Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: S0iMwkZ2CI3t28Nkrv9cRVl2lEXiDoOMRqwFDfX3rZE=
Subject key identifier: 3B:15:A2:35:00:EE:C2:12:11:FE:70:87:8E:51:11:E0:0E:40:F3:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 028109F0DCA3B4144A8E96471F06C7AF1C399A04
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:81:09:f0:dc:a3:b4:14:4a:8e:96:47:1f:06:c7:af:1c:39:9a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=fae7343e6b0c1400c538e985e39c6d244380318c7003f9d12325602a223ac542, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:05:ca:58:aa:b9:a4:95:9c:46:19:90:f9:55:
ae:5d:3d:c0:fe:18:fd:2b:03:6f:c5:d4:28:4a:47:
ff:42:48:44:2d:2a:e6:9d:58:01:ea:ab:ae:9a:1a:
16:f8:4c:b8:fe:d3:12:2a:a5:09:c7:74:53:1a:cb:
8f:ed:8e:51:63:79:a0:97:ed:23:39:cd:af:fe:2d:
99:9d:27:83:e9:94:6b:56:c1:9c:a2:d5:45:57:26:
71:b0:19:8c:63:e5:33:64:50:85:a6:21:57:2b:05:
c5:56:9a:54:cc:89:3e:76:c9:cf:32:87:96:e3:7f:
77:a9:48:3f:f4:5e:40:1f:f4:d6:26:9f:56:5d:f1:
03:b2:0d:32:4e:67:1d:e1:4b:53:f4:22:ee:f6:40:
69:15:50:0e:f9:c3:b6:af:08:2c:6e:9e:f2:b7:8a:
49:af:c7:0a:44:bb:8d:f3:77:f9:96:4e:9c:ab:cc:
2d:63:44:2a:31:5e:14:50:75:5c:5a:11:04:04:5b:
3c:2c:cf:6f:48:34:8b:16:ed:b3:2d:9e:1b:88:7c:
70:ac:0a:02:21:04:21:27:1f:34:b6:73:35:08:30:
ae:52:20:8c:26:5a:c7:81:e1:a4:ed:87:83:28:73:
49:a6:88:ab:9e:9c:b0:e3:ec:73:09:a2:6b:d2:5f:
e9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:15:A2:35:00:EE:C2:12:11:FE:70:87:8E:51:11:E0:0E:40:F3:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
82:0a:aa:3f:1a:0e:4f:91:62:85:cd:4a:d1:b4:c2:03:f7:6b:
2f:d2:01:a1:ce:0a:2f:af:91:76:55:1c:55:0e:3b:93:68:12:
5d:91:e7:6f:5e:1a:87:85:02:5f:95:1c:e6:cc:11:67:90:f3:
90:52:40:b4:65:38:f6:88:a2:39:cb:7b:fa:b4:8f:b3:ec:71:
5f:2b:61:59:4e:43:ec:0a:af:c7:c9:46:ec:3f:c2:ea:75:9f:
fd:8b:06:ae:6f:e0:2f:2e:67:46:a4:76:26:c7:64:2c:ff:a1:
d5:c9:25:bd:0d:3b:32:b7:21:c9:4a:1c:e1:f8:05:71:0c:b2:
c0:07:34:6b:ca:18:f2:3b:a8:45:eb:b7:f7:dd:6f:83:7d:59:
34:8a:ad:62:ab:98:0d:16:4a:23:70:a1:c6:ee:35:3c:41:9c:
c2:25:67:53:73:3e:83:d8:01:1c:26:05:c3:71:b0:1f:60:52:
60:de:aa:be:d9:4f:95:e3:cf:98:03:39:36:e4:d5:c5:2d:37:
a0:03:96:06:99:a5:c5:93:c9:d0:7c:cf:9f:a8:01:b2:58:05:
96:ea:39:73:78:1b:4e:31:f0:a5:2b:d3:4c:5b:7c:50:8f:e0:
80:01:9d:bd:04:c9:58:95:b5:1e:74:13:6f:91:59:19:36:41:
eb:74:c3:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAoEJ8NyjtBRKjpZHHwbHrxw5mgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZTczNDNlNmIwYzE0MDBjNTM4ZTk4NWUzOWM2ZDI0NDM4MDMxOGM3MDAz
ZjlkMTIzMjU2MDJhMjIzYWM1NDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIFyliquaSVnEYZkPlVrl09wP4Y/SsDb8XUKEpH/0JIRC0q5p1YAeqrrpoa
FvhMuP7TEiqlCcd0UxrLj+2OUWN5oJftIznNr/4tmZ0ng+mUa1bBnKLVRVcmcbAZ
jGPlM2RQhaYhVysFxVaaVMyJPnbJzzKHluN/d6lIP/ReQB/01iafVl3xA7INMk5n
HeFLU/Qi7vZAaRVQDvnDtq8ILG6e8reKSa/HCkS7jfN3+ZZOnKvMLWNEKjFeFFB1
XFoRBARbPCzPb0g0ixbtsy2eG4h8cKwKAiEEIScfNLZzNQgwrlIgjCZax4HhpO2H
gyhzSaaIq56csOPscwmia9Jf6d0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7FaI1
AO7CEhH+cIeOURHgDkDzxTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCCCqo/Gg5PkWKFzUrRtMID92sv0gGhzgovr5F2VRxV
DjuTaBJdkedvXhqHhQJflRzmzBFnkPOQUkC0ZTj2iKI5y3v6tI+z7HFfK2FZTkPs
Cq/HyUbsP8LqdZ/9iwaub+AvLmdGpHYmx2Qs/6HVySW9DTsytyHJShzh+AVxDLLA
BzRryhjyO6hF67f33W+DfVk0iq1iq5gNFkojcKHG7jU8QZzCJWdTcz6D2AEcJgXD
cbAfYFJg3qq+2U+V48+YAzk25NXFLTegA5YGmaXFk8nQfM+fqAGyWAWW6jlzeBtO
MfClK9NMW3xQj+CAAZ29BMlYlbUedBNvkVkZNkHrdMNa
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:51 2024 by rpki-client on console-ams.rpki-client.org