Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
File: 06d20303-8537-47c7-bd75-8dea01488a0a.roa (raw, json)
Hash identifier: wY5fZlmyx/DTZQRADXuwWopsRjyb6XWIyDciQJCDtiY=
Subject key identifier: 2E:11:4A:74:82:BF:BB:A0:CD:15:74:D9:CF:3F:52:FE:24:67:50:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 743EB56E2311CE1E1EC97AC1F44A938C6664E2E1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:3e:b5:6e:23:11:ce:1e:1e:c9:7a:c1:f4:4a:93:8c:66:64:e2:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=3b99643753e84d49ae3fdd4b01ae8eb2d15aff1d3f1c277f76af39ea6c3075bb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:e0:18:51:21:e4:01:3b:b8:c2:5b:ec:1f:
44:b7:3a:a4:71:e3:cb:23:71:0d:54:62:1f:6b:02:
21:da:e8:9c:c5:b9:c4:b2:4c:ab:7a:e3:5b:4a:f8:
4e:54:ef:c2:c1:49:a9:a2:54:a4:e0:26:1b:21:a2:
97:99:86:53:04:37:02:1d:86:ca:8a:44:13:24:d2:
45:13:e0:79:4d:a1:8e:45:0c:79:87:e4:a1:e7:73:
55:08:c9:da:32:5f:42:0f:73:e6:4d:5c:52:9b:e3:
7e:24:d7:b1:45:f4:5d:1d:60:d2:bf:5c:93:13:85:
97:24:ea:a8:30:da:f0:33:14:d2:09:d8:8b:ca:d2:
65:86:c4:dd:fb:da:45:a1:12:c6:38:3b:15:4d:d2:
c4:4a:14:43:24:25:8e:bf:0d:a0:c1:9d:2b:5e:00:
6d:58:be:2b:08:1e:2b:a6:ed:64:92:38:5a:c5:f8:
36:ac:92:67:de:a3:ba:f4:00:4f:45:69:e7:c1:ee:
18:92:46:32:df:e0:ff:ce:6e:ff:d5:1c:e3:ac:86:
14:d4:29:20:a0:60:5e:fe:35:6c:ab:b6:21:51:10:
94:a2:b9:58:bf:fb:5f:0c:1c:a0:85:13:02:30:06:
c2:8c:9c:34:e3:b6:7b:1c:9d:d5:10:2f:33:d1:c1:
9a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:11:4A:74:82:BF:BB:A0:CD:15:74:D9:CF:3F:52:FE:24:67:50:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/24
Signature Algorithm: sha256WithRSAEncryption
54:af:a3:57:f7:a1:a9:55:a9:1b:d4:33:25:71:82:6b:b6:2b:
23:14:64:89:6c:bf:e9:91:9e:5a:eb:05:7e:2f:04:c0:5e:35:
f6:e7:ac:fb:b0:ac:91:f6:6f:a9:a6:c2:a0:9e:46:be:9d:a5:
8a:10:39:28:1f:3d:35:1a:cc:8d:f3:98:7a:a8:8c:66:35:0d:
dd:ee:6a:88:b1:22:7b:6b:58:c2:42:e1:c1:5a:0e:55:ed:20:
05:0a:d0:4d:3c:9c:c8:73:58:d4:20:2d:37:4a:b8:ee:ae:f2:
f9:80:bf:04:26:92:83:e8:3f:f7:20:d2:46:6b:7b:3b:4d:81:
29:08:49:e8:47:15:14:cd:6b:ac:eb:d2:18:cc:65:4e:30:19:
0c:ed:eb:85:32:8d:26:64:b0:43:3d:34:03:a2:fc:a6:2d:03:
f8:20:95:da:b9:e4:f8:10:d0:c1:52:6c:1a:0b:70:5e:35:0d:
79:ae:d7:e8:83:1b:67:fe:96:09:b9:9b:d8:f4:70:49:85:5c:
ea:da:1d:a4:cb:d5:99:44:8a:39:ea:ce:35:44:8f:b8:d0:42:
d6:a6:f1:0a:38:e5:1a:0b:65:eb:93:0d:d3:09:4e:62:81:a5:
81:95:60:ea:19:9c:2d:f8:b0:97:7c:41:ac:50:6f:6e:43:fa:
01:b3:25:40
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdD61biMRzh4eyXrB9EqTjGZk4uEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiOTk2NDM3NTNlODRkNDlhZTNmZGQ0YjAxYWU4ZWIyZDE1YWZmMWQzZjFj
Mjc3Zjc2YWYzOWVhNmMzMDc1YmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZV4BhRIeQBO7jCW+wfRLc6pHHjyyNxDVRiH2sCIdronMW5xLJMq3rjW0r4
TlTvwsFJqaJUpOAmGyGil5mGUwQ3Ah2GyopEEyTSRRPgeU2hjkUMeYfkoedzVQjJ
2jJfQg9z5k1cUpvjfiTXsUX0XR1g0r9ckxOFlyTqqDDa8DMU0gnYi8rSZYbE3fva
RaESxjg7FU3SxEoUQyQljr8NoMGdK14AbVi+KwgeK6btZJI4WsX4NqySZ96juvQA
T0Vp58HuGJJGMt/g/85u/9Uc46yGFNQpIKBgXv41bKu2IVEQlKK5WL/7XwwcoIUT
AjAGwoycNOO2exyd1RAvM9HBmhECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQuEUp0
gr+7oM0VdNnPP1L+JGdQGDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZkMjAzMDMtODUzNy00N2M3LWJkNzUtOGRlYTAxNDg4YTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAVK+jV/ehqVWpG9QzJXGCa7YrIxRkiWy/6ZGeWusF
fi8EwF419ues+7CskfZvqabCoJ5Gvp2lihA5KB89NRrMjfOYeqiMZjUN3e5qiLEi
e2tYwkLhwVoOVe0gBQrQTTycyHNY1CAtN0q47q7y+YC/BCaSg+g/9yDSRmt7O02B
KQhJ6EcVFM1rrOvSGMxlTjAZDO3rhTKNJmSwQz00A6L8pi0D+CCV2rnk+BDQwVJs
GgtwXjUNea7X6IMbZ/6WCbmb2PRwSYVc6todpMvVmUSKOerONUSPuNBC1qbxCjjl
Ggtl65MN0wlOYoGlgZVg6hmcLfiwl3xBrFBvbkP6AbMlQA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org