Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/34e19faa-5cf1-4226-b61a-b6161eba0791.roa
File: 34e19faa-5cf1-4226-b61a-b6161eba0791.roa (raw, json)
Hash identifier: obu+B+plCC3btNRmbCoZD8A3+Nzf5Pv0dtVUTdFvuIA=
Subject key identifier: 6C:A1:66:1B:1C:34:5B:69:FD:28:23:3F:86:5D:5F:62:14:77:87:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 418064FA98477572337F05321C65A5F76C4C249F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/34e19faa-5cf1-4226-b61a-b6161eba0791.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:80:64:fa:98:47:75:72:33:7f:05:32:1c:65:a5:f7:6c:4c:24:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=55ab5d491db9970b917c94e078a82cc8692649a48e18f22beb0fa70e3d48592d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:27:c8:6f:f2:7f:fd:4f:24:8e:be:e6:37:80:
d7:ee:3a:46:65:96:f5:f2:f0:f8:a7:90:be:ed:2a:
0a:90:08:d8:8a:45:69:96:4e:51:74:97:4f:75:2e:
f1:83:a7:47:a4:ea:05:f2:84:87:6f:b4:90:68:e0:
6e:e5:47:3a:59:93:1d:00:f0:68:6b:b9:a1:7d:63:
9f:4c:b9:88:a2:7a:aa:ff:09:e7:52:5e:68:26:45:
71:9e:bb:fe:8d:fb:31:3a:f7:32:14:88:7f:6a:92:
51:68:a6:c4:e5:a2:46:a9:e1:f5:70:0b:32:e3:8b:
16:49:c3:16:34:2c:69:37:66:55:1a:01:40:d7:a7:
2e:a3:82:a5:45:e9:22:3a:72:4a:ce:e6:52:6a:7e:
5f:84:fc:0a:8c:d1:bd:2c:60:81:08:7b:17:00:e6:
fc:17:12:aa:d2:79:d2:09:0f:e6:3c:9c:f2:94:a0:
20:38:fc:1a:24:cc:70:3f:a8:b9:98:75:70:47:88:
e0:9b:40:d9:e9:27:0e:46:55:8d:0f:62:a6:7e:b9:
a6:51:63:57:9b:34:1c:55:c4:da:cf:74:74:ca:7e:
12:20:bd:3e:46:07:c4:1e:16:27:68:cf:1a:45:8e:
23:d7:18:ba:d4:22:ee:74:8f:d9:bf:12:fd:9d:13:
29:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A1:66:1B:1C:34:5B:69:FD:28:23:3F:86:5D:5F:62:14:77:87:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/34e19faa-5cf1-4226-b61a-b6161eba0791.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:99:40:d4:e2:b3:bd:6c:50:b7:01:51:4c:62:56:43:52:c7:
7d:b7:5d:29:08:19:3c:30:c9:ed:fa:6b:69:2a:e0:12:95:87:
dd:33:77:26:28:c0:9d:38:a1:6e:11:82:cb:8f:46:84:7d:6a:
43:b2:79:6f:f3:c9:da:72:54:5c:07:bd:04:74:06:10:93:c6:
77:27:77:f5:3a:3c:74:18:9c:70:95:27:c5:1d:27:c6:e4:ae:
fb:ef:df:88:8c:d5:31:5b:b5:96:50:b7:31:2d:ab:50:eb:db:
25:9a:c3:c7:5f:d7:74:28:11:10:0f:7b:99:51:0c:cd:e4:e3:
8d:de:5e:a1:ff:be:8d:b3:82:5b:7f:e7:3c:e1:12:3c:72:d1:
8c:10:18:45:f9:b0:b7:bb:f7:3d:26:a5:0d:93:8a:42:86:c1:
d7:13:f3:f2:26:43:6f:b2:07:a9:3f:09:1e:5f:54:6f:b6:3f:
60:c4:df:8a:39:d8:45:99:b9:c1:f1:39:29:02:b1:b0:0e:5a:
85:16:bb:ea:c6:b3:42:f8:36:29:c3:ce:38:27:25:2e:1e:43:
f6:cb:bb:8a:30:f4:5a:8f:d3:26:69:27:3d:3b:17:03:7d:d9:
a8:89:ed:09:09:81:19:4b:d2:6c:73:09:75:4f:00:60:9c:21:
48:31:ab:d2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQYBk+phHdXIzfwUyHGWl92xMJJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1YWI1ZDQ5MWRiOTk3MGI5MTdjOTRlMDc4YTgyY2M4NjkyNjQ5YTQ4ZTE4
ZjIyYmViMGZhNzBlM2Q0ODU5MmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcnyG/yf/1PJI6+5jeA1+46RmWW9fLw+KeQvu0qCpAI2IpFaZZOUXSXT3Uu
8YOnR6TqBfKEh2+0kGjgbuVHOlmTHQDwaGu5oX1jn0y5iKJ6qv8J51JeaCZFcZ67
/o37MTr3MhSIf2qSUWimxOWiRqnh9XALMuOLFknDFjQsaTdmVRoBQNenLqOCpUXp
IjpySs7mUmp+X4T8CozRvSxggQh7FwDm/BcSqtJ50gkP5jyc8pSgIDj8GiTMcD+o
uZh1cEeI4JtA2eknDkZVjQ9ipn65plFjV5s0HFXE2s90dMp+EiC9PkYHxB4WJ2jP
GkWOI9cYutQi7nSP2b8S/Z0TKU8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsoWYb
HDRbaf0oIz+GXV9iFHeHeTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzRlMTlmYWEtNWNmMS00MjI2LWI2MWEtYjYxNjFlYmEwNzkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQAumUDU4rO9bFC3AVFMYlZDUsd9t10pCBk8MMnt+mtp
KuASlYfdM3cmKMCdOKFuEYLLj0aEfWpDsnlv88naclRcB70EdAYQk8Z3J3f1Ojx0
GJxwlSfFHSfG5K7779+IjNUxW7WWULcxLatQ69slmsPHX9d0KBEQD3uZUQzN5OON
3l6h/76Ns4Jbf+c84RI8ctGMEBhF+bC3u/c9JqUNk4pChsHXE/PyJkNvsgepPwke
X1Rvtj9gxN+KOdhFmbnB8TkpArGwDlqFFrvqxrNC+DYpw844JyUuHkP2y7uKMPRa
j9MmaSc9OxcDfdmoie0JCYEZS9Jscwl1TwBgnCFIMavS
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org