Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
File: d4b4aa1a-385e-428a-9444-c44b9dd07114.roa (raw, json)
Hash identifier: jpe0bp1Fkm90xAH5C6/lDOvoquc0SsSYONW/dzm7W3w=
Subject key identifier: EE:21:BA:32:F0:3B:B6:B9:20:7B:6E:87:52:28:5C:A2:69:F3:97:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07DA0D81AD5F64241B503E76C828AC196D9CEC60
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.44.0.0/14 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:da:0d:81:ad:5f:64:24:1b:50:3e:76:c8:28:ac:19:6d:9c:ec:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=7238cc007b7d3370448ae95125371db6992e882c8789ccd7dee5c67aee76f6a1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:66:44:5d:39:da:15:67:5d:13:de:2e:d9:46:
b3:65:35:95:40:c2:de:77:61:1c:31:89:91:45:df:
36:81:97:29:dd:24:9c:2d:ce:13:41:fe:52:16:51:
4f:5d:01:90:87:cc:62:8f:3c:21:c8:3e:a3:5a:32:
f1:40:05:2d:48:05:c5:de:4a:0b:db:8e:96:84:b8:
03:71:70:37:1b:b0:f1:f9:13:d5:46:e6:e9:3b:11:
bb:db:f8:70:7d:32:33:14:b5:7d:2c:a2:d6:e1:cb:
a2:e2:e1:13:fb:c2:f8:4c:53:d0:15:6f:f7:94:04:
93:7f:57:bf:4e:ff:42:48:6d:db:f7:99:bd:ea:2f:
8c:cd:54:0b:c2:bd:39:64:80:c4:7d:81:96:8e:f1:
c7:47:f4:21:f6:e1:5a:fc:29:3c:36:5f:4e:62:93:
b5:da:fd:f7:18:7b:34:65:8a:1c:da:b7:a1:c3:a9:
9b:d1:26:2a:34:4d:d7:13:f5:4c:50:8c:d8:93:89:
f1:1e:6a:76:40:18:18:87:b0:fb:32:2b:25:44:89:
e6:37:51:d2:39:9c:f1:35:60:c9:72:cb:f2:12:b1:
7d:45:a7:44:31:81:89:ec:14:bd:d6:77:3e:a8:2c:
a7:29:48:0b:51:88:d1:f6:c9:ae:2e:93:ed:41:5b:
52:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:21:BA:32:F0:3B:B6:B9:20:7B:6E:87:52:28:5C:A2:69:F3:97:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d4b4aa1a-385e-428a-9444-c44b9dd07114.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
c1:1c:f9:83:72:4b:46:4f:27:ab:40:6d:44:bd:8f:f3:2a:e6:
63:d8:34:7b:27:00:fe:88:62:1e:40:77:76:88:5d:24:71:28:
b0:55:c2:61:c3:7d:3f:88:5c:3a:1d:87:d2:ba:50:50:d9:2a:
4d:f6:91:0b:33:f3:53:12:42:76:1d:08:14:9e:d4:a4:7f:24:
e5:24:ef:fa:29:80:5f:34:29:81:fa:c0:12:40:65:fe:cd:de:
a1:80:bd:d4:df:ce:4b:03:1f:00:55:7d:c2:2f:f5:a2:e8:f5:
24:87:ac:0f:db:2b:58:44:3a:94:58:62:be:db:98:35:f8:4b:
36:c6:a3:7a:97:84:02:9f:70:d9:4c:da:38:2a:ba:26:b1:61:
56:37:27:b2:33:b2:8c:7e:17:60:69:22:b1:95:cd:63:68:fd:
b6:c8:ef:af:f4:93:4a:3d:ac:ee:68:4e:3d:c6:09:88:f1:85:
9b:80:f2:71:ff:9f:95:bd:97:f4:bb:a8:c0:f1:d1:bb:ee:08:
c1:64:05:4b:a2:8a:0d:e1:d2:a5:15:61:13:34:2f:47:d4:ef:
f1:bd:5f:33:fd:5b:0e:db:ee:e7:91:25:fd:06:b5:02:5c:72:
98:77:df:5c:9b:70:cf:61:a0:d3:85:fc:54:5e:d7:cf:81:d4:
a0:4a:05:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB9oNga1fZCQbUD52yCisGW2c7GAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMzhjYzAwN2I3ZDMzNzA0NDhhZTk1MTI1MzcxZGI2OTkyZTg4MmM4Nzg5
Y2NkN2RlZTVjNjdhZWU3NmY2YTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlmRF052hVnXRPeLtlGs2U1lUDC3ndhHDGJkUXfNoGXKd0knC3OE0H+UhZR
T10BkIfMYo88Icg+o1oy8UAFLUgFxd5KC9uOloS4A3FwNxuw8fkT1Ubm6TsRu9v4
cH0yMxS1fSyi1uHLouLhE/vC+ExT0BVv95QEk39Xv07/Qkht2/eZveovjM1UC8K9
OWSAxH2Blo7xx0f0IfbhWvwpPDZfTmKTtdr99xh7NGWKHNq3ocOpm9EmKjRN1xP1
TFCM2JOJ8R5qdkAYGIew+zIrJUSJ5jdR0jmc8TVgyXLL8hKxfUWnRDGBiewUvdZ3
PqgspylIC1GI0fbJri6T7UFbUgkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTuIboy
8Du2uSB7bodSKFyiafOXoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDRiNGFhMWEtMzg1ZS00MjhhLTk0NDQtYzQ0YjlkZDA3MTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQDBHPmDcktGTyerQG1EvY/zKuZj2DR7JwD+iGIeQHd2
iF0kcSiwVcJhw30/iFw6HYfSulBQ2SpN9pELM/NTEkJ2HQgUntSkfyTlJO/6KYBf
NCmB+sASQGX+zd6hgL3U385LAx8AVX3CL/Wi6PUkh6wP2ytYRDqUWGK+25g1+Es2
xqN6l4QCn3DZTNo4KromsWFWNyeyM7KMfhdgaSKxlc1jaP22yO+v9JNKPazuaE49
xgmI8YWbgPJx/5+VvZf0u6jA8dG77gjBZAVLoooN4dKlFWETNC9H1O/xvV8z/VsO
2+7nkSX9BrUCXHKYd99cm3DPYaDThfxUXtfPgdSgSgXU
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org