Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
File: 2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa (raw, json)
Hash identifier: tAHhq9mX4cuICZOd5Sdg07aX7Y7yI/8Y7V7XJLUeMAY=
Subject key identifier: F3:D5:A8:EC:C9:8E:EB:AC:EB:9F:E1:54:EE:6D:54:BA:73:63:26:9F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B0D27322E783CFC5AF7673B4867146EEC153FB2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:0d:27:32:2e:78:3c:fc:5a:f7:67:3b:48:67:14:6e:ec:15:3f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=a7863e8c57049e7aac819402970c6c854186cd84d6f9c717eeb6fc7ad143314a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b0:4a:83:aa:17:f3:7d:ce:3e:99:16:c5:da:
ae:61:8b:f4:bb:6d:f7:a5:ba:29:a4:97:ec:4a:e0:
84:e5:09:4e:ae:a2:2b:f0:da:54:1d:f3:19:ab:5e:
34:9d:57:bb:e3:d9:47:3b:5c:8b:7d:99:34:1d:a6:
04:40:8d:c3:ee:6b:d0:dc:5e:bd:57:46:d4:e2:7d:
75:9a:5c:05:9a:25:d3:51:fe:6b:ef:6c:af:78:5e:
a4:5c:c3:37:f3:bc:da:2f:19:ff:b1:3d:19:d6:e5:
54:66:c9:a2:5c:30:c1:4f:8a:16:d7:7e:75:78:96:
b6:d9:e3:dd:c3:7c:7a:89:11:f2:90:f6:43:f2:54:
55:de:8d:66:1b:4a:c0:24:68:c9:af:52:80:ef:7e:
31:79:a8:9e:37:7a:58:d4:ea:12:c6:f5:7c:ac:73:
65:ed:4e:0b:86:71:2a:e9:25:fb:86:4c:ee:e3:db:
c5:ad:2a:8a:d4:41:82:7e:69:92:15:27:f4:70:64:
26:ba:09:84:c0:44:81:ad:7e:aa:9d:af:ea:61:0e:
f0:89:c9:66:01:19:14:8a:4a:93:34:73:40:9b:8d:
15:3f:47:f8:a8:37:94:06:91:30:d5:76:73:39:c0:
53:d1:c4:f4:82:1a:49:f2:b7:f3:3f:22:00:04:ac:
2b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D5:A8:EC:C9:8E:EB:AC:EB:9F:E1:54:EE:6D:54:BA:73:63:26:9F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2e1370a6-8da4-4b46-a9e0-f0f6dc87d9fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:23:4c:0e:c0:4b:3f:8f:2b:65:2f:3e:23:3b:3b:69:c1:41:
41:1c:04:12:27:f6:91:68:49:55:04:c2:70:2a:c1:95:80:02:
ea:4f:ad:b9:8e:31:57:09:8a:ec:2e:72:43:fd:3d:0a:f6:3e:
eb:e8:12:10:b3:39:3b:df:98:9a:78:3e:04:1e:ac:a3:ad:fb:
85:f7:a3:4e:2c:4f:7e:c1:52:59:e6:c5:82:2b:6a:26:46:08:
eb:0a:51:81:17:66:f1:72:ff:b9:17:64:91:17:5f:85:73:d7:
cb:91:84:bc:c7:f9:82:57:73:6e:4a:26:81:c1:37:c8:a4:2f:
c8:6d:dc:e6:e4:1f:12:ef:c7:25:df:d8:d0:c0:66:d1:ec:c4:
da:38:2f:48:f6:1e:2b:ee:30:7b:8c:a4:3a:0f:cf:a8:87:ad:
e7:49:2b:ad:19:c0:e3:72:ae:4f:ee:3a:43:c0:dc:ae:c3:6f:
9f:c7:f9:ba:ea:25:d7:11:f5:52:f5:57:72:55:d1:39:d9:a2:
e5:6a:18:12:3a:64:50:a6:bf:be:32:65:b5:ed:3c:54:fe:45:
17:20:97:d2:46:95:f6:a4:a3:d6:2e:88:d1:1d:fe:74:7a:45:
d5:66:9c:d5:ef:1d:61:ce:75:c9:de:46:df:98:76:b0:e2:aa:
b4:2c:c5:04
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUew0nMi54PPxa92c7SGcUbuwVP7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3ODYzZThjNTcwNDllN2FhYzgxOTQwMjk3MGM2Yzg1NDE4NmNkODRkNmY5
YzcxN2VlYjZmYzdhZDE0MzMxNGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJewSoOqF/N9zj6ZFsXarmGL9Ltt96W6KaSX7ErghOUJTq6iK/DaVB3zGate
NJ1Xu+PZRztci32ZNB2mBECNw+5r0NxevVdG1OJ9dZpcBZol01H+a+9sr3hepFzD
N/O82i8Z/7E9GdblVGbJolwwwU+KFtd+dXiWttnj3cN8eokR8pD2Q/JUVd6NZhtK
wCRoya9SgO9+MXmonjd6WNTqEsb1fKxzZe1OC4ZxKukl+4ZM7uPbxa0qitRBgn5p
khUn9HBkJroJhMBEga1+qp2v6mEO8InJZgEZFIpKkzRzQJuNFT9H+Kg3lAaRMNV2
cznAU9HE9IIaSfK38z8iAASsK4ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTz1ajs
yY7rrOuf4VTubVS6c2MmnzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmUxMzcwYTYtOGRhNC00YjQ2LWE5ZTAtZjBmNmRjODdkOWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQCAI0wOwEs/jytlLz4jOztpwUFBHAQSJ/aRaElVBMJw
KsGVgALqT625jjFXCYrsLnJD/T0K9j7r6BIQszk735iaeD4EHqyjrfuF96NOLE9+
wVJZ5sWCK2omRgjrClGBF2bxcv+5F2SRF1+Fc9fLkYS8x/mCV3NuSiaBwTfIpC/I
bdzm5B8S78cl39jQwGbR7MTaOC9I9h4r7jB7jKQ6D8+oh63nSSutGcDjcq5P7jpD
wNyuw2+fx/m66iXXEfVS9VdyVdE52aLlahgSOmRQpr++MmW17TxU/kUXIJfSRpX2
pKPWLojRHf50ekXVZpzV7x1hznXJ3kbfmHaw4qq0LMUE
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org