Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: uljkpIPgla9Jm5lqz8ZXpDBBh2Rz8EIiSSyKCXILf+c=
Subject key identifier: D9:2F:19:0B:3E:CF:5E:FB:25:69:03:2D:41:25:8E:23:C2:5B:0B:9F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DA642B6E6B65A49D59E8F30DC4146C1F9D3E10F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:a6:42:b6:e6:b6:5a:49:d5:9e:8f:30:dc:41:46:c1:f9:d3:e1:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d6cbda10e5e88899a6e0e6ab8aca3ad07c4f5987c1b7fd3b235085a368cef678, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e8:ce:7b:7f:26:60:43:46:1b:2f:17:7e:68:
db:c5:80:da:4b:bc:10:5c:11:5a:f3:61:a6:17:7a:
78:d2:16:28:52:d5:c2:b7:df:3d:50:f1:c6:c1:e9:
66:7a:48:35:55:74:31:35:42:4b:d9:d3:16:e6:83:
c9:c7:79:05:c2:e2:d0:04:48:83:5e:30:a4:e7:33:
06:1a:e3:78:40:01:3e:6c:eb:64:41:8a:0a:d0:58:
f1:63:87:1e:02:79:7c:25:68:c5:11:eb:72:81:26:
34:c4:c9:a0:a8:82:f5:43:05:ed:71:37:9b:08:f6:
0f:e4:2e:9d:72:1c:ae:6f:cb:ed:51:05:33:f9:27:
aa:a2:7a:66:ff:24:78:01:d1:ea:b6:87:fe:e1:e5:
da:d3:43:72:29:c0:af:1c:2f:1e:df:9b:91:0c:f7:
14:11:ed:a5:06:21:22:17:26:a3:4b:da:70:11:6e:
99:98:b9:da:3d:d0:62:6b:50:ec:83:df:60:b1:01:
79:e6:44:9e:15:65:e8:40:84:80:c3:c9:97:ee:d5:
4d:1d:f2:51:ed:28:4c:68:fb:60:46:d8:8e:f4:5b:
d5:02:09:c1:ca:56:48:3e:c3:c3:0c:0d:c7:f7:08:
4e:8a:3d:e1:ae:51:75:81:65:04:60:df:fe:9d:86:
d3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:2F:19:0B:3E:CF:5E:FB:25:69:03:2D:41:25:8E:23:C2:5B:0B:9F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d4:0e:40:1a:65:c0:1d:3e:eb:20:99:18:4c:41:6b:31:46:5f:
a5:09:76:3b:a1:96:88:f5:5e:f4:8d:7d:6e:67:ab:65:9b:70:
b4:83:4b:1b:49:e6:f9:06:9a:30:26:53:8a:08:5f:91:b4:c4:
c7:98:4e:f9:cc:16:77:0e:03:ec:d4:6d:cd:6b:50:7a:e2:df:
50:12:99:3b:41:96:bb:0d:75:41:4d:a8:39:11:f1:d8:44:62:
7c:11:de:3a:8d:1e:8e:d3:0f:72:a4:d3:a3:53:88:8f:4e:79:
ee:b1:9e:94:f7:d4:f2:b2:8f:39:7c:d4:4e:0b:b7:41:67:48:
98:2c:4f:a5:fa:73:9b:b9:18:d1:ad:32:31:c1:a0:70:80:39:
48:bb:65:ad:96:64:b9:8c:c2:bf:b3:f0:1c:35:98:fb:22:f4:
68:41:69:31:0a:dc:db:96:58:6d:e4:a6:ab:f4:e6:91:9b:e5:
24:71:5e:4f:74:9c:6a:86:85:1d:37:93:b3:97:6e:eb:a8:35:
ec:e9:5c:5a:f0:e3:06:8c:ad:f4:f9:1c:26:58:b8:0c:d9:4a:
21:d8:31:0b:0e:60:a1:7b:d8:06:a5:e2:05:e5:19:cc:4b:31:
50:2a:74:70:39:61:be:0c:2f:f9:30:aa:ae:0d:7f:14:c2:d3:
df:9e:90:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfaZCtua2WknVno8w3EFGwfnT4Q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2Y2JkYTEwZTVlODg4OTlhNmUwZTZhYjhhY2EzYWQwN2M0ZjU5ODdjMWI3
ZmQzYjIzNTA4NWEzNjhjZWY2NzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3oznt/JmBDRhsvF35o28WA2ku8EFwRWvNhphd6eNIWKFLVwrffPVDxxsHp
ZnpINVV0MTVCS9nTFuaDycd5BcLi0ARIg14wpOczBhrjeEABPmzrZEGKCtBY8WOH
HgJ5fCVoxRHrcoEmNMTJoKiC9UMF7XE3mwj2D+QunXIcrm/L7VEFM/knqqJ6Zv8k
eAHR6raH/uHl2tNDcinArxwvHt+bkQz3FBHtpQYhIhcmo0vacBFumZi52j3QYmtQ
7IPfYLEBeeZEnhVl6ECEgMPJl+7VTR3yUe0oTGj7YEbYjvRb1QIJwcpWSD7DwwwN
x/cIToo94a5RdYFlBGDf/p2G03MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTZLxkL
Ps9e+yVpAy1BJY4jwlsLnzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQDUDkAaZcAdPusgmRhMQWsxRl+lCXY7oZaI9V70jX1u
Z6tlm3C0g0sbSeb5BpowJlOKCF+RtMTHmE75zBZ3DgPs1G3Na1B64t9QEpk7QZa7
DXVBTag5EfHYRGJ8Ed46jR6O0w9ypNOjU4iPTnnusZ6U99Tyso85fNROC7dBZ0iY
LE+l+nObuRjRrTIxwaBwgDlIu2WtlmS5jMK/s/AcNZj7IvRoQWkxCtzbllht5Kar
9OaRm+UkcV5PdJxqhoUdN5Ozl27rqDXs6Vxa8OMGjK30+RwmWLgM2Uoh2DELDmCh
e9gGpeIF5RnMSzFQKnRwOWG+DC/5MKquDX8UwtPfnpCu
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:08 2024 by rpki-client on console-fra.rpki-client.org