Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
File: 677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa (raw, json)
Hash identifier: tb3um2s/Z3x1jnzlSMYmJkwsWINOnSCaV7tqNqkwfvs=
Subject key identifier: 3D:B7:DB:3F:D3:11:48:19:3E:4D:E3:2E:77:93:C6:23:7D:18:13:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 223A7976FF0B76D4878F6D85E6FCF0E08A6589D0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1080::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:3a:79:76:ff:0b:76:d4:87:8f:6d:85:e6:fc:f0:e0:8a:65:89:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=06bf6aaf9e7faca3c6cdd97e49565982b4fe8118267fffca9d96e8f9caa8608c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7d:d8:26:e7:98:c9:38:f3:c4:a0:a3:88:9f:
47:24:8e:e3:e8:39:cd:f0:e4:4b:21:0b:93:7e:81:
9f:e8:04:a7:c9:69:32:d0:dd:15:fb:46:92:88:b3:
da:cb:3c:30:25:45:3b:d0:4e:a7:6e:a4:c1:82:ed:
d9:31:00:c2:0f:92:a6:87:8d:6a:df:51:fd:e8:f9:
2a:77:34:ee:e1:0b:6a:3b:35:2d:5f:fd:92:ce:ac:
29:99:7a:06:6b:8b:98:e7:5b:c0:37:ea:be:9d:bf:
01:ee:e5:8a:93:19:b6:e8:55:ea:6f:cd:5f:50:10:
52:b8:c0:ed:3f:a6:67:37:2f:4d:60:6b:ae:9a:5b:
12:79:60:bf:d8:40:bd:a6:38:cb:15:97:84:3f:8e:
9b:60:43:2c:e0:26:1e:b3:8e:00:e8:f3:57:e2:b7:
65:d5:8d:8c:0c:29:6b:c7:47:89:4c:eb:59:e1:37:
78:dd:ff:ee:90:32:59:72:91:c6:ba:5f:4f:18:1a:
ad:cb:58:d8:32:73:47:a0:19:e5:c1:ee:1e:45:82:
b3:6b:50:bb:df:73:1f:de:2f:9c:5a:7d:f7:94:8c:
9e:dc:48:c1:0e:4c:6d:95:c7:14:91:49:e2:9f:e6:
d0:90:a5:e7:ce:1b:59:f2:3b:ab:81:3b:d2:92:3f:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B7:DB:3F:D3:11:48:19:3E:4D:E3:2E:77:93:C6:23:7D:18:13:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/677abfb7-a1d7-4ad8-886e-54ff374bcc6a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1080::/41
Signature Algorithm: sha256WithRSAEncryption
31:3d:b2:b3:19:d7:93:f1:36:db:a4:4b:f8:05:88:78:5b:06:
81:12:40:d3:2f:0e:d0:99:25:ca:f0:4a:71:40:24:8a:fe:87:
9f:a6:39:96:14:cc:30:7a:75:0e:07:b7:9f:f5:61:84:7d:f0:
70:92:de:bc:d5:de:e7:6c:46:c8:8f:e5:7c:9a:f9:6c:b4:dc:
a8:a2:5e:f5:ab:c5:ff:f1:ba:8f:03:39:6f:72:f3:74:24:32:
91:76:65:69:4a:58:ed:56:78:32:7e:90:93:19:b9:a1:e9:4a:
26:34:35:50:a1:37:b8:e7:99:d2:87:e3:25:9b:64:80:18:b5:
39:0c:94:60:da:c4:2c:b5:69:2a:32:09:1d:2f:3d:c2:16:39:
b7:d0:db:b5:d0:ea:0a:c7:71:51:ce:f2:82:79:6e:e9:71:26:
da:22:f8:76:89:2a:5f:a1:90:09:ea:dd:4a:f5:17:c1:c0:b8:
f6:4a:1e:0f:e9:80:d2:84:00:f0:cd:95:ef:f2:9e:6e:46:2a:
73:9e:6b:e3:f5:88:6b:a7:10:e9:fc:61:61:67:cd:c9:68:ae:
72:02:ea:8b:65:e0:de:10:83:03:12:2a:be:b7:be:e2:6b:a1:
2c:91:1b:37:dd:a7:aa:1d:79:8c:2d:a3:33:4e:e0:42:7a:b9:
18:69:4f:06
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIjp5dv8LdtSHj22F5vzw4IplidAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2YmY2YWFmOWU3ZmFjYTNjNmNkZDk3ZTQ5NTY1OTgyYjRmZTgxMTgyNjdm
ZmZjYTlkOTZlOGY5Y2FhODYwOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJx92CbnmMk488Sgo4ifRySO4+g5zfDkSyELk36Bn+gEp8lpMtDdFftGkoiz
2ss8MCVFO9BOp26kwYLt2TEAwg+SpoeNat9R/ej5Knc07uELajs1LV/9ks6sKZl6
BmuLmOdbwDfqvp2/Ae7lipMZtuhV6m/NX1AQUrjA7T+mZzcvTWBrrppbEnlgv9hA
vaY4yxWXhD+Om2BDLOAmHrOOAOjzV+K3ZdWNjAwpa8dHiUzrWeE3eN3/7pAyWXKR
xrpfTxgarctY2DJzR6AZ5cHuHkWCs2tQu99zH94vnFp995SMntxIwQ5MbZXHFJFJ
4p/m0JCl584bWfI7q4E70pI/t2ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ9t9s/
0xFIGT5N4y53k8YjfRgT4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc3YWJmYjctYTFkNy00YWQ4LTg4NmUtNTRmZjM3NGJjYzZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHByoBBXgQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAMT2ysxnXk/E226RL+AWIeFsGgRJA0y8O0Jkl
yvBKcUAkiv6Hn6Y5lhTMMHp1Dge3n/VhhH3wcJLevNXe52xGyI/lfJr5bLTcqKJe
9avF//G6jwM5b3LzdCQykXZlaUpY7VZ4Mn6Qkxm5oelKJjQ1UKE3uOeZ0ofjJZtk
gBi1OQyUYNrELLVpKjIJHS89whY5t9DbtdDqCsdxUc7ygnlu6XEm2iL4dokqX6GQ
CerdSvUXwcC49koeD+mA0oQA8M2V7/KebkYqc55r4/WIa6cQ6fxhYWfNyWiucgLq
i2Xg3hCDAxIqvre+4muhLJEbN92nqh15jC2jM07gQnq5GGlPBg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org