Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: NFIfypGC2Gfrr6+5ZCMD0zzCeECJvK0SOfPeugaeyio=
Subject key identifier: 6D:FA:4B:9A:2B:8B:1C:EF:F2:B8:27:D7:C8:37:C4:D9:B3:FC:6D:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A3313F3AC1C471183528FF43041815CB33010EC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:33:13:f3:ac:1c:47:11:83:52:8f:f4:30:41:81:5c:b3:30:10:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=4d719ee42f5b67e79a0f8f4cdbf02b15cba79e895b498f993092478ca2ff7409, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b2:be:16:7c:e9:13:6d:19:03:ac:3e:f9:86:
3f:67:b2:21:b2:66:af:e0:dd:f9:6f:5c:e9:ae:14:
6f:39:55:64:ad:31:df:17:a4:3c:4c:a1:8e:bf:16:
4c:90:cd:15:5d:3a:92:fa:85:bf:ec:9a:7c:4c:9a:
2d:28:be:9e:7f:26:71:5d:50:40:90:38:f2:01:33:
c6:8d:4e:c0:9d:fb:94:22:81:28:d9:cc:ae:89:90:
f4:00:48:53:7b:58:e1:9c:ee:4d:00:7d:ba:ec:9a:
90:06:47:89:a1:2c:dc:50:48:37:64:c3:59:c9:14:
06:db:b3:51:c1:89:76:c5:6c:ee:58:83:1e:4f:82:
49:0b:3a:a3:fe:b7:ae:6c:7b:4f:d8:73:cb:91:57:
1e:18:62:cc:e0:97:b7:93:cf:5c:68:df:72:f7:2e:
d7:3e:49:ab:c2:95:13:d8:b8:b4:90:cc:b9:12:3a:
21:92:20:64:65:50:74:d4:8b:cd:11:a3:74:70:45:
e7:17:52:eb:7c:ea:28:0e:ac:cf:69:e1:03:09:36:
16:86:c7:e5:cb:d2:e8:41:37:1a:ae:57:b4:e7:9e:
7c:b6:70:78:09:f0:7e:9e:c0:3c:cf:d7:49:23:ac:
41:8a:a5:09:ac:e4:1f:1e:26:c8:ca:a3:c2:d0:90:
7f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FA:4B:9A:2B:8B:1C:EF:F2:B8:27:D7:C8:37:C4:D9:B3:FC:6D:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:10:4a:55:f5:c5:8d:c7:ed:9a:45:bc:55:5d:18:7d:c8:ae:
e1:f4:66:91:5c:85:94:d3:0e:27:b1:e8:ef:18:de:f7:17:70:
ed:27:2c:66:86:6d:eb:34:ae:39:f6:6f:f9:b0:db:7d:52:0c:
3b:14:d9:46:60:4b:85:11:d6:15:66:5a:fe:58:5c:9e:7e:b2:
7a:ff:d2:ba:6b:1c:2d:11:c9:50:1f:c6:16:34:75:dd:d4:be:
67:48:57:d2:8e:56:77:be:cb:95:40:ca:de:36:49:34:4a:cb:
97:cf:01:88:7b:4f:db:bd:2d:46:31:22:bf:e9:83:6f:d2:d7:
e6:60:13:80:03:fd:40:83:e3:a6:bf:e8:88:bf:de:26:42:47:
5e:6a:f6:05:60:06:6b:ad:e2:a3:97:90:7f:fb:ae:04:a2:b8:
64:61:5f:19:cc:30:f2:09:09:d2:cd:86:1b:84:32:37:8a:a5:
28:0e:a6:11:8c:09:56:8f:5f:fb:56:c5:f4:3d:b6:21:f5:ab:
d6:4a:1a:03:24:57:9b:68:f0:8b:a8:44:ed:81:f8:38:17:4b:
e0:a4:7f:3d:d3:08:b6:97:f6:7d:54:46:80:2d:a4:2c:6a:be:
ee:a7:79:4b:68:15:36:3f:8e:a7:7d:10:03:8f:3c:18:19:6d:
3b:52:45:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCjMT86wcRxGDUo/0MEGBXLMwEOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkNzE5ZWU0MmY1YjY3ZTc5YTBmOGY0Y2RiZjAyYjE1Y2JhNzllODk1YjQ5
OGY5OTMwOTI0NzhjYTJmZjc0MDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANOyvhZ86RNtGQOsPvmGP2eyIbJmr+Dd+W9c6a4UbzlVZK0x3xekPEyhjr8W
TJDNFV06kvqFv+yafEyaLSi+nn8mcV1QQJA48gEzxo1OwJ37lCKBKNnMromQ9ABI
U3tY4ZzuTQB9uuyakAZHiaEs3FBIN2TDWckUBtuzUcGJdsVs7liDHk+CSQs6o/63
rmx7T9hzy5FXHhhizOCXt5PPXGjfcvcu1z5Jq8KVE9i4tJDMuRI6IZIgZGVQdNSL
zRGjdHBF5xdS63zqKA6sz2nhAwk2FobH5cvS6EE3Gq5XtOeefLZweAnwfp7APM/X
SSOsQYqlCazkHx4myMqjwtCQf5sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRt+kua
K4sc7/K4J9fIN8TZs/xt6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQC3EEpV9cWNx+2aRbxVXRh9yK7h9GaRXIWU0w4nsejv
GN73F3DtJyxmhm3rNK459m/5sNt9Ugw7FNlGYEuFEdYVZlr+WFyefrJ6/9K6axwt
EclQH8YWNHXd1L5nSFfSjlZ3vsuVQMreNkk0SsuXzwGIe0/bvS1GMSK/6YNv0tfm
YBOAA/1Ag+Omv+iIv94mQkdeavYFYAZrreKjl5B/+64EorhkYV8ZzDDyCQnSzYYb
hDI3iqUoDqYRjAlWj1/7VsX0PbYh9avWShoDJFebaPCLqETtgfg4F0vgpH890wi2
l/Z9VEaALaQsar7up3lLaBU2P46nfRADjzwYGW07UkXh
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org