VzlGhqaWKivGQhkdAlFxoMOE2+/IctbssT2K4me0Yz
/GMPck1Dm/15EBE0XnLUlisxp7kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQA7vfZ
/EU95eEoYIGIRPmzOoJ/EDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2VmZWM2N2MtNDQwMS00YmM3LWFjN2ItNDZhMTEwYmUwYzQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQACP3vPDVrY/jkLgVlbaMWGaOVUDtgaGgpXn2Lt48Ce
U33oDm6SWeDwtqCut8MWSX3NNJFPBWdJa5KbxCEptnzyWo3MGKxP1ToBmwIHl4Ll
0P21iJ5Vxeo/dbDhTP9BS/SQRu3zMUe+7GmITvChgWwliBWVqI9oahc1AzaBhZ4L
5JbbdRT1fUAVR8Rg4aRrxYCKgc/cDR+RvTQN1ZZ1xoV1xQmynFnnWbYJIaV1scUH
yUsEJzX/7cwYfnnpZ84ytNOktnKrsVQuC/jYmi5CF/PylO++ZEnMP4/xUsTso2p7
TL6IWeUvVxbLDFuLfEqVy5ma6lZeDczr68V1zWNlacVZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org