Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
File: d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa (raw, json)
Hash identifier: QEwZQ+jE9FRNmtnSL9YOzMGQNByF9gXHaTT83mWxpLM=
Subject key identifier: 4E:B0:F6:B6:D4:AA:CB:6A:18:67:BE:41:3E:1D:75:53:8B:63:8E:DB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DFD4417AD1F3E551B18CE16B78FCDDB3191C3C6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:fd:44:17:ad:1f:3e:55:1b:18:ce:16:b7:8f:cd:db:31:91:c3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f9a80f65bb46467ed3f2aabcfb60220b3127b8fa6079f5a86740252e8b363cbd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:eb:82:98:f8:d9:31:04:cc:24:85:73:fd:84:
92:02:7f:62:bc:31:f2:00:8e:f9:15:93:c4:a6:89:
eb:ff:c4:b7:33:f1:c0:3c:ae:aa:d1:34:dc:7d:c2:
4a:36:b3:91:fd:c0:66:6e:49:70:50:23:1e:22:6d:
30:4c:3f:e8:5f:be:de:14:da:4a:2e:eb:e2:c4:68:
11:5e:f3:fb:31:ec:8a:35:92:6c:61:99:03:17:f4:
4c:95:93:bb:07:f6:71:90:ae:26:2b:65:1a:c9:fc:
3c:61:ba:fd:90:89:c5:2a:b3:28:fd:48:1d:98:a9:
b4:cc:e8:23:6f:42:ed:79:00:2e:c9:c8:c0:70:a3:
bf:1d:24:33:bf:04:15:50:a2:61:a3:cf:9e:e7:83:
5a:f3:78:6f:09:c0:17:80:b2:0a:1d:48:69:28:6f:
bf:aa:b5:16:84:e8:dc:08:5e:4d:4a:55:91:b1:b8:
c8:9e:af:57:6c:bb:5b:eb:58:2f:67:c2:f9:8d:ab:
42:25:fd:35:5d:e3:0c:f3:af:6e:f2:1a:22:9d:a0:
2a:4f:de:f8:27:2c:30:12:6b:db:fc:32:f4:57:87:
c4:89:c1:10:b9:4e:7d:95:54:5a:c5:9a:77:35:ed:
9a:ca:ae:6e:90:20:34:ec:9d:34:b4:d7:ac:e7:cd:
7d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B0:F6:B6:D4:AA:CB:6A:18:67:BE:41:3E:1D:75:53:8B:63:8E:DB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d39ed330-73e8-4df6-a6f4-8766e2e6190e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
22:ac:c6:6f:77:5c:41:dd:37:47:f3:79:79:b3:93:4f:31:ab:
63:07:20:5e:87:ce:da:17:e3:29:4a:58:6d:6c:5e:d7:ef:f9:
77:9c:23:75:7c:05:6d:ce:36:48:95:cf:40:1e:1d:b6:da:2f:
84:3c:8b:37:ae:1e:21:b1:f4:6d:fd:d1:e0:18:f0:47:3d:6a:
18:34:4e:ae:53:dc:05:19:2a:13:3d:7a:e8:26:dc:9c:52:ca:
f4:2f:90:2d:53:0e:94:59:8e:54:d2:4e:15:6a:98:49:c0:fc:
7c:a4:1e:f5:bc:dd:3f:fb:09:e6:b4:1b:e1:a8:77:c5:2e:d8:
53:b9:8d:2b:cc:84:58:16:47:54:b1:3e:ff:b4:2f:a0:65:77:
47:86:3d:ff:ab:98:67:b8:cf:f5:2f:30:ef:b8:f7:30:51:6b:
15:e3:40:dd:37:bb:32:7a:dd:33:5c:44:82:67:1d:58:a8:31:
fc:e5:e1:69:b6:46:14:d9:82:b6:7a:3b:b8:18:7d:92:ec:3d:
d2:ca:c4:51:f8:b3:c0:be:c6:6f:07:5b:32:ce:cd:e8:27:27:
4e:d2:d0:2b:23:84:a1:71:6d:92:ae:4a:a7:b0:c3:61:2b:a0:
3f:37:0e:fb:00:5c:a9:ca:aa:14:d9:7a:39:81:00:5f:1e:6a:
97:f8:3b:48
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUff1EF60fPlUbGM4Wt4/N2zGRw8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YTgwZjY1YmI0NjQ2N2VkM2YyYWFiY2ZiNjAyMjBiMzEyN2I4ZmE2MDc5
ZjVhODY3NDAyNTJlOGIzNjNjYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjrgpj42TEEzCSFc/2EkgJ/Yrwx8gCO+RWTxKaJ6//EtzPxwDyuqtE03H3C
Sjazkf3AZm5JcFAjHiJtMEw/6F++3hTaSi7r4sRoEV7z+zHsijWSbGGZAxf0TJWT
uwf2cZCuJitlGsn8PGG6/ZCJxSqzKP1IHZiptMzoI29C7XkALsnIwHCjvx0kM78E
FVCiYaPPnueDWvN4bwnAF4CyCh1IaShvv6q1FoTo3AheTUpVkbG4yJ6vV2y7W+tY
L2fC+Y2rQiX9NV3jDPOvbvIaIp2gKk/e+CcsMBJr2/wy9FeHxInBELlOfZVUWsWa
dzXtmsqubpAgNOydNLTXrOfNfUsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROsPa2
1KrLahhnvkE+HXVTi2OO2zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM5ZWQzMzAtNzNlOC00ZGY2LWE2ZjQtODc2NmUyZTYxOTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAIqzGb3dcQd03R/N5ebOTTzGrYwcgXofO2hfjKUpY
bWxe1+/5d5wjdXwFbc42SJXPQB4dttovhDyLN64eIbH0bf3R4BjwRz1qGDROrlPc
BRkqEz166CbcnFLK9C+QLVMOlFmOVNJOFWqYScD8fKQe9bzdP/sJ5rQb4ah3xS7Y
U7mNK8yEWBZHVLE+/7QvoGV3R4Y9/6uYZ7jP9S8w77j3MFFrFeNA3Te7MnrdM1xE
gmcdWKgx/OXhabZGFNmCtno7uBh9kuw90srEUfizwL7GbwdbMs7N6CcnTtLQKyOE
oXFtkq5Kp7DDYSugPzcO+wBcqcqqFNl6OYEAXx5ql/g7SA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org