Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
File: 05585ded-caa9-4870-9b97-23218aa79783.roa (raw, json)
Hash identifier: 29iT0MNRwuCLZNC7f14M8lSZqwaYDs0CDU/pgbxNDdM=
Subject key identifier: CA:51:9D:2E:00:D3:EF:13:3F:2D:FF:0E:83:E1:AA:CA:B3:5E:13:28
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B65D84FF3E47E5B4734C4304B96A290B7172EC2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:65:d8:4f:f3:e4:7e:5b:47:34:c4:30:4b:96:a2:90:b7:17:2e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=0c9b7ec96a24de5b5a3cad239e96d626c1a42d3c21f53729d8901b8de9b78f10, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:72:91:bc:4a:2c:44:3d:99:f9:9f:d9:35:26:
e4:fa:30:7b:f4:7f:e3:00:40:d0:37:3b:5a:7d:b4:
68:b7:04:b5:cf:15:06:9e:f9:26:fa:50:cd:d2:30:
44:9f:46:1c:37:b6:ce:78:e4:dc:26:f8:da:d6:57:
cc:8f:c2:e3:da:3a:87:d7:68:e4:aa:0e:ba:07:51:
24:be:40:b3:e7:a4:1d:ab:62:ca:8d:05:76:e3:6c:
cb:31:1a:c6:3b:4e:d1:30:88:f2:35:a2:a3:c1:4a:
73:b6:15:66:36:1c:45:2a:41:d5:f7:48:fd:a2:95:
c2:19:dc:e2:b1:c3:2a:8e:e4:6f:58:94:ec:ee:33:
e6:f3:2d:74:3c:c6:90:97:9f:6b:39:d9:0b:3c:57:
7c:6b:2f:2e:01:58:90:e5:5a:50:a4:d3:a5:56:64:
50:09:92:2e:7d:b5:a5:d7:a7:22:c9:6d:e2:2f:57:
e3:ee:fb:13:c2:be:f0:d7:7c:55:06:0a:11:c4:e2:
c1:d6:ff:4c:6f:03:2a:73:c9:d5:2a:ff:e2:e4:62:
f7:ea:4e:a3:50:26:1e:e9:ab:70:3c:81:8c:ff:9d:
aa:c6:c6:e6:6c:c0:dc:a9:cd:3f:8d:42:06:1b:d8:
ca:c9:e9:0b:6e:49:81:e7:5a:c1:bc:d6:d9:6d:8d:
38:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:51:9D:2E:00:D3:EF:13:3F:2D:FF:0E:83:E1:AA:CA:B3:5E:13:28
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05585ded-caa9-4870-9b97-23218aa79783.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
39:23:aa:a9:77:e6:3b:84:16:d6:11:5b:bd:80:2c:61:31:1f:
e3:2b:aa:b5:87:7a:79:fc:f4:22:67:0b:25:80:cb:8d:47:34:
5e:a8:49:72:8e:09:35:83:76:05:99:4f:7d:f5:f7:ad:78:c7:
30:f6:f2:ec:84:0a:df:b6:6f:da:70:e7:fe:e1:ba:41:db:d4:
0f:91:c2:b0:8d:50:e7:dc:45:b1:d0:dd:76:81:be:e7:f2:f5:
f6:4e:cd:f4:6e:d8:70:61:42:65:ee:a5:27:5c:6c:ce:f8:e9:
b0:9f:1b:ba:88:06:26:ac:0f:b1:46:72:db:ab:11:89:6e:bd:
e1:1e:29:e2:de:5b:9e:25:61:aa:3e:1e:a7:04:d7:72:20:78:
67:dc:f4:8f:5e:95:ae:ca:90:dd:e3:14:ce:34:32:76:91:62:
9a:c5:d2:85:02:b4:dc:b9:c0:13:2e:19:ea:1c:70:17:52:0d:
1d:74:8b:99:53:84:d2:31:af:89:c9:36:4b:3c:48:26:51:64:
76:d7:08:e5:29:c8:6d:b1:3c:7d:14:0d:95:e1:2e:fd:66:2a:
39:d5:66:33:15:da:ea:a2:cf:70:9a:2e:4a:9d:ab:70:43:73:
83:fe:77:39:1b:21:75:38:e1:0c:84:32:97:5d:96:02:70:f4:
4d:d3:6c:3f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUK2XYT/PkfltHNMQwS5aikLcXLsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjOWI3ZWM5NmEyNGRlNWI1YTNjYWQyMzllOTZkNjI2YzFhNDJkM2MyMWY1
MzcyOWQ4OTAxYjhkZTliNzhmMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1ykbxKLEQ9mfmf2TUm5Powe/R/4wBA0Dc7Wn20aLcEtc8VBp75JvpQzdIw
RJ9GHDe2znjk3Cb42tZXzI/C49o6h9do5KoOugdRJL5As+ekHatiyo0FduNsyzEa
xjtO0TCI8jWio8FKc7YVZjYcRSpB1fdI/aKVwhnc4rHDKo7kb1iU7O4z5vMtdDzG
kJefaznZCzxXfGsvLgFYkOVaUKTTpVZkUAmSLn21pdenIslt4i9X4+77E8K+8Nd8
VQYKEcTiwdb/TG8DKnPJ1Sr/4uRi9+pOo1AmHumrcDyBjP+dqsbG5mzA3KnNP41C
BhvYysnpC25JgedawbzW2W2NOPMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTKUZ0u
ANPvEz8t/w6D4arKs14TKDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDU1ODVkZWQtY2FhOS00ODcwLTliOTctMjMyMThhYTc5NzgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAOSOqqXfmO4QW1hFbvYAsYTEf4yuqtYd6efz0ImcL
JYDLjUc0XqhJco4JNYN2BZlPffX3rXjHMPby7IQK37Zv2nDn/uG6QdvUD5HCsI1Q
59xFsdDddoG+5/L19k7N9G7YcGFCZe6lJ1xszvjpsJ8buogGJqwPsUZy26sRiW69
4R4p4t5bniVhqj4epwTXciB4Z9z0j16VrsqQ3eMUzjQydpFimsXShQK03LnAEy4Z
6hxwF1INHXSLmVOE0jGvick2SzxIJlFkdtcI5SnIbbE8fRQNleEu/WYqOdVmMxXa
6qLPcJouSp2rcENzg/53ORshdTjhDIQyl12WAnD0TdNsPw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org