Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
File: 8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa (raw, json)
Hash identifier: fJnIBtbdzybsThhdlUdxUsrYKk+N77Y1+BpSrDhRFyU=
Subject key identifier: 7F:DC:02:3A:F0:A4:16:1B:9D:00:EC:FE:C2:4A:34:63:87:D0:F4:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A52EAE641CBE20BB0B67A2A3479D01E8F8D2B64
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:52:ea:e6:41:cb:e2:0b:b0:b6:7a:2a:34:79:d0:1e:8f:8d:2b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=233aff64fe3f4fbe66658e4927b37043c89f3546d58faca7992f00b5399f0015, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:2f:2a:ac:d9:00:9c:80:0a:98:48:94:2e:5d:
18:6f:72:c0:f5:ed:a8:61:b4:2b:9d:54:fa:64:cb:
d7:e9:84:19:5a:c2:11:65:4c:27:79:ac:7c:22:8e:
50:1a:87:44:e3:5b:b8:84:ad:ae:bd:48:5b:ae:01:
d0:4a:bf:ab:3b:3d:0b:92:96:03:62:12:fe:76:b8:
f4:d2:0e:89:f5:00:61:7b:3a:9c:66:36:89:bd:48:
cd:a0:12:8f:59:65:84:1c:a2:62:60:63:9b:fb:cb:
33:70:95:63:77:4c:30:e6:5d:23:fb:84:31:28:59:
41:7f:4b:a0:7f:43:a3:a2:89:53:cd:49:dc:2d:56:
fa:af:c3:d0:b4:57:ac:8f:06:8e:ec:7c:a7:7a:5c:
9b:bf:64:76:9b:6f:18:64:15:93:15:4c:f3:0f:1d:
ec:3f:21:e7:e0:70:20:cf:f7:7f:26:92:bc:65:9c:
c9:94:68:80:2a:e3:77:fd:88:1c:af:75:85:96:b4:
78:ad:6a:0c:93:d9:be:b7:94:43:57:83:58:b1:3b:
d4:89:4c:ca:01:d6:d4:d0:a1:e4:1d:aa:ee:50:9f:
ee:ce:61:76:7f:44:dd:33:18:35:7d:76:74:a6:e5:
33:b1:3a:be:87:37:08:7c:2b:73:b5:23:32:96:77:
95:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:DC:02:3A:F0:A4:16:1B:9D:00:EC:FE:C2:4A:34:63:87:D0:F4:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8a594173-d23b-4e4a-9a1f-96deb59b45a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c0:12:20:a7:87:1b:a5:e5:ee:7f:52:72:a2:b2:86:47:e4:00:
1c:f0:e4:6e:dd:a6:f1:5d:30:94:9e:6b:1b:7d:8e:d6:6f:fa:
d6:dd:77:37:09:7f:09:fd:c0:26:85:79:3e:fe:b3:4f:ac:d9:
7f:ac:a7:8a:9d:ba:28:f5:e2:d3:c3:92:d4:e6:3f:0f:e1:e7:
0c:52:12:be:ea:2b:9c:59:8c:58:b7:70:4b:8b:0d:5c:22:36:
31:70:f9:ca:f0:0d:17:e4:33:3d:cd:a4:5a:f6:11:09:25:ec:
96:2e:c2:ec:8e:78:81:be:46:ac:bf:ec:00:57:1b:16:e7:b0:
87:4e:f6:b7:ec:14:4a:5a:c1:4a:fd:ad:0d:83:df:1a:46:83:
32:4b:20:07:73:18:be:cd:c3:7f:77:37:b6:1c:3a:82:8d:0a:
61:05:1d:6f:1b:6a:a9:05:86:b9:1f:64:d6:bb:1b:a9:a9:bc:
98:90:35:e0:45:d4:49:a4:28:42:39:9b:e0:51:6d:6c:a1:26:
da:92:e1:43:c8:a8:cf:be:33:11:f9:90:31:ff:80:c5:7c:16:
0a:23:8b:01:5b:11:32:6e:1c:1d:f8:4f:eb:47:b6:da:86:cf:
ee:ae:10:54:7b:d5:76:b5:59:5c:61:25:76:ec:2a:ab:9e:c1:
cd:39:b8:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGlLq5kHL4guwtnoqNHnQHo+NK2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzM2FmZjY0ZmUzZjRmYmU2NjY1OGU0OTI3YjM3MDQzYzg5ZjM1NDZkNThm
YWNhNzk5MmYwMGI1Mzk5ZjAwMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIvKqzZAJyACphIlC5dGG9ywPXtqGG0K51U+mTL1+mEGVrCEWVMJ3msfCKO
UBqHRONbuIStrr1IW64B0Eq/qzs9C5KWA2IS/na49NIOifUAYXs6nGY2ib1IzaAS
j1llhByiYmBjm/vLM3CVY3dMMOZdI/uEMShZQX9LoH9Do6KJU81J3C1W+q/D0LRX
rI8Gjux8p3pcm79kdptvGGQVkxVM8w8d7D8h5+BwIM/3fyaSvGWcyZRogCrjd/2I
HK91hZa0eK1qDJPZvreUQ1eDWLE71IlMygHW1NCh5B2q7lCf7s5hdn9E3TMYNX12
dKblM7E6voc3CHwrc7UjMpZ3lU0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR/3AI6
8KQWG50A7P7CSjRjh9D0kzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGE1OTQxNzMtZDIzYi00ZTRhLTlhMWYtOTZkZWI1OWI0NWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQDAEiCnhxul5e5/UnKisoZH5AAc8ORu3abxXTCUnmsb
fY7Wb/rW3Xc3CX8J/cAmhXk+/rNPrNl/rKeKnboo9eLTw5LU5j8P4ecMUhK+6iuc
WYxYt3BLiw1cIjYxcPnK8A0X5DM9zaRa9hEJJeyWLsLsjniBvkasv+wAVxsW57CH
Tva37BRKWsFK/a0Ng98aRoMySyAHcxi+zcN/dze2HDqCjQphBR1vG2qpBYa5H2TW
uxupqbyYkDXgRdRJpChCOZvgUW1soSbakuFDyKjPvjMR+ZAx/4DFfBYKI4sBWxEy
bhwd+E/rR7bahs/urhBUe9V2tVlcYSV27CqrnsHNObhO
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org