Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: TeRvutGosoYDcwqLZnuezxDwI67FXTAs8LERVvAfCHM=
Subject key identifier: D3:5F:61:6B:3B:22:39:F4:FA:CD:A4:CF:DA:7B:E9:EC:38:B7:E3:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 272B183001059FDCC9A415A0FC29AEB2A45ADC8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:2b:18:30:01:05:9f:dc:c9:a4:15:a0:fc:29:ae:b2:a4:5a:dc:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=89eefd851ec4ff5fcf9792f75f2d04c1c187f8d31563411d462278631732a439, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:73:a2:1f:76:81:0b:05:84:dd:3b:bc:fa:c7:
b4:bf:d7:17:65:f5:a1:ae:0b:c9:1b:af:a3:2b:8b:
75:45:8d:2b:50:58:5a:06:fb:c4:47:f8:76:37:9d:
b4:88:6c:ad:b0:57:fb:10:4b:07:d2:5e:a2:9c:ca:
38:91:f8:2b:11:0b:54:fe:c5:94:f2:0f:91:4d:20:
e7:dd:b8:18:7c:37:66:4d:0a:ac:d6:bf:4a:6c:81:
84:f3:b7:56:00:3c:b1:a9:2e:f7:87:57:e7:e6:47:
c0:36:6f:9d:a2:7c:61:07:14:a0:61:0f:0a:26:e6:
f0:85:62:11:a8:4f:3b:d4:bd:e6:f0:cb:9b:be:fc:
8c:1a:14:2e:a8:3f:e4:12:c4:ec:c1:f3:94:99:bc:
53:e5:fb:56:a3:4a:33:a8:7c:13:dc:5d:85:8a:24:
ee:e4:de:f1:36:c3:6a:1e:23:ff:74:43:fd:d7:1a:
8a:34:44:a6:07:43:05:85:2f:71:92:28:91:79:9e:
c0:f6:99:40:81:5e:7f:b7:02:15:8f:74:37:c3:d2:
1b:1a:df:36:94:84:69:fb:7d:e9:fc:83:40:2a:0e:
ce:74:2c:b9:5c:c4:6c:d0:f0:c0:d4:90:87:65:4c:
30:5c:aa:69:cd:7e:ba:2a:07:97:ef:a1:6b:f1:d1:
ef:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5F:61:6B:3B:22:39:F4:FA:CD:A4:CF:DA:7B:E9:EC:38:B7:E3:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
2e:a3:9f:06:73:e4:ce:bc:4a:18:4d:28:b6:a9:94:b9:f7:c3:
c2:60:89:15:17:11:e5:ef:1a:49:83:8c:56:e6:f1:39:f9:28:
2a:68:e8:16:9e:98:d6:d2:52:96:0c:68:31:3a:15:d9:a8:42:
86:98:c3:16:c7:9b:34:3e:95:c5:51:fa:26:b8:f8:a4:5f:d8:
fe:96:5b:67:af:73:cc:f1:f4:a4:75:25:3c:1b:79:73:fb:d6:
6c:9d:4b:be:bc:7b:e6:8a:6a:fa:8f:26:51:30:d9:ff:89:18:
1b:d4:6e:83:8c:ac:8a:4d:34:d2:42:39:4d:cb:a8:22:d8:43:
90:a4:8c:60:eb:51:c4:42:a7:11:9a:8d:b8:74:8b:29:e6:d3:
67:68:70:1d:20:14:5b:34:c0:d2:14:98:cb:a6:80:34:ed:e1:
ee:5c:99:52:ce:54:23:ed:29:31:92:8d:e7:a5:c7:b8:ee:c8:
65:ac:61:52:ac:30:d9:69:f6:ad:78:c1:48:c4:92:a1:6d:c3:
18:4c:5c:98:9e:9d:c4:24:6d:aa:d7:28:4b:e6:31:bc:5f:0e:
b2:a1:0c:f2:c3:69:c9:17:c9:cb:94:25:71:eb:2c:2e:76:62:
d7:83:7f:7e:ed:d9:90:35:3c:f5:b4:a2:ca:58:58:24:0b:eb:
bc:65:ec:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJysYMAEFn9zJpBWg/CmusqRa3IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ZWVmZDg1MWVjNGZmNWZjZjk3OTJmNzVmMmQwNGMxYzE4N2Y4ZDMxNTYz
NDExZDQ2MjI3ODYzMTczMmE0MzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhzoh92gQsFhN07vPrHtL/XF2X1oa4LyRuvoyuLdUWNK1BYWgb7xEf4djed
tIhsrbBX+xBLB9JeopzKOJH4KxELVP7FlPIPkU0g5924GHw3Zk0KrNa/SmyBhPO3
VgA8saku94dX5+ZHwDZvnaJ8YQcUoGEPCibm8IViEahPO9S95vDLm778jBoULqg/
5BLE7MHzlJm8U+X7VqNKM6h8E9xdhYok7uTe8TbDah4j/3RD/dcaijREpgdDBYUv
cZIokXmewPaZQIFef7cCFY90N8PSGxrfNpSEaft96fyDQCoOznQsuVzEbNDwwNSQ
h2VMMFyqac1+uioHl++ha/HR7/kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTTX2Fr
OyI59PrNpM/ae+nsOLfjFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEALqOfBnPkzrxKGE0otqmUuffDwmCJFRcR5e8aSYOM
VubxOfkoKmjoFp6Y1tJSlgxoMToV2ahChpjDFsebND6VxVH6Jrj4pF/Y/pZbZ69z
zPH0pHUlPBt5c/vWbJ1Lvrx75opq+o8mUTDZ/4kYG9Rug4ysik000kI5TcuoIthD
kKSMYOtRxEKnEZqNuHSLKebTZ2hwHSAUWzTA0hSYy6aANO3h7lyZUs5UI+0pMZKN
56XHuO7IZaxhUqww2Wn2rXjBSMSSoW3DGExcmJ6dxCRtqtcoS+YxvF8OsqEM8sNp
yRfJy5QlcessLnZi14N/fu3ZkDU89bSiylhYJAvrvGXsvA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org