Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa
File: e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa (raw, json)
Hash identifier: x/jD0gXytMczk9GSVJLbsZDdVrb9+SJEESaTajDKL3g=
Subject key identifier: 4E:48:E8:98:30:BC:A7:A8:73:86:AC:99:57:76:8B:D9:4C:C0:5E:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2DFC922CA6D833DFC2F0A06D79FAEF82E5D81331
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:fc:92:2c:a6:d8:33:df:c2:f0:a0:6d:79:fa:ef:82:e5:d8:13:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=1d5d8003167ddae0e64b3f824d18b2c234cc6ca16bae358b437fe69ecce29878, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:51:18:78:bf:23:7f:26:b5:5b:bd:f7:8b:d7:
60:71:3d:27:a2:fa:9c:56:8a:ec:3d:c5:62:b3:e8:
1e:06:a1:87:b1:c1:4c:b4:44:01:23:96:98:a6:ad:
4e:02:a7:74:21:f1:14:a1:b5:da:f9:07:90:7e:b3:
ab:71:81:83:6c:61:33:72:f4:92:20:b1:29:2f:b6:
40:ff:55:f7:a0:fc:e1:cb:b1:36:af:19:12:f3:ef:
96:c3:f8:f7:c4:9b:30:03:f1:f9:26:77:28:49:c0:
a6:1b:a6:3a:0f:cb:5b:78:dc:22:37:af:a4:7c:c4:
dd:f3:ff:aa:d7:52:c2:ef:91:de:37:89:f1:23:de:
26:b0:dd:7f:14:c8:fa:4f:a2:18:33:a9:d4:45:a2:
4b:1f:22:e7:d1:c8:c0:43:d4:16:a4:38:4f:8e:9c:
f4:1b:5e:0a:5b:17:df:ff:c3:a6:5d:f8:0b:03:0c:
a0:a4:43:80:8b:84:70:ec:4f:91:1d:0c:28:45:cb:
9b:70:6c:98:3a:68:86:4c:78:7d:66:35:5b:74:e3:
c9:d8:f1:c6:75:6a:b4:a4:06:78:48:08:9c:b0:1b:
d9:30:c8:6d:6e:f9:a3:de:74:37:ed:be:f0:18:f6:
b9:fa:f9:7e:9a:77:23:67:a4:33:39:15:dc:ed:7d:
59:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:48:E8:98:30:BC:A7:A8:73:86:AC:99:57:76:8B:D9:4C:C0:5E:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e0030b8b-a0f4-4c9b-8010-e1bd69d211cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7b:af:1d:d5:2b:35:4a:bb:f8:ed:6e:bf:71:47:c1:30:a3:65:
52:2d:a8:13:82:76:22:fc:83:14:b6:b6:09:4b:f7:e6:79:2b:
35:4f:66:e5:b2:82:a8:11:f8:08:a4:bd:8b:ed:26:1b:30:c4:
d6:ec:d2:c8:9d:3a:a8:fb:03:90:81:8b:82:be:97:37:71:56:
1d:e2:cd:52:89:56:2b:78:a6:80:fb:60:53:76:5d:ee:6b:59:
33:c5:6f:75:c4:be:75:5c:c9:c9:83:14:99:b9:93:80:d0:15:
ca:9a:40:80:b5:b4:08:81:21:b0:c9:97:e8:42:51:ad:ff:8c:
c7:e9:1e:1e:ae:05:a4:ec:8b:7e:e8:d1:26:f4:f6:3f:ac:88:
b0:36:ef:d5:b2:10:dd:c1:11:f1:b3:08:56:25:d1:c0:71:45:
00:55:73:68:21:90:fa:c7:39:b6:21:6a:b1:7e:e8:e5:7b:ee:
3d:24:29:7d:fb:29:3f:88:f1:c4:cd:31:45:5e:f4:59:6f:cc:
27:b1:3c:9e:a9:70:d1:03:89:16:e8:b1:f4:7b:da:4b:5b:3e:
83:a7:fc:96:95:bc:b2:4d:b7:9e:c2:3f:14:8c:f2:da:7d:4f:
a8:07:0e:e0:15:01:d7:58:73:19:75:14:2b:f0:33:5b:62:4e:
88:bd:37:6a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULfySLKbYM9/C8KBtefrvguXYEzEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkNWQ4MDAzMTY3ZGRhZTBlNjRiM2Y4MjRkMThiMmMyMzRjYzZjYTE2YmFl
MzU4YjQzN2ZlNjllY2NlMjk4NzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9RGHi/I38mtVu994vXYHE9J6L6nFaK7D3FYrPoHgahh7HBTLREASOWmKat
TgKndCHxFKG12vkHkH6zq3GBg2xhM3L0kiCxKS+2QP9V96D84cuxNq8ZEvPvlsP4
98SbMAPx+SZ3KEnAphumOg/LW3jcIjevpHzE3fP/qtdSwu+R3jeJ8SPeJrDdfxTI
+k+iGDOp1EWiSx8i59HIwEPUFqQ4T46c9BteClsX3//Dpl34CwMMoKRDgIuEcOxP
kR0MKEXLm3BsmDpohkx4fWY1W3TjydjxxnVqtKQGeEgInLAb2TDIbW75o950N+2+
8Bj2ufr5fpp3I2ekMzkV3O19WUcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROSOiY
MLynqHOGrJlXdovZTMBeFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTAwMzBiOGItYTBmNC00YzliLTgwMTAtZTFiZDY5ZDIxMWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQB7rx3VKzVKu/jtbr9xR8Ewo2VSLagTgnYi/IMUtrYJ
S/fmeSs1T2blsoKoEfgIpL2L7SYbMMTW7NLInTqo+wOQgYuCvpc3cVYd4s1SiVYr
eKaA+2BTdl3ua1kzxW91xL51XMnJgxSZuZOA0BXKmkCAtbQIgSGwyZfoQlGt/4zH
6R4ergWk7It+6NEm9PY/rIiwNu/VshDdwRHxswhWJdHAcUUAVXNoIZD6xzm2IWqx
fujle+49JCl9+yk/iPHEzTFFXvRZb8wnsTyeqXDRA4kW6LH0e9pLWz6Dp/yWlbyy
Tbeewj8UjPLafU+oBw7gFQHXWHMZdRQr8DNbYk6IvTdq
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org