Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
File: 40a62114-09f8-4383-abc5-a7d805c42d0a.roa (raw, json)
Hash identifier: mzk811NQroOellZo8CdVQk4OS8m6ZXoouTozgf0OmAk=
Subject key identifier: E8:58:31:BC:F2:4E:79:D5:8C:5B:8A:F1:7B:EF:C3:13:71:90:68:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11E351C335CB3B9C27E1CF01214D3A479567A357
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:e3:51:c3:35:cb:3b:9c:27:e1:cf:01:21:4d:3a:47:95:67:a3:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=7628f99e4690fa6412672c873f2fe0cefe017d89f9209269cf67d4bd6c15eafe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:98:df:8c:f6:28:e3:e5:1b:a4:68:e2:0d:
b3:29:1e:cf:ff:5b:47:49:3c:34:b5:ca:fd:23:4e:
bf:5e:4a:c9:03:4e:8f:96:b2:4b:27:77:fd:82:0b:
91:dc:ce:42:71:0c:22:a1:c1:32:d6:45:08:7b:70:
58:24:04:f1:6f:e4:e4:4c:f7:90:35:b1:1f:4b:ec:
34:1d:ec:e2:2c:f8:da:1f:e4:62:14:99:78:6c:f2:
af:67:eb:0d:a3:f3:cb:2f:4e:86:69:6c:fa:40:7b:
b3:12:fe:a2:fb:f9:2b:55:dd:90:5f:a4:68:ec:bf:
5d:fc:74:de:00:b1:52:bd:15:3c:e1:08:18:6a:26:
dc:40:d8:58:36:02:6a:32:e8:8d:83:c7:90:36:54:
ed:e0:1c:ad:97:72:48:a9:df:27:57:78:4f:6f:ab:
6c:0e:28:77:cb:cc:9b:62:9b:fd:a0:95:72:53:d3:
83:d1:0c:65:58:8d:04:d1:0f:b2:78:a8:d1:78:a8:
90:b5:33:f7:48:04:6c:8b:11:36:b1:40:41:5d:0f:
b2:1f:bd:33:3b:ef:85:d7:b6:06:49:ef:61:c9:6d:
61:6a:0a:77:3b:c0:70:d4:c6:27:06:eb:82:c2:89:
ae:8b:72:02:67:45:53:40:e5:72:fc:9b:75:6b:e1:
d8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:58:31:BC:F2:4E:79:D5:8C:5B:8A:F1:7B:EF:C3:13:71:90:68:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/40a62114-09f8-4383-abc5-a7d805c42d0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
be:98:61:90:1c:af:19:21:44:65:37:1c:4e:4d:0d:78:44:4e:
88:25:02:c9:1f:53:df:3b:5e:3c:ba:8a:a3:5d:08:42:92:6e:
b1:4f:76:ce:6c:31:86:63:91:40:00:a0:20:73:53:24:93:b3:
07:f1:36:46:b3:90:05:2d:43:f9:8c:4e:18:37:7b:79:a8:97:
0f:09:c0:34:f0:2c:3b:a9:56:75:e5:0b:72:1d:a6:11:9d:3e:
3f:af:90:c3:5c:7a:e1:81:4c:32:ff:9b:e4:6f:24:83:83:70:
2f:ff:7a:73:b8:6a:bd:c9:7c:0f:80:39:e5:1e:97:dc:9b:40:
f6:4c:38:a5:3b:6b:59:76:3e:61:76:fa:1a:53:ec:a8:c5:04:
36:e1:63:81:ff:74:04:d3:a2:d4:df:3e:13:04:e2:b7:2a:fe:
fe:b2:12:85:b1:02:92:2a:d6:28:23:31:df:e0:a5:c7:ef:2d:
d2:24:85:8a:d3:88:0e:71:11:c8:1f:65:49:f6:91:af:26:73:
89:e5:49:ab:43:13:5c:b5:19:ad:3f:96:f9:44:e5:02:54:8f:
7a:bd:3f:4a:65:db:aa:b1:a6:b9:75:db:df:fe:b5:1f:7f:0f:
f5:f9:fd:23:73:27:30:db:a8:ad:66:62:b6:65:05:b1:6c:9e:
bf:e5:9a:c1
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUEeNRwzXLO5wn4c8BIU06R5Vno1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MjhmOTllNDY5MGZhNjQxMjY3MmM4NzNmMmZlMGNlZmUwMTdkODlmOTIw
OTI2OWNmNjdkNGJkNmMxNWVhZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALB4mN+M9ijj5RukaOINsykez/9bR0k8NLXK/SNOv15KyQNOj5aySyd3/YIL
kdzOQnEMIqHBMtZFCHtwWCQE8W/k5Ez3kDWxH0vsNB3s4iz42h/kYhSZeGzyr2fr
DaPzyy9Ohmls+kB7sxL+ovv5K1XdkF+kaOy/Xfx03gCxUr0VPOEIGGom3EDYWDYC
ajLojYPHkDZU7eAcrZdySKnfJ1d4T2+rbA4od8vMm2Kb/aCVclPTg9EMZViNBNEP
snio0XiokLUz90gEbIsRNrFAQV0Psh+9Mzvvhde2BknvYcltYWoKdzvAcNTGJwbr
gsKJrotyAmdFU0DlcvybdWvh2FcCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBToWDG8
8k551YxbivF778MTcZBokDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDBhNjIxMTQtMDlmOC00MzgzLWFiYzUtYTdkODA1YzQyZDBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAL6YYZAcrxkhRGU3HE5NDXhEToglAskfU987Xjy6
iqNdCEKSbrFPds5sMYZjkUAAoCBzUySTswfxNkazkAUtQ/mMThg3e3molw8JwDTw
LDupVnXlC3IdphGdPj+vkMNceuGBTDL/m+RvJIODcC//enO4ar3JfA+AOeUel9yb
QPZMOKU7a1l2PmF2+hpT7KjFBDbhY4H/dATTotTfPhME4rcq/v6yEoWxApIq1igj
Md/gpcfvLdIkhYrTiA5xEcgfZUn2ka8mc4nlSatDE1y1Ga0/lvlE5QJUj3q9P0pl
26qxprl129/+tR9/D/X5/SNzJzDbqK1mYrZlBbFsnr/lmsE=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org