Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: N43xsSUv7gElffqEAnFMFW6r4SfbrzCosWcdmUXX9Vg=
Subject key identifier: E1:4E:82:14:6C:93:D1:85:EA:A6:B6:A0:2E:B7:66:FE:CD:F1:AE:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 58FA6E8EC8CC388C77F4FDFBBABF76E3A04E3FBA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:fa:6e:8e:c8:cc:38:8c:77:f4:fd:fb:ba:bf:76:e3:a0:4e:3f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=b5557d822d38579b80b976e0b36efc468210e5de883b3d0729360000567559a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:f0:64:f4:80:0e:42:87:fa:1c:72:82:1e:
86:a7:fa:52:3f:8e:1f:b7:09:71:7f:44:66:3b:cb:
bd:ca:03:42:17:e5:6d:1c:f4:39:3b:b0:1b:20:18:
b3:63:6d:c9:42:8f:53:cb:be:b6:e1:92:62:08:52:
cb:ae:f5:13:e2:1d:96:ac:93:55:cf:12:95:cc:6d:
95:5a:65:fe:05:bd:50:05:c5:17:bc:e6:db:28:5e:
f7:82:ea:7b:cd:d3:13:fc:66:93:d3:d3:ef:71:d9:
47:be:b9:82:f8:d0:3d:c8:6d:2b:96:5c:85:92:39:
25:bc:f5:80:88:48:7b:86:8f:87:a4:24:aa:b6:fc:
6f:79:49:0e:5c:1c:5e:fb:93:5f:b2:e2:5d:1f:6a:
5a:7f:b2:e1:03:28:88:4f:27:85:0e:17:1c:ad:93:
b6:93:93:ec:d7:13:f0:6b:e5:5c:d6:b8:88:b4:5f:
c3:ed:88:b0:ca:c5:bf:40:69:0d:8f:34:6d:ff:43:
f4:d8:15:64:76:53:eb:0c:b4:4d:b2:a9:ff:c3:8f:
ba:13:cf:20:50:7f:e6:56:1c:56:be:cf:f9:05:07:
60:a7:cf:e7:9f:8c:d3:a6:f3:92:22:0d:ec:20:ba:
fa:da:8b:ad:00:75:14:c1:ea:c6:96:ae:96:06:db:
c9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4E:82:14:6C:93:D1:85:EA:A6:B6:A0:2E:B7:66:FE:CD:F1:AE:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:3d:6f:ac:e1:b1:be:b8:ea:ee:70:d6:d3:57:e3:f4:18:ab:
8f:f4:7d:6b:c7:b2:c6:57:74:0f:b4:94:d3:c0:4f:64:63:31:
56:53:33:3f:d8:a5:a2:18:4a:6d:6e:68:ac:47:fb:c2:9a:99:
e8:31:a0:3e:a5:cb:53:45:0b:aa:d6:7d:94:9e:16:3c:a4:23:
c3:4a:cb:7c:86:68:63:41:84:1c:21:8a:c1:a7:0c:c3:ca:aa:
79:ad:1d:99:54:6a:1e:7d:ea:3c:b4:30:5c:f2:ca:e5:24:fd:
60:d4:ad:64:c9:d5:72:f7:35:3b:bd:8c:f7:6d:09:ed:32:78:
f5:15:71:5c:a9:c5:65:3e:42:3e:0d:b4:b4:89:de:9d:f1:79:
6b:af:fd:32:14:67:ed:fa:3e:84:5c:9e:83:b2:0a:de:07:3a:
f6:50:d9:f6:84:dd:d4:1a:01:3c:8b:63:39:8b:23:56:d6:8d:
c4:2b:37:da:83:63:ce:a9:8d:34:70:54:32:16:d0:5a:62:a2:
3c:a5:65:9d:15:88:e2:24:2c:91:73:ee:22:16:89:a8:76:30:
d2:1a:3a:93:c4:dc:a7:40:ec:53:ad:c1:6b:01:df:63:65:67:
d8:4e:c4:19:01:29:c0:21:48:e0:32:ad:87:11:05:6a:ab:20:
d1:20:0c:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWPpujsjMOIx39P37ur9246BOP7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1NTU3ZDgyMmQzODU3OWI4MGI5NzZlMGIzNmVmYzQ2ODIxMGU1ZGU4ODNi
M2QwNzI5MzYwMDAwNTY3NTU5YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQ78GT0gA5Ch/occoIehqf6Uj+OH7cJcX9EZjvLvcoDQhflbRz0OTuwGyAY
s2NtyUKPU8u+tuGSYghSy671E+IdlqyTVc8SlcxtlVpl/gW9UAXFF7zm2yhe94Lq
e83TE/xmk9PT73HZR765gvjQPchtK5ZchZI5Jbz1gIhIe4aPh6Qkqrb8b3lJDlwc
XvuTX7LiXR9qWn+y4QMoiE8nhQ4XHK2TtpOT7NcT8GvlXNa4iLRfw+2IsMrFv0Bp
DY80bf9D9NgVZHZT6wy0TbKp/8OPuhPPIFB/5lYcVr7P+QUHYKfP55+M06bzkiIN
7CC6+tqLrQB1FMHqxpaulgbbyQsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThToIU
bJPRheqmtqAut2b+zfGuHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBYPW+s4bG+uOrucNbTV+P0GKuP9H1rx7LGV3QPtJTT
wE9kYzFWUzM/2KWiGEptbmisR/vCmpnoMaA+pctTRQuq1n2UnhY8pCPDSst8hmhj
QYQcIYrBpwzDyqp5rR2ZVGoefeo8tDBc8srlJP1g1K1kydVy9zU7vYz3bQntMnj1
FXFcqcVlPkI+DbS0id6d8Xlrr/0yFGft+j6EXJ6DsgreBzr2UNn2hN3UGgE8i2M5
iyNW1o3EKzfag2POqY00cFQyFtBaYqI8pWWdFYjiJCyRc+4iFomodjDSGjqTxNyn
QOxTrcFrAd9jZWfYTsQZASnAIUjgMq2HEQVqqyDRIAyt
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org