Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
File: 47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa (raw, json)
Hash identifier: HlSUtenoaYyS/MB8Y9OxKKqV7PTwdq6oeo6C2OkCI9U=
Subject key identifier: 82:BA:98:6E:84:58:27:60:99:3F:8B:05:5B:C5:2C:E9:2D:2B:DD:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 199C55D05152E4B8686DBFA5718880480707E650
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:9c:55:d0:51:52:e4:b8:68:6d:bf:a5:71:88:80:48:07:07:e6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d26c780d5d8d6c3d32899d54bf04c498a1ef30bd355620f154171683f430ac27, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:13:0c:16:39:c0:9a:a0:20:d7:c3:cd:99:1b:
ee:81:70:ba:d1:55:eb:22:e1:0c:38:5a:67:de:83:
04:e1:e5:d9:a5:00:ba:77:c2:02:44:cd:51:c2:6b:
4d:ba:61:7e:6d:1d:f6:a3:e1:da:5d:0d:d3:d6:c4:
bd:2a:ef:fc:27:55:26:58:a7:95:30:72:73:1d:5d:
c9:92:f3:ca:fc:bd:8f:e0:47:38:f7:6c:97:6e:e0:
a2:9e:6c:e6:93:62:56:45:61:18:80:0e:5e:bb:63:
48:f7:d8:89:63:b8:81:e9:2f:05:41:54:a1:41:d9:
39:54:98:26:78:a1:33:65:00:79:86:0d:60:80:e4:
65:47:1a:cf:4e:72:54:58:3d:41:eb:d2:94:f0:55:
63:cc:ae:c3:fd:ac:4e:93:f6:b8:60:b1:08:82:b7:
ce:2e:8a:9c:5f:aa:ff:5e:07:67:52:ba:25:33:c8:
5f:93:f9:8b:54:81:f3:9a:9e:58:94:a0:de:33:01:
60:00:e0:10:59:fe:41:7d:8d:a7:88:15:c3:7e:21:
65:fd:bb:5d:bf:0d:b9:72:e6:44:a2:6d:33:07:7d:
e6:c0:5b:98:80:6a:3a:1e:3b:77:0f:b0:73:7c:36:
52:38:f5:7f:e9:37:24:3f:12:54:6f:95:53:ec:dc:
c3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BA:98:6E:84:58:27:60:99:3F:8B:05:5B:C5:2C:E9:2D:2B:DD:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/47e3c35b-62cd-4139-a97c-7bf0ce44097d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
c6:28:7d:53:bf:ad:9f:c4:e3:5a:8b:e1:1c:43:9a:3c:d5:9a:
7b:c5:31:d2:a7:28:8b:a4:97:de:c1:e4:b7:04:d8:f3:2f:7d:
06:0f:39:28:84:25:d9:23:14:92:07:06:8f:6a:d2:87:ca:b0:
0a:f1:fd:8b:54:ec:db:96:07:84:f2:b9:1f:5e:c9:b9:d7:43:
76:c1:21:aa:49:67:73:40:b8:fa:2e:20:2c:31:5c:e9:30:b9:
c4:7c:55:59:a3:15:9c:7e:d6:35:e5:b0:78:5d:e3:98:96:0a:
cc:76:18:47:ed:a4:08:e5:2e:9c:61:18:b3:75:ed:aa:3b:f2:
40:39:c5:87:b1:4f:0d:a6:d5:47:48:36:69:a7:cb:3e:c4:8a:
0d:c3:4c:e0:30:2a:5c:a3:30:07:ae:3e:09:26:02:3e:8e:c2:
b5:e6:bc:26:fc:4e:55:12:26:af:80:fe:01:54:71:7a:8d:6a:
77:83:cd:2d:ca:90:98:f2:18:d1:c9:ba:f3:4a:fd:98:35:e5:
ba:27:74:a5:58:c0:b0:fa:68:11:83:88:d1:d2:7c:3f:b3:6e:
35:26:9b:a8:bb:36:eb:bb:31:25:9b:66:69:94:da:a4:3a:11:
de:44:29:d8:59:c0:0a:b4:f1:67:53:52:21:42:e8:7e:d4:b8:
50:b2:5d:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGZxV0FFS5Lhobb+lcYiASAcH5lAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNmM3ODBkNWQ4ZDZjM2QzMjg5OWQ1NGJmMDRjNDk4YTFlZjMwYmQzNTU2
MjBmMTU0MTcxNjgzZjQzMGFjMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkTDBY5wJqgINfDzZkb7oFwutFV6yLhDDhaZ96DBOHl2aUAunfCAkTNUcJr
Tbphfm0d9qPh2l0N09bEvSrv/CdVJlinlTBycx1dyZLzyvy9j+BHOPdsl27gop5s
5pNiVkVhGIAOXrtjSPfYiWO4gekvBUFUoUHZOVSYJnihM2UAeYYNYIDkZUcaz05y
VFg9QevSlPBVY8yuw/2sTpP2uGCxCIK3zi6KnF+q/14HZ1K6JTPIX5P5i1SB85qe
WJSg3jMBYADgEFn+QX2Np4gVw34hZf27Xb8NuXLmRKJtMwd95sBbmIBqOh47dw+w
c3w2Ujj1f+k3JD8SVG+VU+zcw/sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSCuphu
hFgnYJk/iwVbxSzpLSvdPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDdlM2MzNWItNjJjZC00MTM5LWE5N2MtN2JmMGNlNDQwOTdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAxih9U7+tn8TjWovhHEOaPNWae8Ux0qcoi6SX3sHk
twTY8y99Bg85KIQl2SMUkgcGj2rSh8qwCvH9i1Ts25YHhPK5H17JuddDdsEhqkln
c0C4+i4gLDFc6TC5xHxVWaMVnH7WNeWweF3jmJYKzHYYR+2kCOUunGEYs3Xtqjvy
QDnFh7FPDabVR0g2aafLPsSKDcNM4DAqXKMwB64+CSYCPo7Ctea8JvxOVRImr4D+
AVRxeo1qd4PNLcqQmPIY0cm680r9mDXluid0pVjAsPpoEYOI0dJ8P7NuNSabqLs2
67sxJZtmaZTapDoR3kQp2FnACrTxZ1NSIULoftS4ULJdlQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org