Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
File: e5242553-2ce0-44b9-a44b-832a808bc6b1.roa (raw, json)
Hash identifier: r8QexENiFnQFBC4Q0W02ZSPLccx1NZ2ECRID945oviI=
Subject key identifier: 93:55:1F:CB:A5:03:76:A1:42:B0:B3:96:71:90:9F:81:30:3A:76:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 409D806816BBCB1196569AB786DEFF20A3BAF591
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:9d:80:68:16:bb:cb:11:96:56:9a:b7:86:de:ff:20:a3:ba:f5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=e902fb48995aced3a927c2192342558fab93f2047d7f8704a97b002973933804, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:20:6a:cd:99:0c:4f:ce:1c:58:33:0a:8a:89:
f1:68:68:0f:71:1b:3b:91:b1:b6:a9:23:20:47:ff:
f3:70:43:ba:1a:4a:6e:6c:df:6b:84:48:90:e4:be:
9f:04:3f:9c:54:52:e4:b3:b9:59:f9:ca:83:5d:55:
b4:34:0a:43:9e:36:7f:24:15:d5:fc:40:ff:4d:44:
c2:c0:67:c3:77:b0:41:fa:a8:b7:47:68:81:86:f9:
85:23:07:b0:e0:8b:8e:e4:0a:d1:13:44:5f:bc:b0:
d5:76:a7:75:99:d0:74:1a:d3:b3:76:eb:cf:7c:45:
1e:e5:18:17:83:e9:33:9d:0d:2c:8b:60:61:0a:e9:
4d:7e:f8:70:d0:7a:82:f0:53:70:88:55:be:58:47:
b0:52:97:8d:24:00:91:e3:11:69:4d:54:e2:3c:53:
a5:e0:01:03:c3:43:40:e1:b4:53:4f:64:9b:c7:e9:
88:c2:c0:18:f3:42:a8:df:49:a0:50:16:94:b4:16:
f0:07:de:d0:9d:5c:ae:86:04:05:ae:80:f0:27:1b:
d0:01:e4:e7:89:e2:85:95:07:d0:47:1a:61:cc:bf:
02:e0:23:4a:3c:a4:41:4f:da:08:8d:ea:bf:54:9b:
5f:9c:c5:69:45:89:77:f2:cf:7b:ed:ac:c3:af:89:
84:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:55:1F:CB:A5:03:76:A1:42:B0:B3:96:71:90:9F:81:30:3A:76:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e5242553-2ce0-44b9-a44b-832a808bc6b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:35:3e:01:68:a2:af:d9:10:9c:79:78:e9:c5:96:51:00:8c:
70:19:f6:c8:b3:f5:e4:3f:a0:8f:39:81:10:d4:f2:0d:ee:16:
cc:2f:98:e2:ba:02:d0:85:72:26:8d:66:5c:73:60:09:92:64:
2d:b3:2b:6e:3c:ea:42:7b:f1:f8:8c:99:ad:94:47:bc:a5:95:
20:13:b6:96:01:89:08:92:e3:b5:98:fa:f2:64:20:87:e6:b8:
75:7c:21:4e:a6:1f:35:05:5d:f1:d2:3f:f9:97:c2:42:ee:04:
ce:10:17:74:f3:2f:0b:5b:de:4b:5f:9d:01:ef:e2:d8:3b:0c:
2d:b3:ca:81:bf:ad:83:6e:cb:d8:86:f3:c1:98:07:c7:57:22:
5a:78:07:d5:20:e2:a3:40:70:a9:5b:50:c8:b8:89:d2:9d:23:
44:17:31:ef:dd:85:6b:e3:b6:6a:1e:a4:c7:27:35:76:38:ae:
55:db:54:72:7d:8e:e1:e9:14:b2:ec:cb:a8:12:48:7e:9f:f5:
5e:53:a3:c4:20:02:8d:7d:02:90:78:a1:39:b8:3c:b2:cb:36:
ab:49:36:98:b8:e0:d7:23:b1:f5:0c:54:77:87:72:29:52:f5:
7f:01:f9:ad:1f:25:6a:08:04:2f:6b:19:e2:4b:39:08:df:64:
0b:5a:d6:2d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQJ2AaBa7yxGWVpq3ht7/IKO69ZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5MDJmYjQ4OTk1YWNlZDNhOTI3YzIxOTIzNDI1NThmYWI5M2YyMDQ3ZDdm
ODcwNGE5N2IwMDI5NzM5MzM4MDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIgas2ZDE/OHFgzCoqJ8WhoD3EbO5GxtqkjIEf/83BDuhpKbmzfa4RIkOS+
nwQ/nFRS5LO5WfnKg11VtDQKQ542fyQV1fxA/01EwsBnw3ewQfqot0dogYb5hSMH
sOCLjuQK0RNEX7yw1XandZnQdBrTs3brz3xFHuUYF4PpM50NLItgYQrpTX74cNB6
gvBTcIhVvlhHsFKXjSQAkeMRaU1U4jxTpeABA8NDQOG0U09km8fpiMLAGPNCqN9J
oFAWlLQW8Afe0J1croYEBa6A8Ccb0AHk54nihZUH0EcaYcy/AuAjSjykQU/aCI3q
v1SbX5zFaUWJd/LPe+2sw6+JhFcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTVR/L
pQN2oUKws5ZxkJ+BMDp2HzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTUyNDI1NTMtMmNlMC00NGI5LWE0NGItODMyYTgwOGJjNmIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQAANT4BaKKv2RCceXjpxZZRAIxwGfbIs/XkP6CPOYEQ
1PIN7hbML5jiugLQhXImjWZcc2AJkmQtsytuPOpCe/H4jJmtlEe8pZUgE7aWAYkI
kuO1mPryZCCH5rh1fCFOph81BV3x0j/5l8JC7gTOEBd08y8LW95LX50B7+LYOwwt
s8qBv62DbsvYhvPBmAfHVyJaeAfVIOKjQHCpW1DIuInSnSNEFzHv3YVr47ZqHqTH
JzV2OK5V21RyfY7h6RSy7MuoEkh+n/VeU6PEIAKNfQKQeKE5uDyyyzarSTaYuODX
I7H1DFR3h3IpUvV/AfmtHyVqCAQvaxniSzkI32QLWtYt
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org