Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
File: b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa (raw, json)
Hash identifier: j+b21skS9yDye9YZbNhU/Hd9tgITZdz6gY+V6woiw2M=
Subject key identifier: B1:E4:CD:7D:BE:02:1E:6B:A0:DF:64:7D:81:BB:3E:F0:7A:C0:59:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 231D8AF00E4EB12FDE671EA2F80A8262664AF154
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:1d:8a:f0:0e:4e:b1:2f:de:67:1e:a2:f8:0a:82:62:66:4a:f1:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5c7694eacc22c729311bc52cf2f6ee15aaf1d15109132d511f8c747fca02caf9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:b5:7a:d8:5e:32:3d:61:03:05:ba:b3:03:
af:d3:74:26:ba:4b:79:2b:9c:15:e7:34:f8:58:be:
25:0d:75:3c:01:67:89:51:8b:26:55:7b:37:eb:04:
c3:7a:a7:ee:f4:16:64:30:a6:10:ef:5f:6b:3f:19:
c9:fc:79:00:26:83:33:37:75:38:c3:37:34:9c:7c:
f2:a1:0e:5e:77:4f:7c:7b:e1:ec:5a:b3:7b:82:2d:
ed:c6:d1:6b:ba:43:1c:33:84:5e:7f:0c:81:05:56:
d3:a7:7d:21:a2:d2:55:03:e5:c8:67:10:f1:a3:0f:
5a:aa:1f:f8:9e:8b:30:8a:3d:eb:1c:b7:3f:d7:29:
04:82:ab:7e:1d:7f:c8:53:95:25:bb:fc:8b:b6:a7:
ad:23:c8:1f:2d:98:6b:a7:59:23:d4:a7:9c:1d:8a:
13:d4:47:1c:21:f5:07:d8:db:6c:d3:e4:01:bb:73:
8c:7f:1a:fb:20:43:08:c0:b6:7d:a6:ce:78:eb:66:
1f:3a:67:56:fb:60:9c:1d:f5:26:9e:f7:fc:7a:c8:
97:d0:f2:ef:8b:b0:cc:2e:a1:0b:81:db:74:0d:e9:
0e:2a:0b:de:76:4d:6c:c7:f6:17:33:0e:cf:cd:e8:
b3:ae:49:1b:7d:a3:77:fe:9e:7d:c6:aa:ec:33:04:
b1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E4:CD:7D:BE:02:1E:6B:A0:DF:64:7D:81:BB:3E:F0:7A:C0:59:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b3d1fcf7-e82a-4fe4-b1fe-abec2cc71d60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:cc:26:67:76:8d:61:85:00:a1:cc:29:0e:4d:97:d7:8c:ef:
bd:f3:a6:29:72:13:71:bd:df:38:d1:79:95:51:78:d7:24:c5:
91:37:82:1c:c7:5e:87:24:38:64:9e:a4:36:23:67:54:b9:3c:
c5:84:b5:17:04:80:d6:4f:4d:ef:42:7d:71:39:09:68:4d:e1:
22:85:44:30:ce:77:fa:16:6e:85:b1:79:a8:fd:6e:5a:c3:bd:
51:a5:ac:49:9e:c0:a0:8d:ad:ea:91:cf:1b:b8:64:d4:a9:07:
cd:d6:de:19:46:7f:aa:c5:3e:10:ad:44:61:a6:67:46:74:71:
20:3a:b5:0e:a6:a3:e9:e8:ff:5b:ab:2f:41:bf:34:ff:b1:e0:
b1:53:7d:9f:d2:36:24:7c:8d:65:bc:1a:71:37:dc:1e:0e:8f:
91:03:16:2f:e1:86:18:2a:53:f2:85:92:5a:3b:ac:d5:14:52:
7a:ff:28:d1:5c:45:ab:82:a9:95:58:66:12:9b:63:53:67:da:
c7:fb:eb:55:cf:2e:3e:4a:64:ca:68:c6:f9:25:31:c0:bc:d0:
05:df:d0:84:ac:bd:a4:05:60:45:ce:12:17:b7:18:e3:48:ca:
06:9a:71:dd:74:fd:06:f8:25:ca:5d:50:24:6f:2a:a5:20:bf:
32:9d:9d:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIx2K8A5OsS/eZx6i+AqCYmZK8VQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNzY5NGVhY2MyMmM3MjkzMTFiYzUyY2YyZjZlZTE1YWFmMWQxNTEwOTEz
MmQ1MTFmOGM3NDdmY2EwMmNhZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8ftXrYXjI9YQMFurMDr9N0JrpLeSucFec0+Fi+JQ11PAFniVGLJlV7N+sE
w3qn7vQWZDCmEO9faz8Zyfx5ACaDMzd1OMM3NJx88qEOXndPfHvh7Fqze4It7cbR
a7pDHDOEXn8MgQVW06d9IaLSVQPlyGcQ8aMPWqof+J6LMIo96xy3P9cpBIKrfh1/
yFOVJbv8i7anrSPIHy2Ya6dZI9SnnB2KE9RHHCH1B9jbbNPkAbtzjH8a+yBDCMC2
fabOeOtmHzpnVvtgnB31Jp73/HrIl9Dy74uwzC6hC4HbdA3pDioL3nZNbMf2FzMO
z83os65JG32jd/6efcaq7DMEsQsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSx5M19
vgIea6DfZH2Buz7wesBZOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjNkMWZjZjctZTgyYS00ZmU0LWIxZmUtYWJlYzJjYzcxZDYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQDMzCZndo1hhQChzCkOTZfXjO+986YpchNxvd840XmV
UXjXJMWRN4Icx16HJDhknqQ2I2dUuTzFhLUXBIDWT03vQn1xOQloTeEihUQwznf6
Fm6FsXmo/W5aw71RpaxJnsCgja3qkc8buGTUqQfN1t4ZRn+qxT4QrURhpmdGdHEg
OrUOpqPp6P9bqy9BvzT/seCxU32f0jYkfI1lvBpxN9weDo+RAxYv4YYYKlPyhZJa
O6zVFFJ6/yjRXEWrgqmVWGYSm2NTZ9rH++tVzy4+SmTKaMb5JTHAvNAF39CErL2k
BWBFzhIXtxjjSMoGmnHddP0G+CXKXVAkbyqlIL8ynZ2G
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org