Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
File: 0481d995-4a3d-4e25-8d0e-33271809f9a9.roa (raw, json)
Hash identifier: QtrF2LqwH2EOTJB3//kxklvxgtZ582vln5mgb7UVngg=
Subject key identifier: 55:63:68:8D:82:19:22:D5:3A:1E:AA:B1:35:42:B9:D5:FB:9D:D0:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5CD488FAED1600D2035129108CF9790E729CFE4B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:d4:88:fa:ed:16:00:d2:03:51:29:10:8c:f9:79:0e:72:9c:fe:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=27a6dbbc8c86cdc22cf7aad9f78e51b66e2fdf2679faa6d23230eb2c939227a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bb:3e:19:2f:3e:5d:52:ba:3c:ae:fc:98:f3:
83:81:a6:e6:27:4c:e4:e3:60:c4:df:a7:ab:b9:a9:
fc:e6:b5:e1:7a:61:3e:33:46:12:c1:3c:d8:05:68:
86:c3:0e:37:57:ff:93:d3:a2:69:e4:be:a1:ac:52:
fc:eb:5d:ca:76:73:aa:33:a2:91:96:e6:ca:6a:06:
a8:ab:31:7a:74:a8:1d:cd:30:5f:c9:71:6c:83:03:
bd:c2:0f:f1:5c:49:3b:67:c5:f3:e7:1d:67:c7:a6:
db:2e:e8:f2:ed:fa:89:c5:81:3e:f8:82:07:2a:9c:
de:3f:13:57:ab:ba:c0:90:09:5d:76:28:de:5e:eb:
bf:81:9c:92:a7:f3:03:3e:63:7f:05:4a:af:11:c6:
20:01:f0:74:39:a3:9a:b2:92:2d:79:ea:a9:51:f8:
f9:e0:61:25:6b:c6:80:da:a4:a2:79:94:f6:86:5a:
69:45:b2:fd:03:24:2f:f5:28:cc:40:bd:3d:ca:b9:
a4:91:8d:e4:7d:2c:c6:42:c3:7e:e0:19:b1:22:9c:
95:69:92:46:e9:0e:7e:a8:c3:e6:06:db:01:5c:7b:
4a:a0:69:36:ca:c6:28:1f:80:f1:da:fd:01:b3:8e:
f8:85:f6:ae:84:da:f0:03:8a:a7:5d:09:f0:21:dc:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:63:68:8D:82:19:22:D5:3A:1E:AA:B1:35:42:B9:D5:FB:9D:D0:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0481d995-4a3d-4e25-8d0e-33271809f9a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:a8:17:a8:54:06:ac:25:1a:bd:09:f5:da:28:34:ad:ba:2e:
44:56:44:18:cd:57:76:fa:4c:c9:59:1f:f6:0c:be:93:3c:21:
4f:5a:3c:d1:70:41:f5:53:69:42:d4:07:68:b5:ed:47:13:63:
ed:39:fd:03:4e:d4:79:07:59:2b:56:9a:35:bc:66:a3:74:78:
17:30:c9:07:75:87:6e:f7:20:38:4c:4c:90:a2:c6:43:f5:6d:
bf:76:e3:a5:8d:b3:02:fb:01:3f:c5:d4:86:fa:2b:f0:83:96:
e2:89:8f:54:d5:6d:aa:7a:2d:ee:68:b1:7d:eb:46:f9:4e:8a:
59:de:0b:d1:1d:42:6d:4e:dc:0f:c6:4e:69:85:46:65:fd:bd:
50:34:4e:ed:dd:63:70:a0:57:fe:65:44:68:3e:4e:b7:07:66:
ec:3a:ab:1c:96:39:06:13:32:fa:84:33:ed:78:bc:c8:6d:d1:
8f:ca:42:3b:c9:3e:3e:f4:7b:29:e2:c6:dc:14:01:c1:4e:c5:
f1:0c:4b:a1:72:b2:c0:c9:9e:9f:40:67:21:c9:f0:80:6b:6d:
ee:4c:2e:2d:ba:94:e3:d3:32:1d:86:d8:d1:04:54:c2:cb:57:
ff:e8:76:85:a2:f1:e4:b2:f0:cf:8b:2e:f5:7a:91:70:6b:4d:
47:51:c2:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXNSI+u0WANIDUSkQjPl5DnKc/kswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3YTZkYmJjOGM4NmNkYzIyY2Y3YWFkOWY3OGU1MWI2NmUyZmRmMjY3OWZh
YTZkMjMyMzBlYjJjOTM5MjI3YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJi7PhkvPl1Sujyu/Jjzg4Gm5idM5ONgxN+nq7mp/Oa14XphPjNGEsE82AVo
hsMON1f/k9OiaeS+oaxS/OtdynZzqjOikZbmymoGqKsxenSoHc0wX8lxbIMDvcIP
8VxJO2fF8+cdZ8em2y7o8u36icWBPviCByqc3j8TV6u6wJAJXXYo3l7rv4Gckqfz
Az5jfwVKrxHGIAHwdDmjmrKSLXnqqVH4+eBhJWvGgNqkonmU9oZaaUWy/QMkL/Uo
zEC9Pcq5pJGN5H0sxkLDfuAZsSKclWmSRukOfqjD5gbbAVx7SqBpNsrGKB+A8dr9
AbOO+IX2roTa8AOKp10J8CHcbWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRVY2iN
ghki1ToeqrE1QrnV+53QRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDQ4MWQ5OTUtNGEzZC00ZTI1LThkMGUtMzMyNzE4MDlmOWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBZqBeoVAasJRq9CfXaKDStui5EVkQYzVd2+kzJWR/2
DL6TPCFPWjzRcEH1U2lC1Adote1HE2PtOf0DTtR5B1krVpo1vGajdHgXMMkHdYdu
9yA4TEyQosZD9W2/duOljbMC+wE/xdSG+ivwg5biiY9U1W2qei3uaLF960b5TopZ
3gvRHUJtTtwPxk5phUZl/b1QNE7t3WNwoFf+ZURoPk63B2bsOqscljkGEzL6hDPt
eLzIbdGPykI7yT4+9Hsp4sbcFAHBTsXxDEuhcrLAyZ6fQGchyfCAa23uTC4tupTj
0zIdhtjRBFTCy1f/6HaFovHksvDPiy71epFwa01HUcI1
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org