Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
File: 760b79cf-4b6a-441d-8cec-518fe8e653f9.roa (raw, json)
Hash identifier: EUKlq2VPaMl9Aawb914pLbOqGYaDEGrO5Xa5Ruf+vEs=
Subject key identifier: 5B:09:B0:28:64:F3:FC:1A:63:4D:38:96:B2:4A:71:F1:93:C4:11:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14170844C861D55502EF7B3804E5C66A35425C0F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:17:08:44:c8:61:d5:55:02:ef:7b:38:04:e5:c6:6a:35:42:5c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=c1a86a304137689574440a23bb7f48032b6cd2ec8713154497b686cae6fcb1ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:ab:d0:fd:00:92:f5:bc:ea:99:9e:80:3a:
0c:a7:00:40:23:51:82:ab:f7:ee:b0:32:b7:a7:0b:
9c:7e:cf:bf:cc:42:4f:43:b7:04:4d:2d:2f:3e:b0:
e0:63:fd:6d:d3:7c:3b:f2:f7:e1:66:c8:69:dc:39:
12:72:75:f6:cc:2c:2c:00:ef:d8:2b:c9:c2:10:4f:
10:23:5a:d6:f5:23:0d:34:e6:db:c1:4e:00:40:b0:
23:a6:cd:85:3c:d6:30:bd:ee:d7:b6:8b:c8:43:1e:
f2:cd:33:a5:99:05:d9:76:8b:7d:a0:eb:9c:c1:7a:
b6:26:8d:5a:b9:98:89:f2:21:41:0d:7d:76:d0:33:
0e:35:ba:8c:dc:26:01:10:01:c1:0b:90:17:0b:f6:
03:63:91:35:1f:63:97:94:84:7a:25:81:04:53:08:
2a:fd:82:03:da:5a:65:20:6b:03:c6:36:4a:da:a6:
4c:42:77:de:37:f7:a8:bd:51:12:f6:3d:cf:d8:bb:
7e:b3:3e:6e:79:2f:34:4f:01:87:07:36:b0:e1:53:
d4:a0:0f:76:7c:36:9a:83:e6:8f:90:dc:d1:ae:8c:
be:71:5f:b1:62:49:7d:49:fc:03:6f:75:9b:a2:b7:
4c:47:a0:d3:35:b2:7a:45:98:19:4a:28:82:45:5b:
57:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:09:B0:28:64:F3:FC:1A:63:4D:38:96:B2:4A:71:F1:93:C4:11:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/760b79cf-4b6a-441d-8cec-518fe8e653f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:ef:1c:49:ae:ad:7e:8c:a9:1a:40:e8:f9:75:6b:c8:2d:69:
75:38:85:27:33:fe:49:a3:62:cc:a1:4a:40:86:51:27:ce:3d:
8b:ab:f2:0e:4b:10:79:31:d1:32:1d:fb:d3:92:ec:44:f6:2d:
e6:aa:bd:a5:c5:c6:22:ef:ad:ba:05:d6:bd:25:ae:2c:79:07:
4e:21:ac:2d:1a:71:eb:35:e2:bd:88:de:b3:95:e6:c1:65:3b:
42:0d:72:28:fe:cc:ea:93:74:19:8b:21:53:ac:b1:3a:28:c0:
f5:42:01:7c:e2:6c:3f:16:99:52:fc:9a:b1:44:0d:10:b1:69:
40:c3:eb:2d:f7:70:a6:d6:73:a1:b2:a7:b6:bc:06:87:d3:4a:
98:32:58:5a:a5:43:73:a9:d6:f1:d9:8a:82:12:1e:29:3e:54:
7a:a6:7e:76:b0:2d:99:f5:76:71:b0:e6:08:c6:3b:63:fd:70:
a5:99:ab:31:11:57:41:30:b2:50:e4:62:5f:57:ac:ec:f3:5b:
8d:75:90:1e:12:56:db:4c:17:be:ec:d1:64:c6:47:b0:f2:99:
8e:20:f7:97:7d:80:0f:c3:73:7b:f8:2c:9d:4e:37:b6:fc:d0:
7e:a2:4a:c8:24:f5:1e:75:ce:4f:df:64:53:06:f0:c7:ba:22:
e6:4d:f6:22
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFBcIRMhh1VUC73s4BOXGajVCXA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxYTg2YTMwNDEzNzY4OTU3NDQ0MGEyM2JiN2Y0ODAzMmI2Y2QyZWM4NzEz
MTU0NDk3YjY4NmNhZTZmY2IxZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3uq9D9AJL1vOqZnoA6DKcAQCNRgqv37rAyt6cLnH7Pv8xCT0O3BE0tLz6w
4GP9bdN8O/L34WbIadw5EnJ19swsLADv2CvJwhBPECNa1vUjDTTm28FOAECwI6bN
hTzWML3u17aLyEMe8s0zpZkF2XaLfaDrnMF6tiaNWrmYifIhQQ19dtAzDjW6jNwm
ARABwQuQFwv2A2ORNR9jl5SEeiWBBFMIKv2CA9paZSBrA8Y2StqmTEJ33jf3qL1R
EvY9z9i7frM+bnkvNE8Bhwc2sOFT1KAPdnw2moPmj5Dc0a6MvnFfsWJJfUn8A291
m6K3TEeg0zWyekWYGUoogkVbV1sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRbCbAo
ZPP8GmNNOJaySnHxk8QRvzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzYwYjc5Y2YtNGI2YS00NDFkLThjZWMtNTE4ZmU4ZTY1M2Y5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQBh7xxJrq1+jKkaQOj5dWvILWl1OIUnM/5Jo2LMoUpA
hlEnzj2Lq/IOSxB5MdEyHfvTkuxE9i3mqr2lxcYi7626Bda9Ja4seQdOIawtGnHr
NeK9iN6zlebBZTtCDXIo/szqk3QZiyFTrLE6KMD1QgF84mw/FplS/JqxRA0QsWlA
w+st93Cm1nOhsqe2vAaH00qYMlhapUNzqdbx2YqCEh4pPlR6pn52sC2Z9XZxsOYI
xjtj/XClmasxEVdBMLJQ5GJfV6zs81uNdZAeElbbTBe+7NFkxkew8pmOIPeXfYAP
w3N7+CydTje2/NB+okrIJPUedc5P32RTBvDHuiLmTfYi
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org