Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: cVtZVTslqXA2zS6fnN379fwxEU44Ux5t6NuUIAPoGcw=
Subject key identifier: CD:7A:6A:92:94:F7:AC:CC:7F:2D:AB:69:2E:CD:D5:51:A0:EC:2D:B6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1574B1E794AF8F6BE43A11B18EF5BD1DDA6D9A1B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:74:b1:e7:94:af:8f:6b:e4:3a:11:b1:8e:f5:bd:1d:da:6d:9a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=dc67346126680660f0060d25961e2a6ad2bc6480087b119c5413b3c27ff03257, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d3:60:fe:24:1e:75:ad:9b:77:9f:8e:e5:d8:
67:3e:45:4f:7d:ea:1f:b5:2e:6a:3a:15:97:04:92:
86:78:e3:59:45:f8:8c:91:08:88:8e:e8:68:3d:00:
3a:5d:d4:56:76:16:34:ac:3c:af:9d:83:da:03:ea:
96:3b:4d:03:a5:1e:d5:55:fc:39:43:fb:ca:bd:8b:
31:ad:8d:9b:97:f1:f1:f0:64:11:a6:9d:bd:66:f2:
97:01:5f:65:a5:a4:3f:a0:4c:57:7a:49:55:2d:8b:
d3:48:97:0f:70:b6:ed:50:ad:5e:f8:ba:d2:e6:1f:
f6:3a:62:eb:53:ad:92:64:a6:f3:c9:22:ef:77:81:
7b:5e:ff:89:cc:bd:38:89:14:b6:d7:df:d2:f4:60:
8d:89:32:3c:3b:96:76:18:92:75:8e:43:75:1c:e0:
3f:36:0a:70:c3:1a:14:e5:90:ec:9f:a1:f0:85:13:
ab:61:43:fe:cf:ed:b8:8c:f8:bd:a8:df:c9:47:af:
53:51:24:67:be:e7:bc:0e:e5:ae:7f:be:c8:c0:ec:
73:c7:0a:5d:b6:c0:7c:e1:40:9c:6b:de:f0:54:05:
06:d9:44:fb:d0:66:74:7f:cd:ab:48:72:ca:15:c7:
6f:6d:f5:d9:da:dd:10:4d:a6:77:05:35:46:d5:38:
7a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7A:6A:92:94:F7:AC:CC:7F:2D:AB:69:2E:CD:D5:51:A0:EC:2D:B6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:6a:a2:47:dc:c3:9d:a6:74:60:e2:a0:84:63:b6:2c:88:cc:
a0:0c:aa:1d:fc:a6:94:f6:23:02:c4:18:02:6e:ec:cc:07:12:
ab:f0:11:b7:45:5d:ea:56:b0:df:0f:bd:9b:b0:e2:7d:e1:a4:
c8:94:4c:63:79:b9:2f:7a:57:db:a4:02:08:fd:7d:01:d5:0e:
46:0e:ea:6d:77:13:06:60:4e:7d:e3:8b:98:06:f1:12:11:45:
91:b1:30:fb:82:bf:4e:02:86:cb:b8:5b:f3:55:b0:36:a5:b3:
cb:55:8f:35:9f:33:66:07:a6:5b:c4:c8:c4:50:17:83:0d:7e:
3a:46:1f:8a:d8:b3:dc:b6:15:ec:7b:9a:22:08:27:de:9c:f1:
b9:96:ca:80:a2:7c:6e:8d:c3:38:17:e2:84:ee:01:87:53:af:
c2:03:2f:82:23:d6:59:a5:75:91:8e:de:73:a3:0b:30:23:06:
6d:45:2a:c4:40:ad:40:af:e2:9d:9f:e1:aa:2b:fa:c4:12:a1:
3f:04:0f:aa:3c:47:86:92:ee:33:8a:92:a4:90:79:6f:7c:7a:
db:a7:fc:eb:3d:5c:11:97:e2:6b:8d:93:a2:1a:9a:dd:2a:72:
58:70:3c:37:35:f7:e3:e1:ec:27:20:95:81:bc:75:80:73:c3:
c0:c7:4c:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFXSx55Svj2vkOhGxjvW9HdptmhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNjczNDYxMjY2ODA2NjBmMDA2MGQyNTk2MWUyYTZhZDJiYzY0ODAwODdi
MTE5YzU0MTNiM2MyN2ZmMDMyNTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXTYP4kHnWtm3efjuXYZz5FT33qH7UuajoVlwSShnjjWUX4jJEIiI7oaD0A
Ol3UVnYWNKw8r52D2gPqljtNA6Ue1VX8OUP7yr2LMa2Nm5fx8fBkEaadvWbylwFf
ZaWkP6BMV3pJVS2L00iXD3C27VCtXvi60uYf9jpi61OtkmSm88ki73eBe17/icy9
OIkUttff0vRgjYkyPDuWdhiSdY5DdRzgPzYKcMMaFOWQ7J+h8IUTq2FD/s/tuIz4
vajfyUevU1EkZ77nvA7lrn++yMDsc8cKXbbAfOFAnGve8FQFBtlE+9BmdH/Nq0hy
yhXHb2312drdEE2mdwU1RtU4euUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNemqS
lPeszH8tq2kuzdVRoOwttjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAGaqJH3MOdpnRg4qCEY7YsiMygDKod/KaU9iMCxBgC
buzMBxKr8BG3RV3qVrDfD72bsOJ94aTIlExjebkvelfbpAII/X0B1Q5GDuptdxMG
YE5944uYBvESEUWRsTD7gr9OAobLuFvzVbA2pbPLVY81nzNmB6ZbxMjEUBeDDX46
Rh+K2LPcthXse5oiCCfenPG5lsqAonxujcM4F+KE7gGHU6/CAy+CI9ZZpXWRjt5z
owswIwZtRSrEQK1Ar+Kdn+GqK/rEEqE/BA+qPEeGku4zipKkkHlvfHrbp/zrPVwR
l+JrjZOiGprdKnJYcDw3Nffj4ewnIJWBvHWAc8PAx0y7
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org