Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
File: 71d66127-3f22-4413-8fe7-9d46d7fe6626.roa (raw, json)
Hash identifier: up3HLF4dbar4EFv3+cBvPRL0Nx2f7jsYrEj9pqKZVk0=
Subject key identifier: 9E:6F:B0:D5:5A:C1:A8:6C:66:17:44:90:0D:7F:86:9D:F4:71:1A:FF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 133769D3643A5BD4CF17888FC3197245EAD54844
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:37:69:d3:64:3a:5b:d4:cf:17:88:8f:c3:19:72:45:ea:d5:48:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=72331b3336d633920bb84af98330dad1bdfbda81f594bed6f9529d7ab51a7a73, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7e:4a:fa:65:eb:31:06:d9:a3:a9:1c:9d:8c:
53:2d:60:1f:14:65:d6:53:c1:a1:0f:6a:50:4f:bb:
72:a7:ba:8a:73:5b:cf:36:bf:6d:bd:f2:21:32:d9:
1a:e4:4a:c4:00:7e:a3:70:14:4e:c0:69:97:5f:ed:
4a:bc:30:ff:fb:8c:51:28:24:5f:9a:44:0d:54:3b:
a1:20:0e:b5:70:fb:24:27:1e:13:73:15:eb:ce:9c:
86:fc:87:d4:cb:17:8d:ea:d4:98:1f:fe:72:14:f7:
80:bf:55:8e:86:59:7b:6a:a8:8f:ab:11:40:7a:a4:
f1:31:5f:3d:b7:d3:43:d1:75:09:74:98:c2:98:48:
1e:f5:d4:7f:68:7d:85:a9:91:7d:bf:02:e9:64:22:
d9:4b:b5:44:63:b3:11:6a:de:27:a8:10:06:36:dd:
f6:70:de:d5:a3:26:a0:eb:5c:99:54:c8:28:f7:24:
f3:ad:07:1e:fb:39:5c:fe:68:8e:c2:28:13:f4:6d:
9c:fe:0b:47:1a:b1:34:68:74:6e:83:54:bc:63:09:
ed:5e:e5:8c:fd:d1:80:ab:71:34:af:18:6e:11:cd:
c6:62:d3:6e:a9:83:cc:4d:65:d2:a6:62:d5:9c:4e:
15:ed:36:d7:86:4d:b1:23:90:bb:ab:29:cd:71:d2:
e2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6F:B0:D5:5A:C1:A8:6C:66:17:44:90:0D:7F:86:9D:F4:71:1A:FF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/71d66127-3f22-4413-8fe7-9d46d7fe6626.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:ec:be:94:59:4c:b3:75:f6:4e:e5:65:3d:f8:fe:86:3f:55:
28:89:bc:55:81:f9:4a:76:80:5d:17:3f:0c:3c:5d:1b:33:dc:
9c:1d:e6:69:c0:76:42:d3:d2:46:1b:bd:52:87:59:25:59:74:
a0:4b:c1:af:fe:46:5a:01:15:52:52:56:b4:a1:8b:f7:32:30:
c2:19:fe:9a:7b:2f:2f:69:2b:15:68:df:c8:6d:76:74:d3:af:
9a:87:bb:35:fa:28:52:66:c0:c1:8e:18:8f:bc:56:53:73:bd:
75:13:44:2f:1c:1c:37:ae:b0:c3:2d:33:e9:45:f5:f7:19:16:
a9:27:dd:71:9d:69:f8:30:00:a6:de:98:16:12:b8:63:50:63:
e0:9c:de:dd:aa:76:d5:66:c2:54:9f:cc:c5:3f:ef:a7:d8:1f:
d3:d2:eb:88:d9:72:f5:93:42:88:18:f8:c2:e7:7e:83:8a:18:
ce:83:95:28:af:c3:fc:46:93:f1:ab:df:0e:2a:ac:de:d0:ef:
04:2c:63:a6:df:c0:0b:6f:ed:37:ab:70:78:0d:b1:11:ce:18:
01:d3:9b:c8:f4:32:ed:87:3a:ab:29:82:65:0d:43:33:a3:91:
96:d9:1f:1c:e2:36:72:26:34:f6:20:04:c2:e1:c7:70:2e:b6:
f9:e6:ab:41
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEzdp02Q6W9TPF4iPwxlyRerVSEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyMzMxYjMzMzZkNjMzOTIwYmI4NGFmOTgzMzBkYWQxYmRmYmRhODFmNTk0
YmVkNmY5NTI5ZDdhYjUxYTdhNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALp+Svpl6zEG2aOpHJ2MUy1gHxRl1lPBoQ9qUE+7cqe6inNbzza/bb3yITLZ
GuRKxAB+o3AUTsBpl1/tSrww//uMUSgkX5pEDVQ7oSAOtXD7JCceE3MV686chvyH
1MsXjerUmB/+chT3gL9VjoZZe2qoj6sRQHqk8TFfPbfTQ9F1CXSYwphIHvXUf2h9
hamRfb8C6WQi2Uu1RGOzEWreJ6gQBjbd9nDe1aMmoOtcmVTIKPck860HHvs5XP5o
jsIoE/RtnP4LRxqxNGh0boNUvGMJ7V7ljP3RgKtxNK8YbhHNxmLTbqmDzE1l0qZi
1ZxOFe0214ZNsSOQu6spzXHS4hkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSeb7DV
WsGobGYXRJANf4ad9HEa/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzFkNjYxMjctM2YyMi00NDEzLThmZTctOWQ0NmQ3ZmU2NjI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQCY7L6UWUyzdfZO5WU9+P6GP1UoibxVgflKdoBdFz8M
PF0bM9ycHeZpwHZC09JGG71Sh1klWXSgS8Gv/kZaARVSUla0oYv3MjDCGf6aey8v
aSsVaN/IbXZ006+ah7s1+ihSZsDBjhiPvFZTc711E0QvHBw3rrDDLTPpRfX3GRap
J91xnWn4MACm3pgWErhjUGPgnN7dqnbVZsJUn8zFP++n2B/T0uuI2XL1k0KIGPjC
536DihjOg5Uor8P8RpPxq98OKqze0O8ELGOm38ALb+03q3B4DbERzhgB05vI9DLt
hzqrKYJlDUMzo5GW2R8c4jZyJjT2IATC4cdwLrb55qtB
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org