Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: zEgMTIyAIrBYFUoNo8KmXrsFw4L24dXgCMkW4WOpmJ8=
Subject key identifier: BD:F0:87:E4:A3:05:C6:7F:92:9F:2B:01:B3:28:CB:66:69:2D:70:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31D8975FE127D9B7F12EA853801ADCD19809E46A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:d8:97:5f:e1:27:d9:b7:f1:2e:a8:53:80:1a:dc:d1:98:09:e4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2d1cb26ec035ddcb5227948e7451929a1be7cf9763c5324b913892b8bd577b01, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7a:32:f3:df:45:b7:90:19:2a:cd:3b:e2:1c:
7e:d3:d3:07:63:f7:73:eb:0e:59:42:be:0b:d8:e3:
5f:6d:f5:d8:b8:c6:6a:16:7d:a9:dc:bc:e5:0b:d6:
03:0e:2c:41:36:6e:37:7d:ee:e7:3b:e3:5a:a1:d9:
f9:84:2f:fb:5f:7c:4c:15:ae:c0:14:3c:5f:46:73:
78:09:2c:b3:57:44:75:34:3d:d2:b3:e6:27:d5:b8:
79:98:e6:a3:cc:9a:b6:ec:2a:1a:26:60:02:8b:09:
45:ef:fe:07:7f:3d:07:74:bb:72:71:d8:f8:f0:8d:
85:cd:d6:9d:d5:7c:20:70:1d:e4:59:06:50:6e:78:
c8:68:61:ab:00:6f:f7:2e:1e:5d:27:4a:a0:de:a8:
73:fe:03:9f:2c:98:01:60:e4:6e:ae:3b:60:c6:ae:
ea:d6:9c:37:94:fd:ea:af:b1:7a:ef:d3:4f:c4:f4:
48:1e:f4:cf:d3:22:eb:de:14:1c:df:87:cd:2a:63:
df:9f:ea:24:be:11:b1:b3:2a:21:52:f2:ad:34:bd:
cc:bf:4b:31:95:8a:d3:ad:32:fd:c7:f7:74:08:c6:
9b:93:d4:1d:20:65:37:af:e7:33:e9:64:94:8c:d8:
35:7b:31:85:2d:39:53:9b:48:f1:7f:b6:50:ec:c7:
22:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F0:87:E4:A3:05:C6:7F:92:9F:2B:01:B3:28:CB:66:69:2D:70:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:41:31:36:63:b4:02:8c:07:e2:1f:39:d7:17:61:81:b4:bf:
db:d9:7b:7d:87:fb:4e:7d:3c:f9:15:35:19:49:99:ce:13:e8:
81:bb:34:87:4f:0c:9d:03:c0:f5:cb:59:72:14:2b:7b:f7:92:
46:df:ce:16:68:c0:24:10:d2:43:73:f8:fd:11:2b:65:23:e4:
88:e1:da:27:73:4b:f6:d8:30:d3:75:e8:eb:91:22:0d:9d:c0:
f7:f0:43:9b:b0:b7:42:b7:ab:dd:36:6f:29:57:a8:62:67:d3:
6c:ad:c1:65:b8:13:eb:4d:d4:ed:5a:65:80:dc:92:e0:44:df:
18:6b:9f:32:ed:a9:65:a3:dc:bd:e2:fa:67:ca:3f:c6:03:c0:
87:29:11:20:6b:96:c2:54:64:4b:65:0e:4a:a4:06:90:25:77:
39:14:8d:bc:ac:b7:41:74:4a:d2:c7:7c:e7:49:71:7d:0e:c1:
63:84:60:64:76:f8:33:78:a8:29:0e:e8:22:4f:2f:a3:f5:17:
9c:5e:c1:db:ae:3b:f6:9a:dc:46:f9:25:89:ec:81:62:8d:f4:
48:ce:7b:12:38:20:7c:d0:0c:7e:fe:3c:ec:70:3f:d3:8d:c0:
4e:16:e9:71:9c:e1:b6:82:fa:00:1f:a1:26:25:ab:07:c0:98:
ca:40:e8:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMdiXX+En2bfxLqhTgBrc0ZgJ5GowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkMWNiMjZlYzAzNWRkY2I1MjI3OTQ4ZTc0NTE5MjlhMWJlN2NmOTc2M2M1
MzI0YjkxMzg5MmI4YmQ1NzdiMDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANt6MvPfRbeQGSrNO+IcftPTB2P3c+sOWUK+C9jjX2312LjGahZ9qdy85QvW
Aw4sQTZuN33u5zvjWqHZ+YQv+198TBWuwBQ8X0ZzeAkss1dEdTQ90rPmJ9W4eZjm
o8yatuwqGiZgAosJRe/+B389B3S7cnHY+PCNhc3WndV8IHAd5FkGUG54yGhhqwBv
9y4eXSdKoN6oc/4DnyyYAWDkbq47YMau6tacN5T96q+xeu/TT8T0SB70z9Mi694U
HN+HzSpj35/qJL4RsbMqIVLyrTS9zL9LMZWK060y/cf3dAjGm5PUHSBlN6/nM+lk
lIzYNXsxhS05U5tI8X+2UOzHIl8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS98Ifk
owXGf5KfKwGzKMtmaS1wczAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQAiQTE2Y7QCjAfiHznXF2GBtL/b2Xt9h/tOfTz5FTUZ
SZnOE+iBuzSHTwydA8D1y1lyFCt795JG384WaMAkENJDc/j9EStlI+SI4donc0v2
2DDTdejrkSINncD38EObsLdCt6vdNm8pV6hiZ9NsrcFluBPrTdTtWmWA3JLgRN8Y
a58y7allo9y94vpnyj/GA8CHKREga5bCVGRLZQ5KpAaQJXc5FI28rLdBdErSx3zn
SXF9DsFjhGBkdvgzeKgpDugiTy+j9RecXsHbrjv2mtxG+SWJ7IFijfRIznsSOCB8
0Ax+/jzscD/TjcBOFulxnOG2gvoAH6EmJasHwJjKQOjQ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org