Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: Z0agO7f2verfJto+iktcZ+RPdEL4qsC6E+quEQ64Cz4=
Subject key identifier: 66:B0:ED:EF:F5:00:3A:B4:B0:11:49:11:0B:35:EA:0C:0B:37:FB:0F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A6B8F2FBFF6E861CF537DC34CF40CE63AAA7F97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:6b:8f:2f:bf:f6:e8:61:cf:53:7d:c3:4c:f4:0c:e6:3a:aa:7f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=629d21c0ea7ed61de32470c2e9a907b6f61e87842522f51b6b4ea73d220c9227, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:21:6a:6e:96:8e:71:af:32:02:16:df:de:df:
eb:72:9f:63:8b:77:71:38:3b:6c:77:38:cf:4d:4c:
f2:5b:28:06:dc:64:cb:f8:77:9c:32:a7:25:3a:55:
84:4f:32:9e:11:a5:69:15:ea:92:16:21:6f:ea:09:
d9:17:ae:98:be:57:99:20:3a:3c:40:a5:27:9c:dd:
5f:0b:03:e6:23:d3:51:4d:81:40:93:da:5e:38:de:
98:db:0f:56:b5:84:91:2f:0b:0a:42:0f:8d:14:fb:
50:27:9e:02:60:a7:20:d3:6e:09:92:f4:b6:3a:27:
7b:11:b0:c3:f0:52:d0:fd:c0:24:51:40:fe:66:a5:
2e:86:4b:c0:52:f2:57:37:ff:91:5f:3e:0d:e1:f2:
0c:39:e5:41:d0:14:da:b0:5f:6c:e6:88:d5:77:ce:
c6:5c:8c:16:94:1a:06:25:1b:e9:e3:c7:5d:7c:ac:
78:b8:a7:7e:f3:6b:78:c5:17:80:1a:8a:a0:b0:54:
aa:42:b1:79:80:02:ba:a0:6e:80:f2:e0:86:56:1e:
70:59:4f:81:4c:31:91:9f:df:f1:07:54:4e:bd:20:
5b:d3:98:ad:fb:f3:21:75:e6:ed:6f:23:a3:f7:54:
a5:18:7e:5e:70:dd:9e:ee:4f:e9:94:c4:23:7a:68:
ed:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B0:ED:EF:F5:00:3A:B4:B0:11:49:11:0B:35:EA:0C:0B:37:FB:0F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:19:03:9d:62:2d:f6:15:8a:d0:ba:c1:23:1e:51:66:89:9c:
bd:0b:12:9b:e9:c7:01:50:08:64:78:02:4e:c1:25:af:21:87:
89:4c:e9:5b:11:0c:10:99:fa:3f:f8:59:e5:05:ed:b0:7d:c9:
99:a0:1d:d2:2c:47:6b:6a:d5:11:88:43:39:2f:7e:22:90:32:
b1:23:07:49:49:9d:17:cd:26:3b:21:8b:c8:3c:2a:ba:f3:bc:
ef:5b:6e:c5:85:e0:97:b0:61:13:5c:ee:d9:4c:1a:27:57:d5:
30:27:3e:3d:ee:da:b3:13:a8:21:86:5f:56:57:64:22:a2:b9:
5e:db:4d:03:07:6b:68:8c:bb:5a:a0:49:67:f3:c2:c0:33:98:
65:d8:8f:f1:dc:05:57:14:48:f5:7f:ed:3d:3a:9e:ae:fe:da:
38:a0:0c:00:20:c3:d9:50:5a:d1:52:7a:ec:b5:4c:8f:70:c6:
42:96:f4:aa:a5:34:47:ef:6e:99:64:a1:65:b9:dd:1c:46:04:
83:6b:73:08:20:0c:00:1b:81:9a:b5:b3:f6:33:17:5f:b9:42:
b5:e0:c6:53:6c:5f:68:bd:c0:10:35:0a:f4:e5:2c:36:b2:a7:
4c:93:9d:4e:5a:2c:fa:71:56:96:17:b9:6e:32:0e:77:77:21:
10:4f:17:89
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGmuPL7/26GHPU33DTPQM5jqqf5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyOWQyMWMwZWE3ZWQ2MWRlMzI0NzBjMmU5YTkwN2I2ZjYxZTg3ODQyNTIy
ZjUxYjZiNGVhNzNkMjIwYzkyMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsham6WjnGvMgIW397f63KfY4t3cTg7bHc4z01M8lsoBtxky/h3nDKnJTpV
hE8ynhGlaRXqkhYhb+oJ2ReumL5XmSA6PEClJ5zdXwsD5iPTUU2BQJPaXjjemNsP
VrWEkS8LCkIPjRT7UCeeAmCnINNuCZL0tjonexGww/BS0P3AJFFA/malLoZLwFLy
Vzf/kV8+DeHyDDnlQdAU2rBfbOaI1XfOxlyMFpQaBiUb6ePHXXyseLinfvNreMUX
gBqKoLBUqkKxeYACuqBugPLghlYecFlPgUwxkZ/f8QdUTr0gW9OYrfvzIXXm7W8j
o/dUpRh+XnDdnu5P6ZTEI3po7X0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmsO3v
9QA6tLARSRELNeoMCzf7DzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQAnGQOdYi32FYrQusEjHlFmiZy9CxKb6ccBUAhkeAJO
wSWvIYeJTOlbEQwQmfo/+FnlBe2wfcmZoB3SLEdratURiEM5L34ikDKxIwdJSZ0X
zSY7IYvIPCq687zvW27FheCXsGETXO7ZTBonV9UwJz497tqzE6ghhl9WV2Qiorle
200DB2tojLtaoEln88LAM5hl2I/x3AVXFEj1f+09Op6u/to4oAwAIMPZUFrRUnrs
tUyPcMZClvSqpTRH726ZZKFlud0cRgSDa3MIIAwAG4GatbP2MxdfuUK14MZTbF9o
vcAQNQr05Sw2sqdMk51OWiz6cVaWF7luMg53dyEQTxeJ
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org