Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
File: 1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa (raw, json)
Hash identifier: efFKTw8d85RCmMc/AI8sZBfeQHsZbDsC3cqxhugOZaE=
Subject key identifier: 15:BA:80:0E:5B:86:82:D0:33:08:F5:D8:14:0C:91:EF:6A:70:9B:05
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2384858310E94DD07B575F74D373DFA7CB50B54A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:84:85:83:10:e9:4d:d0:7b:57:5f:74:d3:73:df:a7:cb:50:b5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=f1c816094bc009bf299423fea660132e1e05cba12d0ad53004a4ce915dc3cc18, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:99:60:af:15:8d:13:fa:ec:c8:d7:e5:56:bf:
9b:3c:a3:bf:67:41:37:de:cc:51:6b:cc:1b:c4:3a:
99:30:64:55:2f:b7:ff:c3:d3:d2:09:24:a5:02:c5:
37:0d:92:d5:68:a4:2c:db:0b:34:35:af:86:8a:38:
35:6f:71:8c:d8:e5:ec:8e:c7:34:47:ea:87:fd:01:
61:db:d8:a9:6f:7b:27:ba:51:96:6a:18:53:01:f1:
bd:78:49:79:66:90:31:d2:bb:3a:23:9f:46:9d:44:
6a:31:2f:86:fc:4f:4f:05:c1:6e:3d:d9:57:f3:75:
11:f4:52:01:17:ba:1f:6f:4f:e5:70:c7:54:06:35:
a2:d0:d7:35:f1:37:bb:f7:49:97:a7:b8:64:74:fb:
d8:8b:50:6c:32:63:71:00:82:7d:02:a0:7f:b3:4a:
e9:0e:f9:d2:15:5c:37:d0:89:14:a0:93:06:ba:a5:
ef:f2:4d:97:e4:40:91:13:5e:3a:4d:a9:2b:f8:36:
24:98:e6:e1:0b:07:65:df:ac:06:9b:e0:34:7b:08:
2f:4a:d2:a1:8c:84:12:f4:ba:7a:61:6b:a5:a8:bf:
6f:97:c0:41:0a:26:b3:fc:c1:5a:73:27:c0:0c:ed:
79:78:27:27:4d:38:c6:bd:60:c3:07:a5:01:fc:6e:
65:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BA:80:0E:5B:86:82:D0:33:08:F5:D8:14:0C:91:EF:6A:70:9B:05
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b4aeeaa-d6a8-481f-b6aa-bee14f4e80be.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:6e:b5:b6:51:0f:59:70:89:91:a1:fd:44:f3:7e:bf:6f:f3:
32:52:c1:51:cb:d6:c1:3d:51:3d:2f:a1:a5:58:5e:0f:e1:f1:
76:aa:52:b2:d6:9a:12:62:d6:9b:7e:bb:23:13:2d:fe:2d:60:
06:62:b7:ef:34:31:39:47:ef:de:38:89:6e:5b:0d:8d:d5:c5:
6c:3f:2c:24:52:b0:66:87:8d:c3:45:54:19:da:eb:01:f1:32:
4a:bd:4a:65:74:32:cb:3b:2c:d8:13:e4:3b:71:02:6b:53:05:
59:95:39:bd:b5:b9:1c:f6:95:50:03:6c:98:dd:dc:25:68:ee:
3d:e6:92:4a:7b:5a:a2:92:14:c9:2c:82:c4:92:57:c2:6a:6e:
fd:a0:79:fd:0a:61:43:cb:0c:90:f2:d4:6e:98:5f:cd:d3:72:
86:47:f0:8e:91:85:30:4b:a4:8c:63:49:82:41:1a:10:96:05:
98:49:56:b6:e4:20:e5:37:d2:dc:03:90:2c:f7:29:3b:db:ec:
46:60:4d:5c:5f:16:39:f4:d1:6e:50:42:ba:bc:77:a8:7e:b3:
51:27:bc:d8:8c:46:39:43:f4:12:ab:6c:ba:99:04:7e:a7:09:
82:6d:aa:cb:8e:d6:91:b0:a1:09:2f:fd:91:6f:4e:d7:44:22:
0d:eb:de:5f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI4SFgxDpTdB7V19003Pfp8tQtUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYzgxNjA5NGJjMDA5YmYyOTk0MjNmZWE2NjAxMzJlMWUwNWNiYTEyZDBh
ZDUzMDA0YTRjZTkxNWRjM2NjMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCZYK8VjRP67MjX5Va/mzyjv2dBN97MUWvMG8Q6mTBkVS+3/8PT0gkkpQLF
Nw2S1WikLNsLNDWvhoo4NW9xjNjl7I7HNEfqh/0BYdvYqW97J7pRlmoYUwHxvXhJ
eWaQMdK7OiOfRp1EajEvhvxPTwXBbj3ZV/N1EfRSARe6H29P5XDHVAY1otDXNfE3
u/dJl6e4ZHT72ItQbDJjcQCCfQKgf7NK6Q750hVcN9CJFKCTBrql7/JNl+RAkRNe
Ok2pK/g2JJjm4QsHZd+sBpvgNHsIL0rSoYyEEvS6emFrpai/b5fAQQoms/zBWnMn
wAzteXgnJ004xr1gwwelAfxuZVECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVuoAO
W4aC0DMI9dgUDJHvanCbBTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWI0YWVlYWEtZDZhOC00ODFmLWI2YWEtYmVlMTRmNGU4MGJlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQB0brW2UQ9ZcImRof1E836/b/MyUsFRy9bBPVE9L6Gl
WF4P4fF2qlKy1poSYtabfrsjEy3+LWAGYrfvNDE5R+/eOIluWw2N1cVsPywkUrBm
h43DRVQZ2usB8TJKvUpldDLLOyzYE+Q7cQJrUwVZlTm9tbkc9pVQA2yY3dwlaO49
5pJKe1qikhTJLILEklfCam79oHn9CmFDywyQ8tRumF/N03KGR/COkYUwS6SMY0mC
QRoQlgWYSVa25CDlN9LcA5As9yk72+xGYE1cXxY59NFuUEK6vHeofrNRJ7zYjEY5
Q/QSq2y6mQR+pwmCbarLjtaRsKEJL/2Rb07XRCIN695f
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org