Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
File: f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa (raw, json)
Hash identifier: Oy2lfvlH4LSBDX6ZwRXw6s/iI3NKdcucUm8QlD59/To=
Subject key identifier: 42:B6:95:E8:F4:C9:EF:53:81:C7:92:FA:E3:6F:D3:98:AD:FD:4A:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 134F21600174D3C501203E718A42C677C0F64DD9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:4f:21:60:01:74:d3:c5:01:20:3e:71:8a:42:c6:77:c0:f6:4d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f3317c4bc38eb17b64d0c51b1fad5f644f3726fd765b266866fd20a1356c97ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:67:3a:47:1b:49:c1:8d:0a:cb:37:e0:11:20:
00:2f:59:ef:36:e2:e4:22:cd:0d:95:17:3a:5d:22:
be:a6:b4:45:78:d4:db:c0:e8:73:b9:d7:da:70:14:
61:8f:f5:4d:32:f2:2e:42:23:e5:73:26:59:4b:aa:
9f:a2:fd:dd:fc:a5:b9:93:30:90:23:91:3f:fb:c0:
e2:63:11:6a:2b:52:d6:e0:e8:bb:fd:f3:00:93:39:
8a:29:29:4d:ae:a0:bd:c6:db:54:d9:c9:5d:00:1a:
c9:97:f8:8c:f1:74:75:00:b9:fc:5e:87:3e:5c:f8:
af:58:b0:fa:d2:3b:80:e5:62:47:63:36:a2:09:9e:
08:d9:06:3c:51:26:78:68:f3:9e:c4:e1:59:8c:81:
0f:7d:b7:a6:d0:3f:07:4e:fd:d4:6b:6d:dc:4d:bf:
a1:58:b3:0a:c5:87:53:89:f5:04:36:65:be:93:00:
54:1e:66:22:25:9d:21:b3:59:f6:7d:ab:0e:0f:bf:
71:6e:91:54:a7:09:3e:87:d8:d2:7c:12:4a:69:ba:
55:ab:16:81:f4:49:5e:b4:83:20:b1:4b:4e:f0:70:
a9:0b:c1:5f:5b:94:1e:53:b5:2f:ca:ee:fc:20:0a:
d1:e4:14:aa:dd:ca:be:5f:ca:42:dd:fc:ba:06:1d:
44:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B6:95:E8:F4:C9:EF:53:81:C7:92:FA:E3:6F:D3:98:AD:FD:4A:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9d:eb:b3:d8:b9:08:50:0c:f3:6d:37:7f:e2:8e:14:86:4a:28:
36:e5:e9:80:66:fb:fa:6b:a0:d8:12:46:20:8d:c4:a2:19:86:
40:fb:29:de:a8:35:80:e2:28:ed:db:8a:3b:23:16:81:57:81:
fc:b7:8c:4e:ae:c3:74:a3:5a:2a:dd:a4:30:25:29:14:a9:17:
5b:49:7b:64:b0:c5:a9:b1:f6:ae:5d:d6:83:2a:65:bd:cc:dd:
7f:58:fc:ac:ea:f1:65:51:06:9e:8d:47:b8:14:f9:b0:6a:08:
79:be:37:2c:6f:9b:ca:95:bb:d5:4c:d4:d3:12:85:3c:ba:a8:
8d:9a:e2:66:13:f5:56:dc:50:ce:85:59:cc:53:10:03:5e:8a:
6e:c1:0f:a7:69:f1:e8:bc:c9:a9:52:eb:50:10:f2:a3:32:fc:
cc:f4:8f:d8:da:b7:b0:70:e8:13:10:1d:09:c8:d0:6b:41:dd:
49:f1:2c:d7:ac:98:d3:e8:d7:f4:25:33:25:17:ea:1c:8d:9e:
f6:50:75:9e:6f:03:d0:47:52:34:16:e2:e9:40:e2:5c:b5:d8:
e4:e8:ac:bb:17:3f:5b:ff:db:3f:64:11:71:f9:e7:4c:37:9a:
fe:bb:47:97:79:4b:da:f2:fa:3a:af:a3:37:5f:a9:79:c5:ec:
12:77:26:b3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE08hYAF008UBID5xikLGd8D2TdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMzE3YzRiYzM4ZWIxN2I2NGQwYzUxYjFmYWQ1ZjY0NGYzNzI2ZmQ3NjVi
MjY2ODY2ZmQyMGExMzU2Yzk3Y2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPRnOkcbScGNCss34BEgAC9Z7zbi5CLNDZUXOl0ivqa0RXjU28Doc7nX2nAU
YY/1TTLyLkIj5XMmWUuqn6L93fyluZMwkCORP/vA4mMRaitS1uDou/3zAJM5iikp
Ta6gvcbbVNnJXQAayZf4jPF0dQC5/F6HPlz4r1iw+tI7gOViR2M2ogmeCNkGPFEm
eGjznsThWYyBD323ptA/B0791Gtt3E2/oVizCsWHU4n1BDZlvpMAVB5mIiWdIbNZ
9n2rDg+/cW6RVKcJPofY0nwSSmm6VasWgfRJXrSDILFLTvBwqQvBX1uUHlO1L8ru
/CAK0eQUqt3Kvl/KQt38ugYdRG0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRCtpXo
9MnvU4HHkvrjb9OYrf1KLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjdmZjUyYTgtOWNkNS00ODc4LWJmMmYtMTg5NDE1NzRjOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQCd67PYuQhQDPNtN3/ijhSGSig25emAZvv6a6DYEkYg
jcSiGYZA+yneqDWA4ijt24o7IxaBV4H8t4xOrsN0o1oq3aQwJSkUqRdbSXtksMWp
sfauXdaDKmW9zN1/WPys6vFlUQaejUe4FPmwagh5vjcsb5vKlbvVTNTTEoU8uqiN
muJmE/VW3FDOhVnMUxADXopuwQ+nafHovMmpUutQEPKjMvzM9I/Y2rewcOgTEB0J
yNBrQd1J8SzXrJjT6Nf0JTMlF+ocjZ72UHWebwPQR1I0FuLpQOJctdjk6Ky7Fz9b
/9s/ZBFx+edMN5r+u0eXeUva8vo6r6M3X6l5xewSdyaz
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org