Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
File: 8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa (raw, json)
Hash identifier: /BtbvIiuVH9v1e7P6038iHbAfwH4sXpDD1PD25rREZo=
Subject key identifier: E4:1A:1D:0F:69:E7:07:37:58:A9:EE:F2:C3:F1:F6:28:75:CF:70:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 705C14442C8CC90E302355EBB8A1DA1D02402DD4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:5c:14:44:2c:8c:c9:0e:30:23:55:eb:b8:a1:da:1d:02:40:2d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9ccd42f3a1e112efb622399de1aefee750a7c557c1ca19fbad66fcf1cfc5dfad, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:76:d0:92:26:a4:6c:17:01:bb:48:5e:2c:67:
21:3e:4f:74:ee:b5:5d:eb:5d:06:18:8b:83:d5:62:
05:fa:a7:12:ff:ba:ce:7f:b5:1d:32:33:03:8f:08:
93:3f:7b:51:0a:4d:dc:66:4f:eb:da:2f:4b:2f:a7:
31:c1:90:b0:f0:78:a9:a0:fe:e2:bc:ab:4e:e0:26:
09:62:70:32:77:3f:79:8d:57:ce:50:38:eb:a3:48:
b8:3b:2a:a6:0a:5e:df:76:1d:d0:6d:89:69:b6:84:
ee:62:58:bc:92:8f:03:94:63:5e:28:bc:0d:d0:ce:
df:6b:7c:42:04:13:70:db:0d:3b:6a:9c:1d:23:8f:
63:e4:f5:d3:8f:4a:6d:14:b7:2f:b3:3e:d7:df:85:
cd:87:34:9b:d0:91:c3:60:fa:e3:9b:83:2d:17:dd:
79:7b:95:ef:c4:56:e2:04:55:71:eb:8c:e3:ad:b1:
64:1c:bb:59:4d:f1:61:d9:70:18:33:ab:76:ae:c9:
22:8e:6d:4e:4e:1d:82:25:3e:f0:6f:98:03:28:2c:
f1:05:65:6f:70:52:70:5d:80:75:ba:e0:37:3b:24:
b2:06:76:eb:8c:a2:d5:8b:b9:37:c6:7d:07:4d:4e:
fa:30:27:a4:f4:59:d8:b1:14:1f:ea:b4:f8:4c:58:
c9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1A:1D:0F:69:E7:07:37:58:A9:EE:F2:C3:F1:F6:28:75:CF:70:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8eb02ee8-3e8f-4369-ba0f-4447d4902fe9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:a1:f6:aa:0e:71:62:fb:70:af:14:a8:67:b6:4e:d2:c7:a3:
68:a2:9a:dc:57:28:83:be:40:2a:ac:c1:66:f4:c1:ee:c9:60:
0a:f3:9c:ae:a1:28:35:4a:0a:f6:b6:df:76:fc:5c:3b:65:53:
8a:de:54:8d:a2:b9:ab:d8:2e:d2:0e:17:4a:4c:ae:c2:99:7a:
b4:b5:32:e4:5a:7d:8e:7f:aa:b9:91:7c:50:dd:49:87:a3:99:
6e:38:74:7f:2d:b6:fe:19:62:9a:a6:26:52:c1:8b:f1:c9:35:
e9:48:fc:1f:f7:4e:c0:a5:dd:94:81:e7:e0:05:ac:68:be:a2:
a5:05:70:b2:5f:33:a5:bf:df:87:98:7a:f3:8b:a9:00:5f:33:
83:9e:25:66:fd:05:b8:91:3f:8a:c1:cb:1e:89:46:35:a0:00:
59:bc:e3:98:83:2e:6e:82:0b:d3:b4:d1:d1:92:75:6e:1d:78:
19:38:c6:7a:20:eb:3d:d9:a3:32:c2:5d:cf:9b:09:06:c8:6d:
45:7d:ed:6f:ff:ea:f2:3a:31:a1:dd:91:46:00:79:83:92:e6:
15:aa:8e:29:e2:c1:47:99:94:5b:4b:21:f7:83:16:af:5a:21:
f6:d6:ab:3e:cb:5c:0e:fd:e2:28:4f:23:d1:b7:74:2a:78:b3:
74:8a:87:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcFwURCyMyQ4wI1XruKHaHQJALdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDljY2Q0MmYzYTFlMTEyZWZiNjIyMzk5ZGUxYWVmZWU3NTBhN2M1NTdjMWNh
MTlmYmFkNjZmY2YxY2ZjNWRmYWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM120JImpGwXAbtIXixnIT5PdO61XetdBhiLg9ViBfqnEv+6zn+1HTIzA48I
kz97UQpN3GZP69ovSy+nMcGQsPB4qaD+4ryrTuAmCWJwMnc/eY1XzlA466NIuDsq
pgpe33Yd0G2JabaE7mJYvJKPA5RjXii8DdDO32t8QgQTcNsNO2qcHSOPY+T1049K
bRS3L7M+19+FzYc0m9CRw2D645uDLRfdeXuV78RW4gRVceuM462xZBy7WU3xYdlw
GDOrdq7JIo5tTk4dgiU+8G+YAygs8QVlb3BScF2AdbrgNzsksgZ264yi1Yu5N8Z9
B01O+jAnpPRZ2LEUH+q0+ExYycUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTkGh0P
aecHN1ip7vLD8fYodc9wuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGViMDJlZTgtM2U4Zi00MzY5LWJhMGYtNDQ0N2Q0OTAyZmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQAlofaqDnFi+3CvFKhntk7Sx6NooprcVyiDvkAqrMFm
9MHuyWAK85yuoSg1Sgr2tt92/Fw7ZVOK3lSNormr2C7SDhdKTK7CmXq0tTLkWn2O
f6q5kXxQ3UmHo5luOHR/Lbb+GWKapiZSwYvxyTXpSPwf907Apd2UgefgBaxovqKl
BXCyXzOlv9+HmHrzi6kAXzODniVm/QW4kT+KwcseiUY1oABZvOOYgy5uggvTtNHR
knVuHXgZOMZ6IOs92aMywl3PmwkGyG1Ffe1v/+ryOjGh3ZFGAHmDkuYVqo4p4sFH
mZRbSyH3gxavWiH21qs+y1wO/eIoTyPRt3QqeLN0ioeo
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org