Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: eCMiHaiLi0QXO7vVmHNGFdR/Bt0NllNnYoh02sdgagQ=
Subject key identifier: C9:90:B9:AB:03:27:B6:46:41:60:0A:5B:69:B1:C1:C5:18:CF:0E:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E04E0094920200792E67B095DFEA778AA4F95E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:04:e0:09:49:20:20:07:92:e6:7b:09:5d:fe:a7:78:aa:4f:95:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=0f0bf462b10db28f1f2056b3bc40c8a3b21235a7e8e5386fa553d51e6c42d16a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c3:64:cb:32:5d:80:85:6d:38:c5:d8:11:6b:
95:99:31:69:a0:50:08:f0:fd:73:80:0b:a2:bd:f8:
72:b9:ec:96:c5:6e:ac:96:f1:76:1c:a0:80:ee:ac:
be:7e:c9:ac:3c:6e:51:24:b8:6d:3b:db:58:73:3e:
fa:30:79:68:03:84:ea:55:63:c2:08:00:3e:9a:cb:
86:45:9f:85:48:b8:f2:00:79:88:13:a4:8e:12:85:
8e:40:fa:52:cf:54:19:c6:da:be:69:ab:1a:30:af:
0f:b6:aa:9d:40:65:a9:95:4a:59:58:d4:d0:e8:22:
99:95:b0:c8:af:ab:0c:ae:9b:36:4b:84:63:32:6e:
38:43:22:21:e7:7d:80:ab:41:e5:08:48:52:aa:ac:
8a:d2:37:e6:ec:7e:18:05:16:03:c4:b3:39:90:ed:
4a:32:55:3d:12:5e:bf:5c:19:79:28:94:fb:b7:0f:
66:ce:d2:a4:94:d2:f1:15:97:4b:6b:fa:e2:23:f3:
9e:ec:dc:73:b6:8b:0d:02:f9:c7:b6:98:8a:01:a6:
e1:45:6b:f1:92:c6:63:72:43:58:be:57:30:a9:a6:
dc:c7:dd:e3:fa:fc:21:33:79:50:04:0e:45:13:f7:
b5:96:ff:bc:6c:88:0a:84:63:34:1e:00:08:78:0f:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:90:B9:AB:03:27:B6:46:41:60:0A:5B:69:B1:C1:C5:18:CF:0E:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
be:bf:f0:39:ee:d5:de:a0:ff:8f:d2:6d:24:0a:27:90:9c:80:
a9:02:01:68:fe:b1:4d:56:7b:70:ee:25:e7:8a:00:57:34:81:
25:0f:b5:17:18:c6:3c:27:58:76:0f:04:4c:11:13:e8:db:46:
d5:55:1b:5d:cc:32:62:a1:29:43:30:bd:cc:ea:a6:75:d3:2b:
b5:3f:7e:8d:c5:26:16:80:15:0f:ce:c7:8c:cc:45:b0:36:bb:
fc:1a:d8:8c:e0:67:e5:b7:39:f9:c4:27:9e:de:6f:f6:44:c9:
5c:04:9b:5f:f5:07:2e:75:03:09:27:f3:6e:2a:c1:f5:79:8e:
18:de:f0:a4:d3:5c:74:10:68:d4:34:b0:ea:18:d6:bc:aa:b2:
68:3f:33:f0:28:7d:ef:41:84:e9:45:b4:8b:f0:bb:07:e5:00:
99:eb:0e:17:0e:9d:a9:b4:18:e0:b5:25:5d:60:fa:e8:db:ee:
e3:6b:23:74:a9:f1:65:89:fc:eb:a7:8a:84:3d:2f:c1:8e:c4:
1a:3f:ca:c0:c5:3a:f7:ea:0f:97:10:dd:34:85:6d:39:c1:7d:
47:a9:23:7c:34:37:9b:7e:c2:aa:b3:24:f8:3c:32:95:fe:c4:
f4:25:dc:73:2c:1d:bc:1e:e6:96:c6:9b:59:99:c1:5d:39:86:
fa:7c:3b:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTgTgCUkgIAeS5nsJXf6neKpPleMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmMGJmNDYyYjEwZGIyOGYxZjIwNTZiM2JjNDBjOGEzYjIxMjM1YTdlOGU1
Mzg2ZmE1NTNkNTFlNmM0MmQxNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrDZMsyXYCFbTjF2BFrlZkxaaBQCPD9c4ALor34crnslsVurJbxdhyggO6s
vn7JrDxuUSS4bTvbWHM++jB5aAOE6lVjwggAPprLhkWfhUi48gB5iBOkjhKFjkD6
Us9UGcbavmmrGjCvD7aqnUBlqZVKWVjU0OgimZWwyK+rDK6bNkuEYzJuOEMiIed9
gKtB5QhIUqqsitI35ux+GAUWA8SzOZDtSjJVPRJev1wZeSiU+7cPZs7SpJTS8RWX
S2v64iPznuzcc7aLDQL5x7aYigGm4UVr8ZLGY3JDWL5XMKmm3Mfd4/r8ITN5UAQO
RRP3tZb/vGyICoRjNB4ACHgPjfcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTJkLmr
Aye2RkFgCltpscHFGM8O8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQC+v/A57tXeoP+P0m0kCieQnICpAgFo/rFNVntw7iXn
igBXNIElD7UXGMY8J1h2DwRMERPo20bVVRtdzDJioSlDML3M6qZ10yu1P36NxSYW
gBUPzseMzEWwNrv8GtiM4Gfltzn5xCee3m/2RMlcBJtf9QcudQMJJ/NuKsH1eY4Y
3vCk01x0EGjUNLDqGNa8qrJoPzPwKH3vQYTpRbSL8LsH5QCZ6w4XDp2ptBjgtSVd
YPro2+7jayN0qfFlifzrp4qEPS/BjsQaP8rAxTr36g+XEN00hW05wX1HqSN8NDeb
fsKqsyT4PDKV/sT0JdxzLB28HuaWxptZmcFdOYb6fDtm
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:08 2024 by rpki-client on console-fra.rpki-client.org