Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4357bcd8-5973-4f9d-968f-660b17590f0e.roa
File: 4357bcd8-5973-4f9d-968f-660b17590f0e.roa (raw, json)
Hash identifier: l21Qt13Y2m+bMHFW1+nQ52mwG/J6+rI5HiEfHvIEN6U=
Subject key identifier: 0A:3E:DB:D0:04:DC:D2:29:4E:A6:9C:B8:6A:1B:23:3F:E4:50:F4:51
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E754EE60D9CCFDF94D081CA4B33DEC8D7DC8CB5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4357bcd8-5973-4f9d-968f-660b17590f0e.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:75:4e:e6:0d:9c:cf:df:94:d0:81:ca:4b:33:de:c8:d7:dc:8c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=0f7f9fc1727acd6751a54158346a71380edc006867f93559189fda5b27913435, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1a:92:86:14:a2:2b:61:63:29:f3:e0:53:9d:
d7:fa:c5:ec:1e:93:8d:fc:0f:c9:b7:4e:00:50:cf:
3e:c3:bc:4e:a1:87:7f:0c:32:dd:5a:ff:68:c4:f8:
55:ec:83:6c:62:51:b9:0d:f2:ce:77:4b:1b:b4:4c:
fc:81:35:ce:97:a8:ab:58:49:36:45:36:fc:ae:bf:
b3:55:69:68:d7:e3:2d:7f:44:76:06:e9:d3:28:6a:
af:b1:9c:18:e4:a8:7c:31:7d:3c:57:c9:e7:04:6f:
aa:6f:8d:c1:7f:5e:1a:0e:13:d8:fb:f8:0e:95:db:
ff:54:81:e0:05:d3:eb:3a:ea:41:45:a6:44:84:77:
02:e3:f8:92:e3:5a:cc:83:26:6c:cb:5c:6b:a0:2b:
16:43:a4:25:c8:ab:6e:bb:13:68:c6:b7:71:b4:8f:
47:22:dd:f0:a5:9e:7e:42:36:17:f4:74:4c:fd:c9:
e6:16:5c:bc:a2:8d:83:65:ff:9e:5f:57:82:a5:c1:
c6:11:24:f5:6d:72:43:52:72:d3:71:fa:c6:40:e2:
e4:55:b3:39:ad:4f:c2:75:9f:9c:b1:9a:19:f7:ea:
f4:44:2e:09:38:7d:a0:91:d0:99:52:e8:73:64:2a:
c9:5a:6c:1b:56:47:ad:9f:74:aa:04:39:5f:03:0c:
02:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3E:DB:D0:04:DC:D2:29:4E:A6:9C:B8:6A:1B:23:3F:E4:50:F4:51
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4357bcd8-5973-4f9d-968f-660b17590f0e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
71:23:ff:cd:8d:43:17:9d:ac:63:08:8c:64:1f:0a:f1:ca:d6:
58:12:1e:1e:a5:8e:18:cc:af:d7:48:59:5d:cb:74:e5:b6:3b:
24:2d:ba:19:27:3b:e8:fa:68:51:3d:b9:df:a7:57:2e:c3:c8:
f1:52:61:fe:dd:ae:dc:1b:b3:4d:1b:19:23:36:0c:3e:69:75:
bb:b6:ff:25:d1:ff:44:f5:f8:27:d2:4c:72:37:e3:76:58:bc:
28:0a:50:7c:0c:8c:ce:04:c1:8e:c9:ba:ef:16:db:25:34:63:
5c:94:da:0b:30:79:27:85:5e:c0:51:d9:73:f3:e8:12:f5:c2:
b5:bc:25:86:0a:a2:16:1d:1b:8a:0c:2e:a8:76:51:ff:90:07:
9e:b0:ec:a9:6f:1e:33:78:d3:4b:bd:b8:21:ce:bd:cf:3e:9c:
df:b8:41:82:19:da:98:da:ec:bd:cd:1c:df:cb:5d:5a:7c:09:
c2:46:af:f4:d3:ca:3e:44:49:57:de:55:6c:a0:a9:3d:54:62:
b8:25:ee:74:7d:f0:f6:3f:f0:1d:02:95:cd:38:3a:18:4a:84:
47:2e:4b:23:d3:b0:8b:70:33:2a:f8:ad:27:f8:c4:df:a1:b6:
d5:91:90:3a:bc:e2:f2:63:dd:27:0e:18:15:c2:de:07:64:c2:
e3:3b:17:46
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTnVO5g2cz9+U0IHKSzPeyNfcjLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmN2Y5ZmMxNzI3YWNkNjc1MWE1NDE1ODM0NmE3MTM4MGVkYzAwNjg2N2Y5
MzU1OTE4OWZkYTViMjc5MTM0MzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOkakoYUoithYynz4FOd1/rF7B6TjfwPybdOAFDPPsO8TqGHfwwy3Vr/aMT4
VeyDbGJRuQ3yzndLG7RM/IE1zpeoq1hJNkU2/K6/s1VpaNfjLX9Edgbp0yhqr7Gc
GOSofDF9PFfJ5wRvqm+NwX9eGg4T2Pv4DpXb/1SB4AXT6zrqQUWmRIR3AuP4kuNa
zIMmbMtca6ArFkOkJcirbrsTaMa3cbSPRyLd8KWefkI2F/R0TP3J5hZcvKKNg2X/
nl9XgqXBxhEk9W1yQ1Jy03H6xkDi5FWzOa1PwnWfnLGaGffq9EQuCTh9oJHQmVLo
c2QqyVpsG1ZHrZ90qgQ5XwMMAisCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQKPtvQ
BNzSKU6mnLhqGyM/5FD0UTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDM1N2JjZDgtNTk3My00ZjlkLTk2OGYtNjYwYjE3NTkwZjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAcSP/zY1DF52sYwiMZB8K8crWWBIeHqWOGMyv10hZ
Xct05bY7JC26GSc76PpoUT2536dXLsPI8VJh/t2u3BuzTRsZIzYMPml1u7b/JdH/
RPX4J9JMcjfjdli8KApQfAyMzgTBjsm67xbbJTRjXJTaCzB5J4VewFHZc/PoEvXC
tbwlhgqiFh0bigwuqHZR/5AHnrDsqW8eM3jTS724Ic69zz6c37hBghnamNrsvc0c
38tdWnwJwkav9NPKPkRJV95VbKCpPVRiuCXudH3w9j/wHQKVzTg6GEqERy5LI9Ow
i3AzKvitJ/jE36G21ZGQOrzi8mPdJw4YFcLeB2TC4zsXRg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org