Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: HR+7jwRjXRnhdx8UVp0OIS3iq3E3jIRhJG/64F2wv0Y=
Subject key identifier: 78:52:5B:AD:E9:DC:50:6E:FA:44:B5:FC:DD:19:C3:B2:C3:C0:28:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54D1BA8E15B388DF49C2A7EAF1CD3EE948D98905
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:d1:ba:8e:15:b3:88:df:49:c2:a7:ea:f1:cd:3e:e9:48:d9:89:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9e51beddc9da9916f2801dc0a57bfadaecfc275aa43e1e045d50ca1f51f7e78f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b9:5a:a2:de:af:82:4e:ea:65:be:97:36:42:
e1:a5:85:c9:c4:49:e8:1d:d5:b8:9b:13:eb:d5:72:
63:4c:d3:fc:c9:27:34:07:9e:80:dd:7e:b7:e2:be:
39:31:7d:fc:a0:19:58:0f:c5:74:8d:ba:3a:3d:5f:
7a:31:29:44:92:e5:0f:d3:2f:a6:fb:9c:b2:2b:11:
c2:b5:b1:f2:c3:37:ac:5c:6c:a8:09:69:06:b9:2a:
e1:cf:e3:95:6e:8f:d7:de:b2:1c:63:02:4b:38:38:
0c:c1:f1:09:ce:50:03:d5:36:5e:a5:3e:63:ab:fe:
46:77:fc:0e:5c:6f:c2:54:b8:1e:83:53:97:b1:97:
2f:6c:b5:65:ce:90:22:82:a1:5f:09:79:a5:6d:db:
02:b2:63:aa:93:25:71:20:b4:2c:3b:1a:c3:6b:2a:
46:dd:3f:72:bc:f2:9f:4b:c0:1d:96:ca:cb:e2:a4:
8a:d8:e9:00:30:79:ae:d6:7d:14:b4:3f:18:ba:77:
f9:b1:54:24:ad:aa:1c:e2:09:75:8e:4d:0b:73:ee:
bd:ec:7c:a0:90:1c:48:01:ac:28:9c:86:90:52:7d:
b1:be:48:b0:49:0b:a5:3c:10:ac:22:6e:36:4e:d4:
4f:7b:3b:6a:d1:ee:70:84:75:57:a3:a0:c0:2c:fb:
70:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:52:5B:AD:E9:DC:50:6E:FA:44:B5:FC:DD:19:C3:B2:C3:C0:28:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:23:b3:14:46:66:c5:c3:90:6b:ac:7d:c5:8e:7e:37:d2:d0:
8d:09:9b:ad:88:8e:04:41:67:bb:35:93:87:08:b4:50:6b:da:
71:2b:12:bd:f9:03:34:e8:a4:46:3d:b7:24:e5:da:3d:d4:99:
20:c8:a0:51:c9:3d:dd:7d:b2:2d:af:2c:a0:20:96:7b:36:04:
4d:df:de:1f:ab:50:d1:a4:4c:17:6e:b4:4e:65:16:e7:04:28:
e8:a7:00:d2:bf:2b:77:49:cf:ec:4d:21:7e:21:88:ca:5b:07:
96:73:d3:b3:0e:ce:9b:e4:a9:de:3b:6d:4a:33:e0:96:56:8a:
25:a2:fb:7e:c5:b3:c0:95:c2:ec:bc:fb:6c:92:54:d7:b1:94:
38:74:b4:b5:30:54:ee:0b:fb:d6:ca:50:42:7d:f3:5b:b7:ca:
31:8b:2a:3b:c1:04:62:3b:c8:f6:42:b0:fb:7a:2c:c7:3c:86:
06:5d:a8:2d:5c:38:c6:5b:22:a7:24:3a:71:7e:8f:e7:a8:77:
38:bd:6a:a0:43:5b:de:28:0f:4e:f6:d0:90:90:65:a8:e8:06:
b1:83:b2:1e:61:bf:a9:05:bd:15:9f:39:0b:31:7b:b6:ff:31:
90:bb:3f:c0:3f:06:63:e6:b1:28:62:85:8d:4c:b5:b1:d4:0a:
d3:9a:fd:c9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVNG6jhWziN9Jwqfq8c0+6UjZiQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNTFiZWRkYzlkYTk5MTZmMjgwMWRjMGE1N2JmYWRhZWNmYzI3NWFhNDNl
MWUwNDVkNTBjYTFmNTFmN2U3OGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMa5WqLer4JO6mW+lzZC4aWFycRJ6B3VuJsT69VyY0zT/MknNAeegN1+t+K+
OTF9/KAZWA/FdI26Oj1fejEpRJLlD9MvpvucsisRwrWx8sM3rFxsqAlpBrkq4c/j
lW6P196yHGMCSzg4DMHxCc5QA9U2XqU+Y6v+Rnf8DlxvwlS4HoNTl7GXL2y1Zc6Q
IoKhXwl5pW3bArJjqpMlcSC0LDsaw2sqRt0/crzyn0vAHZbKy+KkitjpADB5rtZ9
FLQ/GLp3+bFUJK2qHOIJdY5NC3Puvex8oJAcSAGsKJyGkFJ9sb5IsEkLpTwQrCJu
Nk7UT3s7atHucIR1V6OgwCz7cPUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4Ulut
6dxQbvpEtfzdGcOyw8AoTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQBoI7MURmbFw5BrrH3Fjn430tCNCZutiI4EQWe7NZOH
CLRQa9pxKxK9+QM06KRGPbck5do91JkgyKBRyT3dfbItryygIJZ7NgRN394fq1DR
pEwXbrROZRbnBCjopwDSvyt3Sc/sTSF+IYjKWweWc9OzDs6b5KneO21KM+CWVool
ovt+xbPAlcLsvPtsklTXsZQ4dLS1MFTuC/vWylBCffNbt8oxiyo7wQRiO8j2QrD7
eizHPIYGXagtXDjGWyKnJDpxfo/nqHc4vWqgQ1veKA9O9tCQkGWo6Aaxg7IeYb+p
Bb0VnzkLMXu2/zGQuz/APwZj5rEoYoWNTLWx1ArTmv3J
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org