Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: vuqz8qHk9lBV96wPI+zuedp1a7wy5CzkRSxEIJPadSw=
Subject key identifier: DF:5C:50:18:31:87:34:C1:FB:93:8A:A6:09:55:B5:CD:9A:80:11:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53D8656ACE16A2C3CBB0B65FD0DF4867313F062D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:d8:65:6a:ce:16:a2:c3:cb:b0:b6:5f:d0:df:48:67:31:3f:06:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=0dae6ef49d4110b9411ebb756bb9250feea0e924be67596d7eb5da1ef49a8e21, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ae:d5:4e:f9:7b:1e:05:37:6f:17:8c:8d:84:
d1:81:27:bf:cf:12:de:95:7b:6a:d8:ea:42:15:ff:
bd:f6:e6:f8:02:ec:db:1e:ad:ed:be:0b:19:47:8f:
36:c5:b0:b0:d0:f4:bb:5a:63:d9:b2:cf:10:d9:93:
d6:a6:d4:48:9b:af:08:4a:a6:70:3b:49:05:0e:78:
66:27:96:23:90:ab:df:c3:09:2b:fe:da:9f:42:1d:
ef:55:91:81:55:18:f1:4f:4a:e0:f6:d4:3a:d8:02:
2b:dd:38:eb:e3:4e:64:b7:07:64:76:c3:01:71:21:
25:9b:66:61:4a:4a:a9:84:af:63:6c:40:97:77:00:
87:41:f8:02:83:cd:19:9e:9a:01:d0:17:32:e0:74:
34:02:d7:19:be:09:fc:eb:40:71:00:0f:8d:e7:d0:
84:0a:63:4a:08:0d:7d:ab:18:29:e0:b9:66:49:51:
9e:a9:34:fc:a0:4e:5c:c5:b5:e8:37:20:ee:37:9d:
30:36:55:ec:c1:0b:89:4b:6c:ba:ed:bc:db:26:64:
33:d6:93:51:09:8a:01:6c:0f:12:7f:0e:ca:8c:63:
a0:4b:9d:62:fe:80:3b:74:f5:3f:9c:6c:be:f7:6d:
d1:59:33:e6:62:d4:c3:f3:f8:cb:0f:20:ad:71:aa:
23:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5C:50:18:31:87:34:C1:FB:93:8A:A6:09:55:B5:CD:9A:80:11:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
31:b2:48:6c:ea:d0:bd:60:02:27:ec:65:70:c2:35:ae:8c:26:
e7:11:9c:b5:49:5f:69:21:6f:c1:e6:05:02:10:78:59:24:bd:
1c:54:08:3e:79:de:22:c7:6a:d6:c1:67:23:5f:76:fc:dd:a8:
13:b8:92:7a:ea:79:fd:fd:a7:29:59:d5:42:d4:ec:c0:9b:40:
fe:00:f2:61:f8:71:cc:90:c5:1b:9a:f8:d5:a6:e7:0e:f3:89:
05:89:a9:ed:7c:64:1b:dc:1f:ff:2a:f8:90:42:24:60:4c:f0:
e8:4b:47:e3:86:9d:f5:dd:43:97:18:30:52:5b:27:af:1c:72:
83:e8:d8:40:c0:6a:5c:4a:df:1c:d4:48:2e:db:fe:8d:36:cd:
af:6c:41:d3:26:37:e2:1c:4e:46:f9:0f:0d:e3:ab:80:8d:14:
0a:f9:0e:e0:51:ea:38:3e:e3:6c:15:af:7e:93:95:eb:2b:bb:
45:a4:64:3a:09:a9:de:59:0a:cc:c2:f9:bd:3b:0a:4d:f9:ae:
bd:7f:64:54:b4:da:38:3c:a4:58:fc:24:d1:07:a8:32:1c:bc:
d5:0b:29:b7:a6:bd:8d:aa:e8:75:68:1d:ae:6b:45:f5:1a:99:
24:b9:f7:02:ea:a5:c1:f3:0f:af:af:9d:b3:e6:82:a7:1a:31:
ea:15:27:d9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU9hlas4WosPLsLZf0N9IZzE/Bi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkYWU2ZWY0OWQ0MTEwYjk0MTFlYmI3NTZiYjkyNTBmZWVhMGU5MjRiZTY3
NTk2ZDdlYjVkYTFlZjQ5YThlMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6u1U75ex4FN28XjI2E0YEnv88S3pV7atjqQhX/vfbm+ALs2x6t7b4LGUeP
NsWwsND0u1pj2bLPENmT1qbUSJuvCEqmcDtJBQ54ZieWI5Cr38MJK/7an0Id71WR
gVUY8U9K4PbUOtgCK9046+NOZLcHZHbDAXEhJZtmYUpKqYSvY2xAl3cAh0H4AoPN
GZ6aAdAXMuB0NALXGb4J/OtAcQAPjefQhApjSggNfasYKeC5ZklRnqk0/KBOXMW1
6Dcg7jedMDZV7MELiUtsuu282yZkM9aTUQmKAWwPEn8OyoxjoEudYv6AO3T1P5xs
vvdt0Vkz5mLUw/P4yw8grXGqI+ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTfXFAY
MYc0wfuTiqYJVbXNmoARxTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAMbJIbOrQvWACJ+xlcMI1rowm5xGctUlfaSFvweYF
AhB4WSS9HFQIPnneIsdq1sFnI192/N2oE7iSeup5/f2nKVnVQtTswJtA/gDyYfhx
zJDFG5r41abnDvOJBYmp7XxkG9wf/yr4kEIkYEzw6EtH44ad9d1DlxgwUlsnrxxy
g+jYQMBqXErfHNRILtv+jTbNr2xB0yY34hxORvkPDeOrgI0UCvkO4FHqOD7jbBWv
fpOV6yu7RaRkOgmp3lkKzML5vTsKTfmuvX9kVLTaODykWPwk0QeoMhy81Qspt6a9
jarodWgdrmtF9RqZJLn3AuqlwfMPr6+ds+aCpxox6hUn2Q==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org