Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
File: 9d2253ee-c082-458b-b16d-cb41103c4262.roa (raw, json)
Hash identifier: zwC7OdCtSX0UaDM+PqkAbVe+zv4zwnIZteUrGrnVFUw=
Subject key identifier: 90:68:A6:A1:AC:55:C6:2E:99:75:47:6D:45:E2:3C:46:B5:8F:34:0F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F9E8C835B3B4B889A60DAF14B8FABA5438A39F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:9e:8c:83:5b:3b:4b:88:9a:60:da:f1:4b:8f:ab:a5:43:8a:39:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9719137680a1a401101b552f6e529ad741b3ea2b2e83dbbcab694299fd3c5563, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:08:e4:46:a2:a7:b9:45:d4:ed:a6:ed:29:31:
ca:8a:9c:43:3c:a8:5d:5d:3d:c9:97:4f:20:e9:f5:
aa:e7:43:e6:c6:45:c6:0a:fa:9f:43:f5:11:12:ed:
71:80:87:28:8e:cc:d5:d9:2f:19:3f:1e:e3:6b:f7:
46:27:e7:e4:d0:68:82:47:46:5b:61:65:13:a5:45:
2f:1c:47:5f:81:7c:d9:c8:11:98:c5:44:0b:b7:d0:
74:03:d4:84:15:80:31:99:62:dd:21:55:15:64:c4:
6c:32:fa:4d:6b:f6:01:a8:2f:3c:9f:19:65:01:5a:
2b:9a:7c:c0:45:de:63:d9:9d:35:d2:10:1d:fe:ae:
eb:2f:7b:4d:70:81:cb:07:82:1d:b3:e6:9a:aa:de:
b7:48:8c:05:f7:fd:6f:ff:ab:27:65:bc:d9:a8:0a:
e3:46:1d:c9:11:ae:53:17:2f:4d:f6:92:78:42:f3:
37:d0:e6:c1:4e:88:9c:bd:9f:50:93:a3:10:6b:34:
10:c1:7a:d6:55:de:33:36:db:a4:6c:5c:3a:b1:f4:
41:f2:7a:7e:0f:04:c4:10:68:40:5e:c7:0d:e1:a1:
e8:41:a3:11:f5:86:a4:cb:55:7f:f0:ae:15:16:24:
3a:7b:dc:8b:b3:c7:d0:f8:df:b4:a9:01:d6:51:33:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:68:A6:A1:AC:55:C6:2E:99:75:47:6D:45:E2:3C:46:B5:8F:34:0F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9d2253ee-c082-458b-b16d-cb41103c4262.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1400::/38
Signature Algorithm: sha256WithRSAEncryption
11:59:52:bc:a2:d3:75:79:38:d8:cb:6b:ba:dc:7c:86:52:b2:
02:80:e7:bb:f8:0e:67:4f:51:a7:09:da:2c:58:67:58:db:95:
88:23:50:78:a3:52:33:84:e7:45:b6:16:ac:58:0d:74:77:95:
6f:2c:0d:76:d7:57:fc:5a:f7:9c:fd:4a:00:70:de:8a:06:73:
8c:eb:9b:d9:32:52:80:48:6e:db:87:8e:bf:ce:5f:73:6c:dc:
f7:02:60:90:09:f9:53:63:48:b5:1e:aa:62:96:a9:da:80:7d:
fb:7a:c6:68:b5:05:26:9e:28:3f:ba:19:56:5f:46:f8:9f:a9:
c2:3f:5d:65:6e:57:1c:7d:b6:03:05:40:92:2d:ef:fe:d0:8e:
ea:59:7a:c1:49:9c:f9:13:14:bf:d0:bb:75:c3:d4:43:14:3a:
90:df:97:ca:c2:9d:5a:22:63:18:f4:de:14:32:3a:7a:6b:94:
f5:ee:9a:37:27:79:e9:c5:f8:ba:db:39:ab:17:ab:51:53:08:
be:ac:5f:8c:1b:1b:73:1c:af:3e:60:8a:3e:79:49:42:5f:d9:
20:ff:12:bd:57:41:d8:8a:94:20:b2:cb:d6:a8:5b:88:ea:15:
d2:f1:b0:b6:d2:2a:04:78:d2:f3:fe:fe:14:98:de:7b:5e:6e:
6d:60:0c:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP56Mg1s7S4iaYNrxS4+rpUOKOfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3MTkxMzc2ODBhMWE0MDExMDFiNTUyZjZlNTI5YWQ3NDFiM2VhMmIyZTgz
ZGJiY2FiNjk0Mjk5ZmQzYzU1NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0I5Eaip7lF1O2m7SkxyoqcQzyoXV09yZdPIOn1qudD5sZFxgr6n0P1ERLt
cYCHKI7M1dkvGT8e42v3Rifn5NBogkdGW2FlE6VFLxxHX4F82cgRmMVEC7fQdAPU
hBWAMZli3SFVFWTEbDL6TWv2AagvPJ8ZZQFaK5p8wEXeY9mdNdIQHf6u6y97TXCB
yweCHbPmmqret0iMBff9b/+rJ2W82agK40YdyRGuUxcvTfaSeELzN9DmwU6InL2f
UJOjEGs0EMF61lXeMzbbpGxcOrH0QfJ6fg8ExBBoQF7HDeGh6EGjEfWGpMtVf/Cu
FRYkOnvci7PH0PjftKkB1lEzwocCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSQaKah
rFXGLpl1R21F4jxGtY80DzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWQyMjUzZWUtYzA4Mi00NThiLWIxNmQtY2I0MTEwM2M0MjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioBBXgU
MA0GCSqGSIb3DQEBCwUAA4IBAQARWVK8otN1eTjYy2u63HyGUrICgOe7+A5nT1Gn
CdosWGdY25WII1B4o1IzhOdFthasWA10d5VvLA1211f8Wvec/UoAcN6KBnOM65vZ
MlKASG7bh46/zl9zbNz3AmCQCflTY0i1HqpilqnagH37esZotQUmnig/uhlWX0b4
n6nCP11lblccfbYDBUCSLe/+0I7qWXrBSZz5ExS/0Lt1w9RDFDqQ35fKwp1aImMY
9N4UMjp6a5T17po3J3npxfi62zmrF6tRUwi+rF+MGxtzHK8+YIo+eUlCX9kg/xK9
V0HYipQgssvWqFuI6hXS8bC20ioEeNLz/v4UmN57Xm5tYAwG
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org