Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json)
Hash identifier: C83lhsuWyIvvP1+FMUhWABgwK+JzYphF5+DoWN/46oA=
Subject key identifier: CC:17:F5:16:DB:94:8C:0F:59:01:10:EC:20:7E:7A:16:E7:7B:6F:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4374E6265D2AB2AB504191E1D27C76DD8B5CB741
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:74:e6:26:5d:2a:b2:ab:50:41:91:e1:d2:7c:76:dd:8b:5c:b7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=88ae3783b1e81830e206cc5a1692b125fe8afcc15897aceb94009cdb5a3bcbab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:eb:b3:c3:f6:6c:70:28:10:5a:a2:15:74:
c4:d0:90:11:9b:7d:07:59:6b:bf:8e:19:bd:71:4c:
36:e4:47:23:73:95:5c:a4:33:e7:a3:47:ff:bb:60:
14:47:1c:3f:ea:8b:d9:b4:8b:18:5f:32:32:02:d8:
17:4d:0f:f4:42:4c:af:0a:04:73:d0:7e:50:ed:6c:
fc:4c:c9:85:21:e1:11:f5:4e:7d:29:f2:22:fa:7b:
a6:3c:b0:2e:7b:d3:c9:1d:e8:d1:56:59:8e:9f:4b:
4b:75:5c:d6:85:0c:a5:59:ba:bd:c8:2b:cd:67:f1:
af:6c:7a:09:a5:b0:a6:39:31:9f:3a:d4:b1:eb:dd:
ab:78:f3:db:e1:37:f5:51:23:1a:6d:ae:53:80:bf:
76:a1:f2:17:ff:02:8d:4c:8f:8f:81:49:e1:f1:74:
0f:d0:8b:cf:d0:c7:71:4b:61:c0:c2:05:7a:cb:0c:
2d:d9:5f:ab:40:3d:2b:d6:0b:82:12:5a:e3:ef:3e:
d8:64:0b:61:bd:22:fc:7a:93:19:c0:24:c0:d3:ab:
92:f9:58:97:db:2c:87:de:50:23:00:61:c4:20:36:
a2:59:fa:0d:fa:33:8a:17:eb:86:49:d8:00:f2:b9:
88:1f:1b:c2:0d:4a:b3:fe:0a:01:a9:47:d0:d1:45:
0f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:17:F5:16:DB:94:8C:0F:59:01:10:EC:20:7E:7A:16:E7:7B:6F:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c7:25:23:c7:3a:d5:51:6e:77:74:cc:69:cb:c1:26:f8:69:52:
8f:3a:68:93:8f:bf:70:73:44:ad:a5:ce:43:96:d4:2c:0d:cb:
00:58:98:36:61:94:4e:a4:f1:33:2b:01:0a:41:1a:c2:4e:aa:
bb:3f:6e:99:20:0a:72:07:ae:5b:fe:ac:0f:49:fc:6e:16:82:
91:4d:f9:e9:48:90:cc:37:36:fc:3a:81:fd:86:18:15:13:d5:
7f:74:64:39:c2:3c:18:12:d6:37:a4:38:18:6d:dc:a3:20:e4:
b0:42:f8:13:65:9e:c5:08:b5:f4:4d:b2:d2:9b:13:39:45:dd:
0f:15:c1:6f:9d:93:88:78:0f:86:e3:6f:8c:9e:75:f7:a0:10:
66:a9:41:be:70:9b:7b:b0:f4:be:a2:4e:ab:53:91:33:5f:5b:
c6:1a:37:88:9c:1d:20:37:84:45:c4:15:5e:8c:1c:53:22:03:
3b:1e:7e:d9:fb:88:7e:90:43:bd:b5:1f:b0:55:c8:b9:63:b7:
69:76:23:72:8a:ae:f9:f4:48:6c:0f:ff:ea:3b:99:c8:41:25:
e1:3a:0f:6a:c2:ca:4f:ea:44:77:92:ed:d5:ab:af:78:6e:59:
4e:63:44:06:86:0b:64:17:88:c3:53:93:61:c4:e2:6b:46:81:
c1:d9:be:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ3TmJl0qsqtQQZHh0nx23Ytct0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4YWUzNzgzYjFlODE4MzBlMjA2Y2M1YTE2OTJiMTI1ZmU4YWZjYzE1ODk3
YWNlYjk0MDA5Y2RiNWEzYmNiYWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSK67PD9mxwKBBaohV0xNCQEZt9B1lrv44ZvXFMNuRHI3OVXKQz56NH/7tg
FEccP+qL2bSLGF8yMgLYF00P9EJMrwoEc9B+UO1s/EzJhSHhEfVOfSnyIvp7pjyw
LnvTyR3o0VZZjp9LS3Vc1oUMpVm6vcgrzWfxr2x6CaWwpjkxnzrUsevdq3jz2+E3
9VEjGm2uU4C/dqHyF/8CjUyPj4FJ4fF0D9CLz9DHcUthwMIFessMLdlfq0A9K9YL
ghJa4+8+2GQLYb0i/HqTGcAkwNOrkvlYl9ssh95QIwBhxCA2oln6DfozihfrhknY
APK5iB8bwg1Ks/4KAalH0NFFD3kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMF/UW
25SMD1kBEOwgfnoW53tvPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQDHJSPHOtVRbnd0zGnLwSb4aVKPOmiTj79wc0Stpc5D
ltQsDcsAWJg2YZROpPEzKwEKQRrCTqq7P26ZIApyB65b/qwPSfxuFoKRTfnpSJDM
Nzb8OoH9hhgVE9V/dGQ5wjwYEtY3pDgYbdyjIOSwQvgTZZ7FCLX0TbLSmxM5Rd0P
FcFvnZOIeA+G42+MnnX3oBBmqUG+cJt7sPS+ok6rU5EzX1vGGjeInB0gN4RFxBVe
jBxTIgM7Hn7Z+4h+kEO9tR+wVci5Y7dpdiNyiq759EhsD//qO5nIQSXhOg9qwspP
6kR3ku3Vq694bllOY0QGhgtkF4jDU5NhxOJrRoHB2b4v
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org