Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
File: 73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa (raw, json)
Hash identifier: MbJgNOVNa6Xul+T/IfwzYyVoL7jo4Z5CT8fzOn3SoOY=
Subject key identifier: BF:11:6C:6C:BE:E6:DF:D5:A1:1F:E8:A6:F6:2D:B7:A8:ED:23:17:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2ED3171EE009AC531F385D28C1F8E15FFD6CC2B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:d3:17:1e:e0:09:ac:53:1f:38:5d:28:c1:f8:e1:5f:fd:6c:c2:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=e6d6487c5a434549f6a100175daf5110b4ebdca3f959f1136ce5f5375e30fb66, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:13:87:61:85:84:5d:b4:2f:5c:58:a7:a0:52:
f3:68:0f:e6:29:a6:40:ef:8f:1d:63:96:fd:95:92:
f9:9a:09:07:f8:7a:7f:43:d9:c0:d6:b6:73:6f:36:
e7:36:f8:26:c8:ff:c2:fe:19:ac:f7:c1:a4:06:09:
68:4e:be:87:61:c6:ae:27:30:07:1a:09:af:ed:38:
8f:04:72:3f:2d:82:57:6c:da:20:44:02:7a:2a:ee:
de:41:d9:82:bc:6c:3c:a1:57:8f:99:29:33:0f:13:
d1:88:2d:e7:dd:26:a1:12:38:ae:84:2a:9b:39:4c:
b2:5e:6c:23:7d:9d:bf:e2:0c:85:2a:cd:df:02:b7:
3b:fc:dd:87:66:77:a7:6f:c7:f3:f8:6f:75:46:56:
d8:ab:24:ce:1a:5d:10:17:81:92:dc:16:86:92:41:
f0:a8:f6:04:31:73:c9:63:79:93:45:a3:36:b8:e7:
a0:79:7a:de:c0:fa:94:c0:e2:f7:22:5c:ad:ba:76:
9e:56:af:f6:e2:98:0e:c8:e3:9c:ea:40:9a:6f:55:
e0:64:0d:d7:d1:cd:d2:85:55:e2:a5:e0:4e:a9:f7:
83:c5:09:6a:21:9d:1d:cc:90:3f:47:8b:2a:7f:56:
2e:c5:a9:a1:f7:47:2a:a6:74:e0:30:69:21:44:da:
e7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:11:6C:6C:BE:E6:DF:D5:A1:1F:E8:A6:F6:2D:B7:A8:ED:23:17:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/73ee2472-7caf-47b5-b2ff-15ab6f54121a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:7d:00:c6:38:6a:eb:4c:03:32:e0:2f:6d:3d:2a:6d:a7:12:
79:a3:7d:4d:f8:ff:53:71:b2:06:65:61:58:a3:47:de:2d:aa:
d9:39:84:1b:f4:7a:36:42:dd:17:4b:c3:ef:79:3c:31:a2:bb:
6e:77:ae:9d:9b:34:08:08:61:6b:b6:82:e9:d9:9b:0a:e8:b2:
31:44:fd:00:05:01:fc:3a:6b:4c:83:ba:cf:09:1a:33:24:d0:
39:2b:01:8b:19:6f:b2:df:5f:82:8b:50:2f:7f:d9:4f:16:02:
91:1b:31:fb:14:84:9d:37:7c:85:96:1f:b8:f5:67:14:36:2f:
f9:79:5e:12:d1:b9:93:40:28:c9:e2:d0:df:a3:5d:8d:de:57:
25:41:0e:a6:3d:96:b3:d9:95:f6:ed:7c:09:d1:9b:dc:ab:fc:
cd:3a:c3:a1:de:35:fc:82:d3:17:e8:87:ab:6b:14:ca:20:80:
ab:c4:7c:57:0d:cb:1f:73:c4:31:ee:9f:e9:1b:7d:2e:f4:1d:
1f:af:99:f0:b4:68:be:e2:2f:d0:6e:5d:42:62:90:17:be:ba:
ab:6b:9d:36:e5:14:eb:97:9b:dc:5c:a0:87:b2:fe:ca:06:b4:
7b:14:84:85:0d:44:67:10:b2:40:bc:9a:a6:63:cd:28:62:33:
01:b9:12:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULtMXHuAJrFMfOF0owfjhX/1swrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZDY0ODdjNWE0MzQ1NDlmNmExMDAxNzVkYWY1MTEwYjRlYmRjYTNmOTU5
ZjExMzZjZTVmNTM3NWUzMGZiNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMTh2GFhF20L1xYp6BS82gP5immQO+PHWOW/ZWS+ZoJB/h6f0PZwNa2c282
5zb4Jsj/wv4ZrPfBpAYJaE6+h2HGricwBxoJr+04jwRyPy2CV2zaIEQCeiru3kHZ
grxsPKFXj5kpMw8T0Ygt590moRI4roQqmzlMsl5sI32dv+IMhSrN3wK3O/zdh2Z3
p2/H8/hvdUZW2KskzhpdEBeBktwWhpJB8Kj2BDFzyWN5k0WjNrjnoHl63sD6lMDi
9yJcrbp2nlav9uKYDsjjnOpAmm9V4GQN19HN0oVV4qXgTqn3g8UJaiGdHcyQP0eL
Kn9WLsWpofdHKqZ04DBpIUTa52kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/EWxs
vubf1aEf6Kb2Lbeo7SMXAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzNlZTI0NzItN2NhZi00N2I1LWIyZmYtMTVhYjZmNTQxMjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQA9fQDGOGrrTAMy4C9tPSptpxJ5o31N+P9TcbIGZWFY
o0feLarZOYQb9Ho2Qt0XS8PveTwxortud66dmzQICGFrtoLp2ZsK6LIxRP0ABQH8
OmtMg7rPCRozJNA5KwGLGW+y31+Ci1Avf9lPFgKRGzH7FISdN3yFlh+49WcUNi/5
eV4S0bmTQCjJ4tDfo12N3lclQQ6mPZaz2ZX27XwJ0Zvcq/zNOsOh3jX8gtMX6Ier
axTKIICrxHxXDcsfc8Qx7p/pG30u9B0fr5nwtGi+4i/Qbl1CYpAXvrqra5025RTr
l5vcXKCHsv7KBrR7FISFDURnELJAvJqmY80oYjMBuRKX
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org