Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
File: 79f828d9-a8c6-4d05-b291-d1f3154636f8.roa (raw, json)
Hash identifier: 3eiItFTfdAoYl7L5kAUpeiAEpUbm/+TEIV3eNWrN2Ds=
Subject key identifier: BF:DF:CF:74:6D:14:6B:96:DD:B2:0F:2B:91:BA:A2:36:FD:F0:B8:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6487EEFEA7076F99C71066D47E2EBDC9841C34A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:87:ee:fe:a7:07:6f:99:c7:10:66:d4:7e:2e:bd:c9:84:1c:34:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=1719edc32335da265356a3a525524226f95f05d5a72862cca79bf55c2b6bd05f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d6:1f:fa:4b:16:95:aa:0e:5f:27:64:0d:c9:
57:eb:3d:a2:48:40:5f:4d:11:f1:47:24:c9:ab:94:
c3:7a:0a:5b:0d:a8:8b:36:f1:95:72:65:01:ed:55:
88:01:73:99:47:c8:f7:55:0a:c5:1c:88:8d:eb:44:
2a:2d:da:9f:2d:73:d1:2e:cc:35:b9:99:72:2d:34:
51:d4:fb:dc:3f:f9:dd:c7:60:87:ca:03:54:39:fb:
76:0e:e3:9b:b6:97:50:52:27:37:a5:b2:17:7c:3e:
8e:3f:a6:a2:f5:0c:a1:9b:bb:a5:06:41:99:bb:67:
05:9d:f7:b9:f9:47:7c:af:9a:31:35:62:e8:70:d3:
a7:19:86:67:64:b1:64:7e:8b:34:fe:69:f4:db:0a:
9e:08:20:86:d2:4b:06:91:93:04:e6:bb:58:49:b7:
0e:33:07:a2:61:47:45:92:4d:cd:83:36:93:57:1e:
06:f4:2f:35:f9:71:fa:16:ed:c4:5a:48:b4:a9:c4:
fd:af:00:2b:c3:96:47:23:b8:3d:65:af:26:76:9e:
7b:f2:2c:0b:d8:fe:48:94:d0:9d:b6:39:07:af:33:
5d:a1:b9:7b:f5:80:38:f0:75:d6:71:8a:e4:63:78:
de:05:09:2a:82:85:1b:fc:48:23:ac:42:5f:59:dd:
32:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DF:CF:74:6D:14:6B:96:DD:B2:0F:2B:91:BA:A2:36:FD:F0:B8:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79f828d9-a8c6-4d05-b291-d1f3154636f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:e2:78:d4:92:bf:92:73:99:3d:2b:55:1f:0d:96:a6:56:8b:
73:f8:b5:e1:bc:c0:61:c8:39:fb:1c:ce:b3:16:cd:69:cd:02:
5f:24:b9:86:a4:d5:51:d4:e7:f2:57:2a:d0:e6:b2:e9:7d:89:
60:34:86:29:77:d4:7f:e3:08:e3:ad:b7:49:11:b0:21:7c:2a:
0b:c1:81:a0:87:7f:6a:50:98:30:63:7c:9a:72:2c:53:40:3e:
f5:76:a3:69:84:bd:06:55:6a:4c:bc:6d:67:00:54:9f:08:5c:
ec:1c:ad:65:ad:63:04:7f:fe:d4:aa:65:29:1e:67:c9:b6:f2:
7e:96:0c:db:84:f1:de:b3:d2:f0:a0:63:8f:60:92:08:06:87:
b4:93:bf:e4:1b:62:8a:f0:b6:1b:85:d3:0e:62:68:e7:a9:f3:
f3:14:d5:bb:6d:5c:d9:45:27:91:35:18:a5:53:b2:77:c6:04:
9a:36:f3:32:0f:aa:9e:47:2b:94:64:fe:2e:06:ee:01:31:f9:
ce:f7:80:53:95:5f:49:02:18:3f:a8:a2:67:c4:0a:1b:56:7e:
2d:09:7b:b1:92:b4:54:07:88:1f:7d:e0:30:84:4d:cd:94:13:
62:7c:bf:bd:a5:99:fc:7a:15:44:80:8a:f5:60:33:74:84:2d:
8c:4c:7f:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZIfu/qcHb5nHEGbUfi69yYQcNKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MTllZGMzMjMzNWRhMjY1MzU2YTNhNTI1NTI0MjI2Zjk1ZjA1ZDVhNzI4
NjJjY2E3OWJmNTVjMmI2YmQwNWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjWH/pLFpWqDl8nZA3JV+s9okhAX00R8UckyauUw3oKWw2oizbxlXJlAe1V
iAFzmUfI91UKxRyIjetEKi3any1z0S7MNbmZci00UdT73D/53cdgh8oDVDn7dg7j
m7aXUFInN6WyF3w+jj+movUMoZu7pQZBmbtnBZ33uflHfK+aMTVi6HDTpxmGZ2Sx
ZH6LNP5p9NsKnggghtJLBpGTBOa7WEm3DjMHomFHRZJNzYM2k1ceBvQvNflx+hbt
xFpItKnE/a8AK8OWRyO4PWWvJnaee/IsC9j+SJTQnbY5B68zXaG5e/WAOPB11nGK
5GN43gUJKoKFG/xII6xCX1ndMhcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/3890
bRRrlt2yDyuRuqI2/fC4TzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzlmODI4ZDktYThjNi00ZDA1LWIyOTEtZDFmMzE1NDYzNmY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQBl4njUkr+Sc5k9K1UfDZamVotz+LXhvMBhyDn7HM6z
Fs1pzQJfJLmGpNVR1OfyVyrQ5rLpfYlgNIYpd9R/4wjjrbdJEbAhfCoLwYGgh39q
UJgwY3yacixTQD71dqNphL0GVWpMvG1nAFSfCFzsHK1lrWMEf/7UqmUpHmfJtvJ+
lgzbhPHes9LwoGOPYJIIBoe0k7/kG2KK8LYbhdMOYmjnqfPzFNW7bVzZRSeRNRil
U7J3xgSaNvMyD6qeRyuUZP4uBu4BMfnO94BTlV9JAhg/qKJnxAobVn4tCXuxkrRU
B4gffeAwhE3NlBNifL+9pZn8ehVEgIr1YDN0hC2MTH+f
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org