Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: xMKeSjDXfHmO2y0WXTOzcOi23a/c8ZnSrL5bhT+Ep5s=
Subject key identifier: 3D:B3:92:50:DA:21:B8:42:FC:2D:FC:42:E5:20:3C:70:C7:7E:65:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E8E43600F4BD059F55F4E3E78B9160ACB5F0D71
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:8e:43:60:0f:4b:d0:59:f5:5f:4e:3e:78:b9:16:0a:cb:5f:0d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=5c2428ecb31fdb89d9d075eb32e7552e8503179cde882de481788353577a0f46, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7e:71:5e:8b:b0:55:ab:5c:1d:51:f8:93:94:
e3:8b:32:cd:92:40:e8:88:18:39:88:fd:13:da:5d:
ed:4d:2f:94:76:33:b6:1a:d4:4c:90:08:b8:81:c9:
c9:6d:71:59:85:2e:32:91:d5:72:02:3d:ad:3a:35:
01:14:0a:9e:05:d0:70:91:c7:08:f1:b9:9e:21:8e:
1f:15:ff:79:ba:cd:8d:63:00:da:fd:70:93:fd:58:
47:22:9d:a1:80:5c:bf:d4:4d:9b:12:2c:b1:f3:8f:
9c:2e:e7:ab:0c:cf:d2:4e:23:f0:73:bf:7b:f5:ae:
30:17:cd:de:a6:83:f9:af:1d:08:bc:1a:40:f3:45:
95:15:56:c9:c8:b3:3b:cd:b8:c0:6b:6a:31:2e:8c:
f7:a3:f8:93:7c:2f:ce:3d:50:f4:c7:eb:b9:44:9b:
eb:b1:8b:7e:70:3f:09:34:44:d0:03:e0:98:7c:a8:
a9:e9:9a:1e:c3:9f:3b:1e:fd:b7:de:8d:df:f4:28:
6c:8a:be:d2:1a:f4:b9:fb:3f:53:94:ca:b8:56:6e:
73:0c:7c:64:b7:95:77:6f:f5:15:29:dd:66:ef:78:
94:86:ba:d2:db:0c:5a:28:2a:00:66:59:2c:ab:ee:
40:8e:a7:ba:9e:a5:e2:87:55:d8:d2:73:39:a6:a0:
87:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B3:92:50:DA:21:B8:42:FC:2D:FC:42:E5:20:3C:70:C7:7E:65:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5d:08:92:e1:30:26:57:c9:81:c2:64:4b:a9:29:cb:76:ce:c9:
a7:23:50:60:52:70:e2:e9:5f:0b:b4:5e:2d:29:8e:9e:78:ea:
48:49:8f:57:d5:be:18:ba:78:1f:35:ab:70:7a:d8:89:f4:08:
40:54:64:07:34:b4:a3:c9:06:bd:27:82:90:c6:24:ad:50:a3:
24:a3:dd:fd:c9:55:77:2d:88:1d:54:55:2d:68:8e:c3:cf:e4:
50:13:57:7b:2c:f8:72:8d:67:42:ef:bb:8c:d6:24:22:3f:3c:
56:1f:c5:07:23:cd:aa:5d:2b:33:4c:b4:2a:3d:17:4f:45:72:
07:7c:67:12:ed:9b:9d:5d:70:77:b4:8c:5f:1d:57:91:df:33:
6c:aa:98:6a:0d:e7:d5:a9:ef:2b:6e:87:23:70:0f:c6:d2:53:
48:e6:1c:30:75:b3:b7:06:63:4a:46:f6:c6:c9:f0:2b:c7:fc:
42:6e:9d:cf:80:ec:1f:fd:15:ac:68:c5:0d:3b:a5:f6:6a:24:
3d:2b:c2:31:be:f3:d6:f9:d0:ee:64:03:0b:b3:db:0e:c9:e2:
ff:56:88:80:6d:e4:19:59:af:ae:f0:db:58:99:df:7b:c2:48:
22:60:4c:67:15:9e:ec:bb:57:61:3a:a9:fc:e3:2c:d7:f8:cc:
06:8a:89:73
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTo5DYA9L0Fn1X04+eLkWCstfDXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMjQyOGVjYjMxZmRiODlkOWQwNzVlYjMyZTc1NTJlODUwMzE3OWNkZTg4
MmRlNDgxNzg4MzUzNTc3YTBmNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMh+cV6LsFWrXB1R+JOU44syzZJA6IgYOYj9E9pd7U0vlHYzthrUTJAIuIHJ
yW1xWYUuMpHVcgI9rTo1ARQKngXQcJHHCPG5niGOHxX/ebrNjWMA2v1wk/1YRyKd
oYBcv9RNmxIssfOPnC7nqwzP0k4j8HO/e/WuMBfN3qaD+a8dCLwaQPNFlRVWyciz
O824wGtqMS6M96P4k3wvzj1Q9MfruUSb67GLfnA/CTRE0APgmHyoqemaHsOfOx79
t96N3/QobIq+0hr0ufs/U5TKuFZucwx8ZLeVd2/1FSndZu94lIa60tsMWigqAGZZ
LKvuQI6nup6l4odV2NJzOaagh0cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9s5JQ
2iG4Qvwt/ELlIDxwx35lFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAXQiS4TAmV8mBwmRLqSnLds7JpyNQYFJw4ulfC7Re
LSmOnnjqSEmPV9W+GLp4HzWrcHrYifQIQFRkBzS0o8kGvSeCkMYkrVCjJKPd/clV
dy2IHVRVLWiOw8/kUBNXeyz4co1nQu+7jNYkIj88Vh/FByPNql0rM0y0Kj0XT0Vy
B3xnEu2bnV1wd7SMXx1Xkd8zbKqYag3n1anvK26HI3APxtJTSOYcMHWztwZjSkb2
xsnwK8f8Qm6dz4DsH/0VrGjFDTul9mokPSvCMb7z1vnQ7mQDC7PbDsni/1aIgG3k
GVmvrvDbWJnfe8JIImBMZxWe7LtXYTqp/OMs1/jMBoqJcw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org