Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
File: 75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa (raw, json)
Hash identifier: mx/C7oyuCnfXUZSLWuvDuRT07Boa62OCJyhPbS/2haU=
Subject key identifier: 61:A1:70:56:BC:DF:3C:68:81:41:F1:C7:AB:BE:0A:7C:02:7A:18:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71D416FAA3DE805D4BA15FBAB5334A3350387083
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:d4:16:fa:a3:de:80:5d:4b:a1:5f:ba:b5:33:4a:33:50:38:70:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=70740e54269a38995779aec4de6de1ddc6e9b74cb265df4d2ac5770a487a1e93, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8d:02:12:2f:1d:c8:da:d5:1b:d9:95:ac:bf:
9a:94:ae:e4:9b:13:72:c7:49:ca:b0:08:8a:fe:94:
9e:d9:4b:df:de:b7:a1:3e:3e:20:96:3e:5e:53:70:
cb:47:09:84:78:1d:f7:2e:ee:f2:e0:b4:2d:49:01:
4f:d6:d0:84:0a:94:46:f9:90:15:c2:bb:e7:35:ce:
93:83:85:53:a5:85:63:bf:14:e8:a4:40:74:ed:b4:
34:29:d2:c2:d2:b3:0f:9d:3c:6a:3f:9f:12:af:b0:
9c:75:8b:ef:6b:d2:2c:d4:d5:ce:80:95:1e:76:34:
ff:1e:24:3d:40:91:f1:5a:1e:db:13:7e:4b:1f:f3:
b6:66:99:2c:b6:3d:ad:be:f1:c2:75:f4:15:1e:c4:
d2:81:c4:89:7f:a1:d8:c2:dd:65:1f:9a:67:5b:95:
cc:4a:20:f7:8c:92:50:8e:6f:f9:2c:2f:ab:96:a3:
e0:89:d2:49:30:d9:25:ba:c3:2f:56:1a:11:12:79:
a5:67:a2:34:02:9c:0e:9a:19:29:8b:b5:b6:83:29:
d3:61:df:cd:92:6a:27:69:77:e6:b4:e5:ea:4e:c7:
40:a6:a2:36:94:af:f9:d4:2d:16:55:4b:2e:4a:5d:
b3:61:a3:36:a0:45:39:5c:28:1b:28:47:64:3f:96:
8a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A1:70:56:BC:DF:3C:68:81:41:F1:C7:AB:BE:0A:7C:02:7A:18:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/75d16d96-9e57-4cc0-83df-2c011ccc8dea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
5c:bf:44:b5:4f:b1:90:97:35:a4:69:4c:c0:4d:d0:b4:00:cf:
ee:93:70:24:20:48:72:7e:b0:23:a2:e1:14:10:2c:f3:2b:12:
08:3b:a2:48:f2:2c:eb:54:da:5d:93:c6:45:b8:1a:37:1f:64:
0c:36:13:93:ba:e5:56:46:d5:ac:f0:07:23:14:e1:c0:2f:7a:
4f:77:4f:bd:41:5a:b9:ce:1f:43:5a:04:52:91:c5:4a:4a:e2:
33:d5:d4:52:1a:f3:54:f7:16:62:12:2f:13:d9:fb:7b:b0:0b:
e3:57:4c:47:fc:fc:f4:eb:e0:20:11:45:c5:6c:bf:e8:26:fd:
f8:c2:aa:bd:d5:65:69:6e:91:66:44:60:12:0b:82:77:68:8f:
2d:fc:15:91:8d:54:9e:8c:e2:3c:a4:c9:60:b5:7b:87:cf:e7:
f4:cb:b8:d3:d2:79:68:69:33:a2:fb:8b:33:7a:e7:e7:b2:00:
7d:bc:74:71:7c:57:4f:b6:ba:ea:64:7c:9b:04:81:43:ac:ed:
81:5f:ab:31:6e:f4:ce:b9:06:c3:aa:83:cc:8f:d4:8f:57:bf:
a1:8f:8c:a8:72:7b:87:7b:e9:87:77:08:36:88:5f:46:97:67:
fa:e3:9d:91:00:73:63:5f:db:1c:a4:e0:bf:04:56:77:7b:c0:
11:25:b4:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcdQW+qPegF1LoV+6tTNKM1A4cIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwNzQwZTU0MjY5YTM4OTk1Nzc5YWVjNGRlNmRlMWRkYzZlOWI3NGNiMjY1
ZGY0ZDJhYzU3NzBhNDg3YTFlOTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSNAhIvHcja1RvZlay/mpSu5JsTcsdJyrAIiv6UntlL3963oT4+IJY+XlNw
y0cJhHgd9y7u8uC0LUkBT9bQhAqURvmQFcK75zXOk4OFU6WFY78U6KRAdO20NCnS
wtKzD508aj+fEq+wnHWL72vSLNTVzoCVHnY0/x4kPUCR8Voe2xN+Sx/ztmaZLLY9
rb7xwnX0FR7E0oHEiX+h2MLdZR+aZ1uVzEog94ySUI5v+Swvq5aj4InSSTDZJbrD
L1YaERJ5pWeiNAKcDpoZKYu1toMp02HfzZJqJ2l35rTl6k7HQKaiNpSv+dQtFlVL
Lkpds2GjNqBFOVwoGyhHZD+WigMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhoXBW
vN88aIFB8cervgp8AnoYhzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzVkMTZkOTYtOWU1Ny00Y2MwLTgzZGYtMmMwMTFjY2M4ZGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQBcv0S1T7GQlzWkaUzATdC0AM/uk3AkIEhyfrAj
ouEUECzzKxIIO6JI8izrVNpdk8ZFuBo3H2QMNhOTuuVWRtWs8AcjFOHAL3pPd0+9
QVq5zh9DWgRSkcVKSuIz1dRSGvNU9xZiEi8T2ft7sAvjV0xH/Pz06+AgEUXFbL/o
Jv34wqq91WVpbpFmRGASC4J3aI8t/BWRjVSejOI8pMlgtXuHz+f0y7jT0nloaTOi
+4szeufnsgB9vHRxfFdPtrrqZHybBIFDrO2BX6sxbvTOuQbDqoPMj9SPV7+hj4yo
cnuHe+mHdwg2iF9Gl2f6452RAHNjX9scpOC/BFZ3e8ARJbTT
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org