Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
File: 8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa (raw, json)
Hash identifier: tQXTpyrZ1C7pzh2iqsGeKBR1c0xGE5Xeb67ETS6EaNQ=
Subject key identifier: 3E:F9:76:12:89:F8:EF:06:6A:1E:E4:6E:32:82:A0:6D:B6:4D:89:BD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A0DDD5A9D5CEF09E8F36C1332C4FFEEA43B1A4B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:0d:dd:5a:9d:5c:ef:09:e8:f3:6c:13:32:c4:ff:ee:a4:3b:1a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=12574f445886a674d9ac9da84813e07e661fb3a1cbf2d24e5bc2661fc5e703f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e4:59:69:ec:63:57:e3:db:0f:6a:32:31:1b:
74:21:cf:6e:46:4f:7e:02:c9:56:cd:d4:9c:07:60:
26:8e:ea:fc:70:af:1b:3c:54:2b:74:06:5f:f9:67:
46:dc:a8:83:23:94:0f:14:98:f7:05:ea:ed:32:1a:
f7:e9:9f:66:8a:2e:ec:40:32:f9:d0:eb:66:5a:4f:
62:6d:b3:6d:36:ba:50:c2:2f:26:60:94:f7:0b:dd:
48:33:af:8d:f7:f1:a9:80:e4:1e:e4:10:b5:d3:f0:
3c:c2:a6:28:c4:a1:8b:5d:8d:da:90:d6:19:18:6f:
84:65:94:99:21:0b:61:fb:c3:e9:c3:fe:ca:0f:2e:
92:8f:f7:57:fc:0b:ce:24:ae:4c:5b:08:1f:29:a7:
27:35:07:4c:cb:e0:1a:6d:6d:64:84:86:15:cc:4c:
93:76:21:5d:88:bf:65:6e:83:f2:5d:82:73:3e:1f:
8d:cd:02:91:9a:99:bc:9e:d0:b6:e4:13:3a:78:2f:
ba:c4:44:1c:d3:ec:50:1e:14:ba:5b:4e:0a:3c:7a:
f4:39:99:e4:e8:76:2f:4b:0c:d9:7d:09:cd:4a:f7:
d0:ad:05:14:ac:96:ba:19:93:e9:78:53:b6:7c:bd:
12:99:d0:db:e3:b8:18:cb:4c:ed:f1:1f:f6:5c:c6:
62:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F9:76:12:89:F8:EF:06:6A:1E:E4:6E:32:82:A0:6D:B6:4D:89:BD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e48e4fe-a697-44b0-bab2-1b54935a50f3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:5d:11:dc:7e:5d:74:d2:bd:e4:62:17:d0:0c:ce:57:7f:b9:
f7:cf:cf:57:b3:da:2c:ba:d4:db:93:19:10:4c:8c:39:0f:02:
1a:15:17:26:3e:68:be:9c:41:be:42:71:37:d8:fb:72:5f:aa:
0c:ed:ad:fa:02:47:7b:94:1a:66:c0:08:66:d4:ac:c2:6b:5d:
26:e4:c5:b5:eb:c7:b5:41:84:f8:be:3a:b7:ab:dc:95:2b:f6:
da:40:2a:ad:e1:70:6d:a3:50:8b:38:86:f7:bc:98:b3:48:59:
12:fe:c3:44:31:0b:2e:f9:60:21:f4:e4:19:fe:28:ae:ea:47:
6a:7f:45:69:34:ca:22:d8:16:bf:22:6d:a5:63:c6:14:c3:82:
c0:41:0e:92:c9:05:61:0d:21:50:d2:3e:56:74:6d:f3:98:04:
ce:36:49:72:2d:a3:af:3a:19:2f:56:06:8a:9c:6a:a1:b5:76:
36:0d:61:ce:ea:81:ad:45:50:1d:40:21:1a:f6:f0:63:62:63:
75:eb:6d:28:52:f3:37:5c:36:a8:a1:ab:ab:6f:f4:e3:c7:a4:
a6:3a:9a:39:40:44:70:22:63:ad:5c:d0:17:9b:04:ca:43:1c:
59:47:8b:c9:d3:77:25:16:90:57:1a:65:5c:77:23:98:c4:2b:
e6:d9:60:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSg3dWp1c7wno82wTMsT/7qQ7GkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNTc0ZjQ0NTg4NmE2NzRkOWFjOWRhODQ4MTNlMDdlNjYxZmIzYTFjYmYy
ZDI0ZTViYzI2NjFmYzVlNzAzZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbkWWnsY1fj2w9qMjEbdCHPbkZPfgLJVs3UnAdgJo7q/HCvGzxUK3QGX/ln
RtyogyOUDxSY9wXq7TIa9+mfZoou7EAy+dDrZlpPYm2zbTa6UMIvJmCU9wvdSDOv
jffxqYDkHuQQtdPwPMKmKMShi12N2pDWGRhvhGWUmSELYfvD6cP+yg8uko/3V/wL
ziSuTFsIHymnJzUHTMvgGm1tZISGFcxMk3YhXYi/ZW6D8l2Ccz4fjc0CkZqZvJ7Q
tuQTOngvusREHNPsUB4UultOCjx69DmZ5Oh2L0sM2X0JzUr30K0FFKyWuhmT6XhT
tny9EpnQ2+O4GMtM7fEf9lzGYvECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ++XYS
ifjvBmoe5G4ygqBttk2JvTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU0OGU0ZmUtYTY5Ny00NGIwLWJhYjItMWI1NDkzNWE1MGYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQCtXRHcfl100r3kYhfQDM5Xf7n3z89Xs9osutTbkxkQ
TIw5DwIaFRcmPmi+nEG+QnE32PtyX6oM7a36Akd7lBpmwAhm1KzCa10m5MW168e1
QYT4vjq3q9yVK/baQCqt4XBto1CLOIb3vJizSFkS/sNEMQsu+WAh9OQZ/iiu6kdq
f0VpNMoi2Ba/Im2lY8YUw4LAQQ6SyQVhDSFQ0j5WdG3zmATONklyLaOvOhkvVgaK
nGqhtXY2DWHO6oGtRVAdQCEa9vBjYmN1620oUvM3XDaooaurb/Tjx6SmOpo5QERw
ImOtXNAXmwTKQxxZR4vJ03clFpBXGmVcdyOYxCvm2WCV
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org