Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
File: 7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa (raw, json)
Hash identifier: /RVsS0z1kaRyprIDRr5mQA9FxJAn+rpPkw1EE4cqdjs=
Subject key identifier: 34:F8:1B:80:C7:55:EF:0B:1A:63:CF:73:88:05:63:00:DE:92:38:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A79E7E0A080FF661CCA5499AEE44CD2EDBF41AD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:79:e7:e0:a0:80:ff:66:1c:ca:54:99:ae:e4:4c:d2:ed:bf:41:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2b7039e7093b02fdc066802e989c5c0982ef91aab482a80ae79345fe19214f84, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:78:6d:05:73:91:0c:e3:b7:50:af:d5:50:d2:
12:d0:41:94:91:35:8b:00:05:91:b8:ad:6d:6a:72:
a3:c3:5f:38:05:26:41:12:3f:8e:7d:2d:08:22:d2:
1d:58:c9:05:0f:c8:ca:a2:c7:09:08:69:5c:ff:ff:
01:d3:3b:8f:e5:df:9e:be:8c:af:c7:c4:70:d4:49:
c2:38:d2:e9:01:f5:90:ff:c2:5c:30:b7:0d:1d:f0:
dd:c9:37:b1:9d:46:bb:af:6a:e3:1d:d0:d9:76:fd:
b0:66:91:2b:f7:22:f2:52:f0:23:89:b3:07:6c:44:
62:1a:cd:23:5b:87:8a:9a:66:4f:ca:c5:88:2f:76:
f6:50:41:ce:93:db:cb:b7:4a:af:12:5b:31:b1:d5:
40:cd:44:ad:32:26:c6:1b:fe:f2:2d:39:53:3b:66:
f2:41:a2:5a:d6:96:66:2c:26:d2:b3:2b:33:f4:ae:
73:31:46:e0:2a:c2:17:5a:3f:77:19:08:2d:9b:ea:
a7:01:02:b2:6f:6f:90:9f:19:b4:ef:d7:5b:3d:76:
06:f9:c5:42:f5:e1:3f:1c:9f:de:a0:f1:3b:93:1a:
71:e4:fc:cb:6b:cc:8a:7f:15:44:2c:a5:e2:8f:c0:
e8:04:fc:40:b3:06:51:4f:c0:54:f4:a5:db:6d:71:
e3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F8:1B:80:C7:55:EF:0B:1A:63:CF:73:88:05:63:00:DE:92:38:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e63b278-a6e8-4f35-b37d-e2fe33bb3401.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
09:14:c0:5d:bd:5e:8b:6d:df:c4:1a:50:34:63:53:dd:ff:7e:
67:a2:b0:ff:13:5b:60:f3:04:25:e7:0c:75:ea:22:17:22:17:
6a:32:c5:b8:e5:d6:65:3a:32:0a:dc:70:0a:36:e8:48:e6:fa:
94:01:fd:eb:bb:b9:52:80:08:7c:bd:31:10:71:11:a5:fa:a4:
fb:d0:be:be:27:80:e7:81:b3:73:91:8b:3a:ea:ae:97:39:6d:
ee:12:02:7a:b5:80:89:a6:fd:6b:eb:c9:ae:fa:df:9b:6a:ee:
da:92:de:07:1b:84:6b:fe:9b:d6:34:41:09:b8:30:d2:1d:3c:
95:35:c5:88:64:c1:dc:73:b4:58:f1:a0:d7:db:69:d0:04:4b:
2d:f4:ce:64:15:c4:fe:39:6d:d3:13:a0:67:a4:52:c3:98:ef:
ea:c7:46:d5:8b:4e:39:ed:8c:29:31:d3:aa:70:56:8e:59:99:
18:30:cb:91:0a:9b:9b:cf:3e:8b:1f:ce:6d:b4:58:55:5c:15:
05:77:28:6e:88:dd:3a:79:9d:7f:af:0d:cf:75:db:93:db:6c:
be:89:c7:2f:a8:af:7c:8b:e2:af:05:25:e6:93:f6:72:3e:33:
36:3a:c9:fc:32:be:a3:ad:8d:9e:19:ab:4b:0a:93:bc:de:8b:
c2:e0:9a:14
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUGnnn4KCA/2YcylSZruRM0u2/Qa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNzAzOWU3MDkzYjAyZmRjMDY2ODAyZTk4OWM1YzA5ODJlZjkxYWFiNDgy
YTgwYWU3OTM0NWZlMTkyMTRmODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKp4bQVzkQzjt1Cv1VDSEtBBlJE1iwAFkbitbWpyo8NfOAUmQRI/jn0tCCLS
HVjJBQ/IyqLHCQhpXP//AdM7j+Xfnr6Mr8fEcNRJwjjS6QH1kP/CXDC3DR3w3ck3
sZ1Gu69q4x3Q2Xb9sGaRK/ci8lLwI4mzB2xEYhrNI1uHippmT8rFiC929lBBzpPb
y7dKrxJbMbHVQM1ErTImxhv+8i05Uztm8kGiWtaWZiwm0rMrM/SuczFG4CrCF1o/
dxkILZvqpwECsm9vkJ8ZtO/XWz12BvnFQvXhPxyf3qDxO5MaceT8y2vMin8VRCyl
4o/A6AT8QLMGUU/AVPSl221x48UCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ0+BuA
x1XvCxpjz3OIBWMA3pI4NjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U2M2IyNzgtYTZlOC00ZjM1LWIzN2QtZTJmZTMzYmIzNDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAAkUwF29Xott38QaUDRjU93/fmeisP8TW2DzBCXn
DHXqIhciF2oyxbjl1mU6MgrccAo26Ejm+pQB/eu7uVKACHy9MRBxEaX6pPvQvr4n
gOeBs3ORizrqrpc5be4SAnq1gImm/Wvrya7635tq7tqS3gcbhGv+m9Y0QQm4MNId
PJU1xYhkwdxztFjxoNfbadAESy30zmQVxP45bdMToGekUsOY7+rHRtWLTjntjCkx
06pwVo5ZmRgwy5EKm5vPPosfzm20WFVcFQV3KG6I3Tp5nX+vDc9125PbbL6Jxy+o
r3yL4q8FJeaT9nI+MzY6yfwyvqOtjZ4Zq0sKk7zei8LgmhQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org