Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
File: 28d63060-33be-4a3e-88dd-24f87af67dd4.roa (raw, json)
Hash identifier: pEeIyV6dUb9BCszhYO+kAcEiPp30NGHXq7xMaXqKKB8=
Subject key identifier: 83:F1:5E:BF:6B:94:7A:71:B5:8D:FE:B9:8E:05:FF:93:05:DB:0D:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 626207F952BAEDC8001273107AC86A891639CCC5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:62:07:f9:52:ba:ed:c8:00:12:73:10:7a:c8:6a:89:16:39:cc:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=4caedab22378540cc86310b8875175c0f0be18685de8d16d3de091a5bbeec2b7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9e:2e:94:bb:13:ca:cd:54:e3:04:3d:fb:1a:
ae:90:24:f9:9f:e2:1a:32:81:40:6a:2c:e4:e4:af:
67:3e:0d:8f:2b:96:33:4a:e9:09:a0:d2:b8:9f:60:
d4:06:66:a5:18:31:ab:41:4f:45:5d:e6:b7:2f:2d:
a6:20:da:f1:e1:83:5a:1d:db:26:0f:d6:a6:3a:0f:
da:9c:04:cc:ce:57:21:ad:24:4f:1c:14:4c:39:60:
03:3a:98:58:26:36:52:a0:8a:1d:64:98:8f:10:75:
f8:a0:17:93:3d:cf:0b:65:82:85:68:53:b2:d4:e9:
ad:57:6b:3c:d1:b4:96:ed:14:a7:8d:00:6d:a6:d9:
7a:ba:cd:5b:a1:7f:92:6f:8e:67:87:06:27:38:87:
9d:59:d1:99:85:a2:cc:3e:67:37:1f:b5:88:c8:56:
cf:4f:cd:89:4b:00:76:c0:65:0d:5d:fa:2c:b1:bc:
34:57:48:39:ac:2b:fc:b3:d0:5a:a7:0f:ed:2f:e8:
0e:19:fb:00:c3:b1:6e:2f:96:cd:bf:27:f1:9b:6f:
3b:bc:bb:2d:f9:0a:47:98:97:35:56:c4:87:c8:a1:
85:3f:32:99:44:4a:c9:22:9b:5c:1f:3a:ef:bf:de:
1e:28:8f:d4:5b:79:0a:37:2f:cb:d1:b9:92:2a:db:
0e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F1:5E:BF:6B:94:7A:71:B5:8D:FE:B9:8E:05:FF:93:05:DB:0D:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/28d63060-33be-4a3e-88dd-24f87af67dd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
07:7e:77:ef:ad:33:5b:e9:9f:be:99:f2:88:16:64:3d:0e:ca:
5e:dd:0b:60:9d:bf:0f:33:1a:5e:27:80:30:50:f3:fb:42:00:
fc:17:22:26:28:1e:9d:3e:81:94:63:4a:fb:a4:40:e2:18:02:
3d:8b:db:f2:ce:4e:47:7c:a4:a4:a6:fa:4c:0e:ee:1e:4c:13:
1b:73:91:40:ce:58:14:ad:cf:71:7d:c5:6e:ba:ff:68:7f:bf:
dc:2f:b5:a2:d5:c7:97:64:41:c1:bc:f7:2d:ba:26:f7:cf:38:
eb:8f:f0:c1:5d:f1:c6:6c:ae:f5:73:d9:41:6d:81:1b:ab:74:
b0:a4:2c:9a:b3:35:80:ca:43:2c:0f:91:af:a4:dd:db:04:80:
15:e8:a7:ae:3f:0e:87:c1:83:25:1d:e5:b2:8a:d8:33:9d:65:
f6:60:62:e7:37:c5:7e:2e:e0:64:00:d7:b2:c7:70:a3:67:ed:
f6:d5:47:92:25:27:da:81:dd:2c:d2:65:66:2f:ae:34:91:29:
f6:c0:88:57:65:54:de:d4:bb:71:b6:f7:27:18:dd:14:38:29:
f0:dc:b6:21:71:07:ed:82:a8:fe:dc:0c:96:17:e9:4f:37:07:
df:5c:ab:4f:25:eb:87:a3:3d:46:9b:d4:e8:16:f0:15:83:f8:
97:4b:11:d0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYmIH+VK67cgAEnMQeshqiRY5zMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjYWVkYWIyMjM3ODU0MGNjODYzMTBiODg3NTE3NWMwZjBiZTE4Njg1ZGU4
ZDE2ZDNkZTA5MWE1YmJlZWMyYjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKieLpS7E8rNVOMEPfsarpAk+Z/iGjKBQGos5OSvZz4NjyuWM0rpCaDSuJ9g
1AZmpRgxq0FPRV3mty8tpiDa8eGDWh3bJg/WpjoP2pwEzM5XIa0kTxwUTDlgAzqY
WCY2UqCKHWSYjxB1+KAXkz3PC2WChWhTstTprVdrPNG0lu0Up40AbabZerrNW6F/
km+OZ4cGJziHnVnRmYWizD5nNx+1iMhWz0/NiUsAdsBlDV36LLG8NFdIOawr/LPQ
WqcP7S/oDhn7AMOxbi+Wzb8n8ZtvO7y7LfkKR5iXNVbEh8ihhT8ymURKySKbXB86
77/eHiiP1Ft5Cjcvy9G5kirbDr0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSD8V6/
a5R6cbWN/rmOBf+TBdsNzjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjhkNjMwNjAtMzNiZS00YTNlLTg4ZGQtMjRmODdhZjY3ZGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAB353760zW+mfvpnyiBZkPQ7KXt0LYJ2/DzMaXieA
MFDz+0IA/BciJigenT6BlGNK+6RA4hgCPYvb8s5OR3ykpKb6TA7uHkwTG3ORQM5Y
FK3PcX3Fbrr/aH+/3C+1otXHl2RBwbz3Lbom988464/wwV3xxmyu9XPZQW2BG6t0
sKQsmrM1gMpDLA+Rr6Td2wSAFeinrj8Oh8GDJR3lsorYM51l9mBi5zfFfi7gZADX
ssdwo2ft9tVHkiUn2oHdLNJlZi+uNJEp9sCIV2VU3tS7cbb3JxjdFDgp8Ny2IXEH
7YKo/twMlhfpTzcH31yrTyXrh6M9RpvU6BbwFYP4l0sR0A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org