Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa
File: 248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa (raw, json)
Hash identifier: C5ntgBHHU+YWrbZS0HLnMJUbg/Jd7mWLWYfl/+7WAvk=
Subject key identifier: 2C:A6:23:00:E0:4B:72:35:BD:B6:88:45:53:01:F1:F8:62:03:1A:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B52F438841336C3E2A0273171DA10E0D3C18550
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:52:f4:38:84:13:36:c3:e2:a0:27:31:71:da:10:e0:d3:c1:85:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=89a2645d71f273f06d583baa9d3adc52b50c38f37adc8f5867beff3c26b235a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0b:ac:b2:e8:9d:4a:5b:cd:65:2a:b3:b3:06:
27:0d:fb:e8:6f:96:22:e5:4d:e4:f4:e5:06:9a:f3:
1f:32:8b:53:60:ce:b8:e7:53:21:08:3f:97:0c:b4:
e7:25:cc:4e:b8:64:60:4b:38:aa:1e:09:0c:00:d0:
43:02:2b:0a:89:24:44:a2:bf:38:e8:9e:ff:2a:de:
a7:c1:45:da:24:33:d8:43:8f:6c:56:3a:b4:2c:36:
61:ea:98:66:a1:dd:cd:b0:10:63:8b:3a:22:ba:65:
a7:24:23:27:28:bc:d6:ff:99:86:30:15:ec:25:4d:
1a:7f:03:4e:d2:91:b4:5e:b9:f2:02:22:b9:f0:7a:
37:79:28:3a:8f:31:66:0f:16:7f:10:d1:64:ac:89:
ff:10:75:4a:32:6c:e5:b1:88:0f:19:90:d6:ed:d1:
23:81:f4:f9:d4:10:af:09:c1:22:8a:ec:7f:48:9e:
49:a5:48:6f:24:8f:71:a1:e9:80:b6:26:a9:f7:d1:
e8:fd:bc:1b:9e:2b:7f:a7:5d:32:aa:98:8a:87:5b:
0f:bb:9e:2f:24:a3:a0:2e:8a:77:55:43:2f:85:a9:
e6:55:fe:5b:b1:d2:46:6b:d7:41:f8:2c:f5:b2:c2:
d1:f9:94:02:f8:93:13:89:e0:c7:58:5f:47:2d:5d:
96:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A6:23:00:E0:4B:72:35:BD:B6:88:45:53:01:F1:F8:62:03:1A:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
24:55:7e:01:63:af:49:9b:cd:ed:d5:46:09:9b:06:aa:0f:8a:
f6:ee:90:66:79:56:67:9b:31:a0:8a:03:24:ec:d6:46:d2:bd:
0e:3d:63:7d:7b:39:ee:94:5a:35:df:98:3d:d8:08:6d:45:09:
58:bf:5a:61:db:83:fe:3f:44:1f:21:13:8c:8a:3e:5b:24:d4:
b6:5d:35:c5:81:4c:73:6c:04:76:7e:3f:76:de:40:03:68:e5:
f3:e2:d8:88:ca:df:cf:a0:e7:ac:2d:6b:e0:28:47:a8:5d:2a:
77:5d:13:c8:10:e3:a4:1a:0d:d0:fe:5a:2f:3d:c0:22:bd:0f:
23:45:e9:e9:6a:66:e6:6c:0e:5b:b9:e0:b2:ca:a1:fc:f5:cc:
7b:78:28:6e:45:41:e7:a6:37:b4:ce:31:17:6f:7f:a6:31:97:
3a:42:c7:52:5f:21:94:c0:5c:b6:90:a4:5a:58:c9:95:43:d7:
61:45:f2:16:99:b6:0d:60:ea:08:e8:4e:c3:70:dd:ef:1a:d8:
86:ee:6f:0f:70:36:e2:b9:96:bf:f7:b2:04:26:0a:fd:9e:95:
41:b6:18:28:d5:f8:4e:58:81:36:aa:95:02:5a:b4:28:95:a9:
b4:d0:b1:95:cf:fe:42:93:93:3b:c5:8e:80:9a:c7:30:a2:28:
19:45:bd:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK1L0OIQTNsPioCcxcdoQ4NPBhVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5YTI2NDVkNzFmMjczZjA2ZDU4M2JhYTlkM2FkYzUyYjUwYzM4ZjM3YWRj
OGY1ODY3YmVmZjNjMjZiMjM1YTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANULrLLonUpbzWUqs7MGJw376G+WIuVN5PTlBprzHzKLU2DOuOdTIQg/lwy0
5yXMTrhkYEs4qh4JDADQQwIrCokkRKK/OOie/yrep8FF2iQz2EOPbFY6tCw2YeqY
ZqHdzbAQY4s6IrplpyQjJyi81v+ZhjAV7CVNGn8DTtKRtF658gIiufB6N3koOo8x
Zg8WfxDRZKyJ/xB1SjJs5bGIDxmQ1u3RI4H0+dQQrwnBIorsf0ieSaVIbySPcaHp
gLYmqffR6P28G54rf6ddMqqYiodbD7ueLySjoC6Kd1VDL4Wp5lX+W7HSRmvXQfgs
9bLC0fmUAviTE4ngx1hfRy1dltECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQspiMA
4EtyNb22iEVTAfH4YgMagjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ4YWIxYTgtOGUxOS00YWQ0LWEyOWEtZDViODk3MWEyNzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQAkVX4BY69Jm83t1UYJmwaqD4r27pBmeVZnmzGgigMk
7NZG0r0OPWN9eznulFo135g92AhtRQlYv1ph24P+P0QfIROMij5bJNS2XTXFgUxz
bAR2fj923kADaOXz4tiIyt/PoOesLWvgKEeoXSp3XRPIEOOkGg3Q/lovPcAivQ8j
RenpambmbA5bueCyyqH89cx7eChuRUHnpje0zjEXb3+mMZc6QsdSXyGUwFy2kKRa
WMmVQ9dhRfIWmbYNYOoI6E7DcN3vGtiG7m8PcDbiuZa/97IEJgr9npVBthgo1fhO
WIE2qpUCWrQolam00LGVz/5Ck5M7xY6AmscwoigZRb2Q
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org