Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: UchzkqmP2mp+V57XaNiEI6qztz/bTfjGS6MY1sF9xog=
Subject key identifier: 8C:C7:C5:2C:74:70:B6:83:1B:59:FC:8C:86:12:3D:D9:57:2D:6A:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A7FD5551AB342F34674AAF0E11BC1D0CEAB9430
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:7f:d5:55:1a:b3:42:f3:46:74:aa:f0:e1:1b:c1:d0:ce:ab:94:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=27a58e573b90f4dad4994aa9c354ae3a29551cf6ba9da87dcd396188175feaa3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4f:6e:94:25:f6:b9:29:5c:e4:44:1e:08:b9:
1d:e1:14:28:3a:be:8e:d8:73:3e:bb:a9:16:ec:15:
88:bb:bc:36:d8:f3:e6:5a:93:b0:02:3e:a0:80:49:
c8:23:5d:1a:87:20:af:e2:f7:36:64:0c:7e:0b:7a:
46:b8:67:8a:07:46:b8:cc:f9:79:83:2d:e6:14:ba:
ce:08:d4:7d:bc:55:12:e0:01:6d:59:40:ad:92:e5:
01:0d:94:6f:08:6b:47:55:7a:6f:d1:53:40:5a:ab:
5b:7a:88:ad:1b:6e:f2:f9:5b:77:1f:12:f8:59:97:
4d:02:84:d6:34:af:88:25:cb:30:25:21:13:8d:89:
0a:64:98:26:a1:d5:3b:2c:b4:69:31:7f:c7:1e:81:
97:a1:4e:a8:93:30:d3:79:db:39:8c:68:3b:41:79:
76:d6:d7:d4:b8:29:d4:c8:f0:cd:a1:3e:d0:19:9b:
a3:f6:1f:cf:87:02:2e:9c:1b:ee:15:7e:af:7e:de:
68:a5:b6:4e:96:e7:7c:0f:a5:2e:4d:7e:15:09:35:
c3:7d:4f:20:7b:ec:5a:72:52:a7:e9:38:6a:88:c4:
27:98:5e:c5:15:3e:20:77:f5:58:6a:f9:9c:40:4b:
29:9c:bc:4e:89:e7:10:75:de:f3:db:ed:fc:85:51:
e2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C7:C5:2C:74:70:B6:83:1B:59:FC:8C:86:12:3D:D9:57:2D:6A:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:b3:7c:9f:5c:ac:0d:cf:9a:17:6b:75:1d:45:e8:63:8c:c1:
bd:8d:33:8e:2c:87:d4:2f:c4:f8:07:b1:6d:db:66:d6:b6:84:
52:5d:41:59:5f:80:14:04:9d:0b:ed:eb:26:81:8f:6a:e4:aa:
94:1e:d3:3c:13:aa:fd:d9:7b:17:5f:07:0d:ae:f3:05:43:70:
8f:c3:79:2c:9e:12:f0:84:54:49:aa:8e:78:21:1e:32:40:70:
cb:3c:5a:4d:27:cc:55:25:ed:a4:a4:58:1c:52:ad:2b:23:b8:
9f:b5:5d:75:a6:40:72:5c:f1:77:85:67:43:50:d4:0c:4f:42:
8f:6d:35:cf:56:97:92:0f:2a:03:73:3f:8c:5a:47:07:b6:0b:
14:a1:73:c3:21:c5:eb:9e:5e:2d:f8:95:e1:c9:b7:87:ef:09:
3e:5c:d4:84:5b:ac:e8:36:01:ee:32:f8:25:25:f2:9f:6a:2c:
8b:a2:e6:0a:09:d1:f6:70:4d:6e:5a:99:76:ea:24:e9:51:4f:
04:de:39:97:3d:2c:f2:e9:10:4d:e4:65:74:11:17:c9:2a:45:
e9:ab:d9:19:a4:9b:6e:67:12:0a:29:4a:71:db:35:e8:cd:9a:
23:6b:04:7b:01:d4:a1:ed:18:68:74:d3:66:6b:12:79:d2:c6:
0f:61:a5:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSn/VVRqzQvNGdKrw4RvB0M6rlDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3YTU4ZTU3M2I5MGY0ZGFkNDk5NGFhOWMzNTRhZTNhMjk1NTFjZjZiYTlk
YTg3ZGNkMzk2MTg4MTc1ZmVhYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBPbpQl9rkpXOREHgi5HeEUKDq+jthzPrupFuwViLu8Ntjz5lqTsAI+oIBJ
yCNdGocgr+L3NmQMfgt6RrhnigdGuMz5eYMt5hS6zgjUfbxVEuABbVlArZLlAQ2U
bwhrR1V6b9FTQFqrW3qIrRtu8vlbdx8S+FmXTQKE1jSviCXLMCUhE42JCmSYJqHV
Oyy0aTF/xx6Bl6FOqJMw03nbOYxoO0F5dtbX1Lgp1MjwzaE+0Bmbo/Yfz4cCLpwb
7hV+r37eaKW2TpbnfA+lLk1+FQk1w31PIHvsWnJSp+k4aojEJ5hexRU+IHf1WGr5
nEBLKZy8TonnEHXe89vt/IVR4lkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSMx8Us
dHC2gxtZ/IyGEj3ZVy1qqTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQC/s3yfXKwNz5oXa3UdRehjjMG9jTOOLIfUL8T4B7Ft
22bWtoRSXUFZX4AUBJ0L7esmgY9q5KqUHtM8E6r92XsXXwcNrvMFQ3CPw3ksnhLw
hFRJqo54IR4yQHDLPFpNJ8xVJe2kpFgcUq0rI7iftV11pkByXPF3hWdDUNQMT0KP
bTXPVpeSDyoDcz+MWkcHtgsUoXPDIcXrnl4t+JXhybeH7wk+XNSEW6zoNgHuMvgl
JfKfaiyLouYKCdH2cE1uWpl26iTpUU8E3jmXPSzy6RBN5GV0ERfJKkXpq9kZpJtu
ZxIKKUpx2zXozZojawR7AdSh7RhodNNmaxJ50sYPYaX8
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org