Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa
File: f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa (raw, json)
Hash identifier: CGPmIN/RPGkJHFWCU3ZWqBqdbObzMmCSpc0HaGd6QVU=
Subject key identifier: 36:E1:18:C4:7B:FC:80:B0:A2:50:46:D4:F9:CE:FF:E3:0E:D4:3A:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 764A0700ADDE1A75623816665389364464983104
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:4a:07:00:ad:de:1a:75:62:38:16:66:53:89:36:44:64:98:31:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=b46cb020c918fb26351e7e657a10ffa446d88e4f76dacc00f46e17137dbb226d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:75:a5:01:1f:79:9a:bb:2c:87:15:a5:5a:2c:
95:06:40:38:0f:f6:19:f9:66:ad:54:17:5e:f2:83:
7a:d3:79:e3:11:56:ae:6b:8c:7d:8e:33:61:09:f2:
93:61:a1:19:13:e4:4b:34:94:8b:93:1c:90:42:9d:
96:14:e2:bc:4f:08:7a:e1:54:ea:47:d2:5f:bc:9e:
a8:ee:67:68:bb:32:c4:af:d0:12:bc:a5:92:da:20:
83:4c:95:75:6b:d7:e4:3e:c7:23:8d:41:2a:46:c8:
87:16:39:83:3e:e8:e5:61:a5:73:fc:45:11:60:16:
15:82:36:34:b5:47:ac:20:04:40:de:07:ba:25:eb:
6a:a8:0b:23:85:6f:7b:41:64:e1:ab:e4:c6:3f:da:
2c:65:55:9f:fe:7b:49:6e:aa:9b:f1:73:2e:de:90:
01:7c:7b:06:f5:a3:f3:99:da:d0:19:ca:e1:d7:a1:
1c:ac:ac:8d:04:5b:a7:fa:25:b3:ae:15:76:4d:09:
81:11:b3:37:85:9d:af:9b:72:82:f8:f7:60:f1:f2:
fd:e1:06:51:aa:f0:af:3d:c8:99:a6:66:81:06:4e:
78:26:95:c4:ed:45:cf:09:1a:ae:cc:ab:72:76:cb:
f9:3b:70:a0:b0:17:d2:73:f3:a9:5e:b6:aa:93:9c:
c0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E1:18:C4:7B:FC:80:B0:A2:50:46:D4:F9:CE:FF:E3:0E:D4:3A:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f6f5353f-d8fa-4aca-b9c2-06a9b7716df8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.80.0/21
Signature Algorithm: sha256WithRSAEncryption
20:50:35:1b:cb:3f:10:3c:0b:9f:f4:ed:1a:0c:aa:e1:67:10:
03:63:d0:c2:e2:db:be:90:89:f5:db:cf:3b:c6:1f:d1:70:f3:
f4:56:a0:bd:b0:a2:a1:69:52:f8:66:3e:5f:7d:04:bd:84:08:
bd:e4:cb:ed:e3:25:3d:c3:f1:0f:04:24:4c:15:5b:8e:53:36:
84:af:ae:40:a2:cc:c3:01:7e:1a:4d:ef:ea:66:2a:24:89:aa:
d2:6f:d5:60:04:c4:7a:cb:14:a9:b0:6b:41:35:b1:bb:76:5d:
01:39:2c:a6:f5:27:56:ae:68:5b:8e:9c:81:7a:c1:3d:61:2b:
e4:ac:88:04:21:e1:aa:ad:84:09:ce:64:cd:53:f2:cc:d1:f5:
a9:b7:f0:be:2d:5c:3e:e9:6b:9f:79:81:23:48:4f:a7:80:88:
6d:c9:7d:be:f3:ae:2e:18:d2:2c:fd:45:8b:80:82:fa:ff:4e:
9a:6c:30:80:82:3f:6e:1d:fd:eb:40:8b:01:2c:b7:ec:d8:88:
84:5a:aa:9e:0c:ba:56:ff:31:1f:7a:60:33:5a:28:0b:9b:f9:
2d:94:7a:7f:92:52:5c:70:9d:ab:7d:d5:06:f9:83:50:2b:16:
17:ca:5b:40:7f:ed:a3:81:b9:18:e7:f7:49:62:0a:42:0e:06:
b0:c7:da:2b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdkoHAK3eGnViOBZmU4k2RGSYMQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NmNiMDIwYzkxOGZiMjYzNTFlN2U2NTdhMTBmZmE0NDZkODhlNGY3NmRh
Y2MwMGY0NmUxNzEzN2RiYjIyNmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZ1pQEfeZq7LIcVpVoslQZAOA/2GflmrVQXXvKDetN54xFWrmuMfY4zYQny
k2GhGRPkSzSUi5MckEKdlhTivE8IeuFU6kfSX7yeqO5naLsyxK/QErylktogg0yV
dWvX5D7HI41BKkbIhxY5gz7o5WGlc/xFEWAWFYI2NLVHrCAEQN4HuiXraqgLI4Vv
e0Fk4avkxj/aLGVVn/57SW6qm/FzLt6QAXx7BvWj85na0BnK4dehHKysjQRbp/ol
s64Vdk0JgRGzN4Wdr5tygvj3YPHy/eEGUarwrz3ImaZmgQZOeCaVxO1Fzwkarsyr
cnbL+TtwoLAX0nPzqV62qpOcwJ0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ24RjE
e/yAsKJQRtT5zv/jDtQ65zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjZmNTM1M2YtZDhmYS00YWNhLWI5YzItMDZhOWI3NzE2ZGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAUDAN
BgkqhkiG9w0BAQsFAAOCAQEAIFA1G8s/EDwLn/TtGgyq4WcQA2PQwuLbvpCJ9dvP
O8Yf0XDz9FagvbCioWlS+GY+X30EvYQIveTL7eMlPcPxDwQkTBVbjlM2hK+uQKLM
wwF+Gk3v6mYqJImq0m/VYATEessUqbBrQTWxu3ZdATkspvUnVq5oW46cgXrBPWEr
5KyIBCHhqq2ECc5kzVPyzNH1qbfwvi1cPulrn3mBI0hPp4CIbcl9vvOuLhjSLP1F
i4CC+v9OmmwwgII/bh3960CLASy37NiIhFqqngy6Vv8xH3pgM1ooC5v5LZR6f5JS
XHCdq33VBvmDUCsWF8pbQH/to4G5GOf3SWIKQg4GsMfaKw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org