Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
File: 5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa (raw, json)
Hash identifier: cfVpBL/2UKf0wxFArC6CpyBnBgFWfPDyXwqhduw6a+Q=
Subject key identifier: EE:91:93:4E:47:A3:E1:A7:19:88:7B:8A:14:CA:D8:AE:71:48:19:D1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0ECCE96AFC9BAE4E33B72B58DDEEDD91D20A80CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:cc:e9:6a:fc:9b:ae:4e:33:b7:2b:58:dd:ee:dd:91:d2:0a:80:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=88394167b44bb30269537829f16caf8453bef35233f6eb5eb0515d606e19677d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8e:c6:90:58:c5:46:bb:c9:0e:a8:9f:6c:00:
b6:ae:30:53:42:72:85:7b:3f:45:91:8c:93:90:94:
68:78:a1:67:4b:84:45:81:2d:bb:da:fe:be:a6:8a:
d7:bf:6c:f0:05:97:65:db:b7:f4:7f:dd:f9:67:f7:
0d:f1:86:a6:f9:64:83:a3:a7:50:36:fa:63:c8:38:
84:0c:c8:e5:49:31:3e:ec:a4:ff:5a:99:25:c6:60:
78:6b:71:f9:10:00:9b:02:68:28:60:b9:9d:38:41:
40:33:56:7c:dd:7a:f3:f7:40:de:e2:c2:af:f3:6f:
aa:d7:49:98:d1:6a:2e:17:33:88:3e:42:00:22:76:
a5:d0:e6:87:a2:66:3c:e7:6c:2d:80:27:39:38:27:
95:c8:91:a0:f6:d3:42:1c:6b:39:13:32:fa:97:71:
79:c5:26:f6:68:5f:b1:4d:ab:8e:f5:e2:6a:c2:ba:
c2:c9:6b:1d:41:a8:4d:2f:c4:8c:1f:21:2a:88:8d:
f4:09:d2:c0:06:82:d1:db:9c:98:71:58:4e:22:cb:
f4:08:32:6e:68:93:bc:01:67:d8:6a:b4:6c:ad:66:
73:86:67:15:3a:b1:3c:d6:69:a6:ff:66:f3:38:f2:
68:ae:b5:1b:0e:0d:66:6d:dc:a5:32:04:0d:cf:0d:
eb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:91:93:4E:47:A3:E1:A7:19:88:7B:8A:14:CA:D8:AE:71:48:19:D1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5ceea456-43da-4fb4-95f6-e1b7b2e3f61f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:ed:c1:91:09:fb:3b:e3:78:69:69:a1:32:cb:a9:8d:e1:59:
aa:fa:8d:8d:8e:05:b0:cc:4c:d5:3e:60:9b:03:a5:f4:c8:a4:
c0:20:a3:39:ab:d2:e3:ef:0a:13:7f:70:05:40:05:be:fe:bd:
d6:7e:7d:29:87:f9:df:18:07:90:fd:0f:9b:99:5a:87:eb:8d:
7e:12:9a:ee:ff:8b:72:ee:83:05:99:43:b8:a5:54:63:0a:ff:
f6:13:85:0d:4b:08:da:dd:d8:77:29:7f:03:f7:87:af:5e:83:
32:e9:30:01:c0:e6:a1:18:1b:ad:c8:ec:60:bc:1f:a1:58:ec:
e4:d0:a7:df:15:77:6a:d2:91:c6:5d:15:d9:18:3c:5c:c6:41:
a2:7f:13:b4:f9:0e:7c:f0:65:85:7b:57:9c:e7:6e:a6:52:87:
5f:9f:e1:bf:ab:de:18:4b:0f:d0:fe:c8:ca:30:d0:66:28:7b:
31:7f:f5:b5:95:8d:63:89:6d:11:41:e5:e4:b2:9b:75:03:b0:
f5:ab:5b:6c:41:67:11:a8:11:51:ff:f9:fb:9a:91:e8:52:45:
21:72:07:28:a7:10:ee:d6:01:55:1e:c6:27:25:39:c7:e3:51:
b3:b9:c0:20:75:3d:07:e2:69:7f:51:04:d9:cd:58:62:70:6e:
83:0d:27:18
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDszpavybrk4ztytY3e7dkdIKgMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4Mzk0MTY3YjQ0YmIzMDI2OTUzNzgyOWYxNmNhZjg0NTNiZWYzNTIzM2Y2
ZWI1ZWIwNTE1ZDYwNmUxOTY3N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGOxpBYxUa7yQ6on2wAtq4wU0JyhXs/RZGMk5CUaHihZ0uERYEtu9r+vqaK
179s8AWXZdu39H/d+Wf3DfGGpvlkg6OnUDb6Y8g4hAzI5UkxPuyk/1qZJcZgeGtx
+RAAmwJoKGC5nThBQDNWfN168/dA3uLCr/NvqtdJmNFqLhcziD5CACJ2pdDmh6Jm
POdsLYAnOTgnlciRoPbTQhxrORMy+pdxecUm9mhfsU2rjvXiasK6wslrHUGoTS/E
jB8hKoiN9AnSwAaC0ducmHFYTiLL9AgybmiTvAFn2Gq0bK1mc4ZnFTqxPNZppv9m
8zjyaK61Gw4NZm3cpTIEDc8N6ycCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTukZNO
R6PhpxmIe4oUytiucUgZ0TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWNlZWE0NTYtNDNkYS00ZmI0LTk1ZjYtZTFiN2IyZTNmNjFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQAA7cGRCfs743hpaaEyy6mN4Vmq+o2NjgWwzEzVPmCb
A6X0yKTAIKM5q9Lj7woTf3AFQAW+/r3Wfn0ph/nfGAeQ/Q+bmVqH641+Epru/4ty
7oMFmUO4pVRjCv/2E4UNSwja3dh3KX8D94evXoMy6TABwOahGButyOxgvB+hWOzk
0KffFXdq0pHGXRXZGDxcxkGifxO0+Q588GWFe1ec526mUodfn+G/q94YSw/Q/sjK
MNBmKHsxf/W1lY1jiW0RQeXkspt1A7D1q1tsQWcRqBFR//n7mpHoUkUhcgcopxDu
1gFVHsYnJTnH41GzucAgdT0H4ml/UQTZzVhicG6DDScY
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org