Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc80f02f-68a8-4245-9562-5311abe3fa18.roa
File: fc80f02f-68a8-4245-9562-5311abe3fa18.roa (raw, json)
Hash identifier: O/V3FAUDrF9n7bdBCwdnP53zw336A9+a9g9b0VmIPVA=
Subject key identifier: 47:59:A7:49:1C:3D:A9:6E:44:F3:B6:8D:D9:00:F4:C9:18:BB:00:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47E76B92602EF80D4449C78D6B2A6C3F620791C1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc80f02f-68a8-4245-9562-5311abe3fa18.roa
Signing time: Sat 24 Aug 2024 00:00:00 +0000
ROA not before: Sat 24 Aug 2024 00:00:00 +0000
ROA not after: Sat 28 Sep 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.128.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e7:6b:92:60:2e:f8:0d:44:49:c7:8d:6b:2a:6c:3f:62:07:91:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 24 00:00:00 2024 GMT
Not After : Sep 28 23:59:59 2024 GMT
Subject: serialNumber=eb2863cecf308659ca1757d238c59f056f5794cef56f400d771833501a53845d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cc:db:0f:f3:00:f5:3a:e7:00:05:37:5d:bb:
3c:04:f7:2c:b3:14:ec:2a:65:02:1c:03:bc:f7:69:
ee:52:2c:cd:c6:d3:af:ec:96:a3:e8:c6:0d:6c:23:
97:dc:da:cf:da:99:d2:bc:44:b9:48:1a:dc:73:98:
c5:08:ff:af:bb:8f:8c:7d:8a:07:b3:17:3b:65:40:
c7:e2:c0:d0:df:ca:10:51:36:3d:1e:2e:91:2e:a1:
56:b9:37:12:f6:d6:16:b5:e0:e6:fb:45:e3:be:fc:
40:31:92:88:22:74:26:9e:3e:78:82:27:9a:33:bd:
5d:0d:85:20:5f:eb:ff:06:13:d9:a7:3b:e1:01:91:
da:a3:dd:6e:0c:ce:16:f0:31:84:56:28:03:00:d3:
32:4f:9d:62:0e:d1:72:8d:ad:bd:d0:aa:54:ba:3b:
26:ae:1f:0c:29:15:5e:b2:98:0b:11:3f:96:95:5c:
2d:2c:85:02:fc:20:8b:44:b7:e9:7b:74:dd:dd:db:
a3:e2:96:24:09:01:c2:ea:9e:c1:d0:19:65:2b:49:
37:79:18:df:9d:c3:14:a3:cb:c1:d2:ec:b0:18:70:
dd:3e:1d:22:61:de:75:f3:34:ac:e7:6f:c1:63:a4:
ba:e1:49:3b:5d:e9:fb:0b:d3:5c:f7:9f:c0:d5:b3:
69:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:59:A7:49:1C:3D:A9:6E:44:F3:B6:8D:D9:00:F4:C9:18:BB:00:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc80f02f-68a8-4245-9562-5311abe3fa18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.128.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:59:01:1f:a2:40:7b:51:e0:ff:ea:38:bc:87:2f:a5:6a:9d:
e6:b5:6f:34:6d:8c:8b:2a:4f:7f:43:17:3a:67:c0:1d:13:fe:
7d:30:d5:31:8e:dd:aa:38:ee:f6:30:fa:d8:20:08:60:e6:70:
86:0f:70:5a:34:ed:90:bb:9c:ec:8d:05:03:8c:3a:d3:29:83:
6a:d0:87:50:13:c7:5a:69:30:d4:28:93:b8:f7:cc:d1:67:06:
7f:8a:b4:fc:54:22:94:59:89:ae:2e:64:b5:84:41:01:b1:57:
09:8e:39:47:bc:85:62:b8:ab:ee:bf:b9:55:f6:d8:bc:2e:f5:
4a:5d:ad:50:e2:3c:7e:79:8a:46:d7:ce:ba:d8:99:b0:b9:f3:
15:57:8e:48:15:6d:2b:7a:c4:8b:06:f8:b5:4d:ed:e1:ac:3e:
d1:62:ce:9a:c8:21:17:60:36:8f:96:b3:fa:6a:39:3b:20:17:
6a:2b:be:b5:89:00:28:1a:f8:9d:93:a0:7f:24:59:ac:1f:ec:
47:ba:56:f2:a0:09:89:0b:41:09:4e:6f:4a:91:16:73:60:cc:
30:aa:11:db:94:88:df:df:4b:74:ca:a4:ad:a8:dd:8f:0d:e4:
d5:97:9b:92:c0:1a:87:4d:7b:cf:cd:08:67:fc:71:a6:05:65:
b0:80:32:e9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUR+drkmAu+A1ESceNaypsP2IHkcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA4MjQwMDAwMDBaFw0yNDA5MjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMjg2M2NlY2YzMDg2NTljYTE3NTdkMjM4YzU5ZjA1NmY1Nzk0Y2VmNTZm
NDAwZDc3MTgzMzUwMWE1Mzg0NWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3M2w/zAPU65wAFN127PAT3LLMU7CplAhwDvPdp7lIszcbTr+yWo+jGDWwj
l9zaz9qZ0rxEuUga3HOYxQj/r7uPjH2KB7MXO2VAx+LA0N/KEFE2PR4ukS6hVrk3
EvbWFrXg5vtF4778QDGSiCJ0Jp4+eIInmjO9XQ2FIF/r/wYT2ac74QGR2qPdbgzO
FvAxhFYoAwDTMk+dYg7Rco2tvdCqVLo7Jq4fDCkVXrKYCxE/lpVcLSyFAvwgi0S3
6Xt03d3bo+KWJAkBwuqewdAZZStJN3kY353DFKPLwdLssBhw3T4dImHedfM0rOdv
wWOkuuFJO13p+wvTXPefwNWzaasCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRHWadJ
HD2pbkTzto3ZAPTJGLsA4DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM4MGYwMmYtNjhhOC00MjQ1LTk1NjItNTMxMWFiZTNmYTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAgDAN
BgkqhkiG9w0BAQsFAAOCAQEADlkBH6JAe1Hg/+o4vIcvpWqd5rVvNG2MiypPf0MX
OmfAHRP+fTDVMY7dqjju9jD62CAIYOZwhg9wWjTtkLuc7I0FA4w60ymDatCHUBPH
Wmkw1CiTuPfM0WcGf4q0/FQilFmJri5ktYRBAbFXCY45R7yFYrir7r+5VfbYvC71
Sl2tUOI8fnmKRtfOutiZsLnzFVeOSBVtK3rEiwb4tU3t4aw+0WLOmsghF2A2j5az
+mo5OyAXaiu+tYkAKBr4nZOgfyRZrB/sR7pW8qAJiQtBCU5vSpEWc2DMMKoR25SI
399LdMqkrajdjw3k1ZebksAah017z80IZ/xxpgVlsIAy6Q==
-----END CERTIFICATE-----
Generated at Sat Sep 7 19:17:39 2024 by rpki-client on console-fra.rpki-client.org