Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
File: b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa (raw, json)
Hash identifier: nuX+l/jYYwZAA2qCm/f6OsbsJXHMkDmYSE0HKA1K5GI=
Subject key identifier: BA:8A:8A:EE:AB:34:D1:81:AE:E2:4B:F8:82:BC:38:C4:B6:36:07:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 360316C3B84B4CE4F64707AFE66CA4A4293D4C7D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:03:16:c3:b8:4b:4c:e4:f6:47:07:af:e6:6c:a4:a4:29:3d:4c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=1a81cfb366f1cb28ea1ec5609c75c35608fa4a09406c8d3fe396c3a38ab5cd28, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:10:d7:fe:78:af:8b:2e:9a:19:9b:c9:85:ce:
12:cc:68:91:d7:15:7c:73:a5:3f:b9:e7:e2:17:93:
3b:8d:03:de:60:bf:3b:c7:cb:6a:6a:a5:a3:94:4e:
78:48:96:e3:88:fa:bf:ca:2c:fb:03:31:32:90:3c:
11:30:93:a6:0b:7a:28:ce:18:5a:1f:e4:87:92:d6:
c6:9c:81:cc:09:12:16:4d:68:de:c0:2e:53:5b:3e:
db:ef:78:e3:3a:88:90:c5:23:d3:76:86:84:de:cb:
2a:0e:88:3e:5d:7f:42:d7:a5:a5:a3:cd:d5:a7:a5:
50:c8:58:fc:96:06:9f:85:f0:7d:aa:43:cd:22:01:
3a:8f:4c:05:a3:27:cc:7e:57:aa:fa:49:c2:0c:5b:
3d:a1:a6:4d:1a:e3:da:a3:1b:41:8f:25:bb:32:15:
64:2a:66:44:b4:5c:f5:1c:ce:95:01:7d:4a:62:cd:
49:fa:2a:ea:0b:6f:18:b6:8b:9c:05:4c:29:ac:fb:
5a:f5:0e:a0:70:ab:41:55:4c:2c:16:1e:1e:6c:b0:
59:c1:10:68:43:87:33:43:8a:c6:36:63:38:49:22:
21:02:21:e2:2f:2e:77:11:c9:2e:7a:24:bf:76:60:
e9:9a:c8:89:f7:bf:a0:eb:6d:e4:a5:2d:8c:83:86:
e9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8A:8A:EE:AB:34:D1:81:AE:E2:4B:F8:82:BC:38:C4:B6:36:07:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b8a2b42a-9ea3-4e8d-92ec-e89c9c446705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:34:63:54:c6:bc:de:a4:2c:8c:93:4d:dd:ce:c3:6d:ed:05:
e2:02:be:ee:09:6b:55:2b:40:0c:08:0e:16:d2:20:7c:a6:65:
9a:4e:7c:09:ab:cb:66:75:21:a9:7d:e6:c2:1b:62:31:e6:bd:
d8:e2:d4:c2:f5:09:e5:b3:00:19:e4:be:e5:61:54:42:cc:52:
7d:0c:e6:93:f2:22:93:4c:a5:61:59:c2:43:42:f4:a7:c6:b9:
d2:60:99:e2:dc:ce:61:53:f9:ab:d3:88:43:37:5c:89:95:0b:
4a:4d:4f:7b:d6:b8:b0:2e:b1:6b:73:38:d7:e3:6b:66:c6:cd:
1e:1f:38:9e:88:5c:6b:ea:c7:2f:04:ab:70:1b:79:8d:43:bb:
96:43:97:29:96:5d:ab:74:0a:0f:21:d2:cd:07:28:e9:1f:b9:
50:85:4f:db:7b:49:48:54:0e:96:4c:52:e9:59:6a:31:51:e7:
29:b3:e5:a6:66:df:a6:d6:af:16:85:21:76:a3:27:4e:4e:ba:
11:2b:f4:cb:16:af:5e:b5:17:54:4e:38:46:c1:d8:c6:0f:f6:
af:2a:49:da:b0:bb:10:40:0c:cf:bb:62:9a:24:65:93:da:ff:
09:ff:c7:3a:6c:53:3a:57:ab:ba:96:36:94:5c:9f:73:9f:06:
c9:88:94:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNgMWw7hLTOT2Rwev5mykpCk9TH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhODFjZmIzNjZmMWNiMjhlYTFlYzU2MDljNzVjMzU2MDhmYTRhMDk0MDZj
OGQzZmUzOTZjM2EzOGFiNWNkMjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAQ1/54r4sumhmbyYXOEsxokdcVfHOlP7nn4heTO40D3mC/O8fLamqlo5RO
eEiW44j6v8os+wMxMpA8ETCTpgt6KM4YWh/kh5LWxpyBzAkSFk1o3sAuU1s+2+94
4zqIkMUj03aGhN7LKg6IPl1/QtelpaPN1aelUMhY/JYGn4XwfapDzSIBOo9MBaMn
zH5XqvpJwgxbPaGmTRrj2qMbQY8luzIVZCpmRLRc9RzOlQF9SmLNSfoq6gtvGLaL
nAVMKaz7WvUOoHCrQVVMLBYeHmywWcEQaEOHM0OKxjZjOEkiIQIh4i8udxHJLnok
v3Zg6ZrIife/oOtt5KUtjIOG6ScCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6ioru
qzTRga7iS/iCvDjEtjYHFDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjhhMmI0MmEtOWVhMy00ZThkLTkyZWMtZTg5YzljNDQ2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQAONGNUxrzepCyMk03dzsNt7QXiAr7uCWtVK0AMCA4W
0iB8pmWaTnwJq8tmdSGpfebCG2Ix5r3Y4tTC9QnlswAZ5L7lYVRCzFJ9DOaT8iKT
TKVhWcJDQvSnxrnSYJni3M5hU/mr04hDN1yJlQtKTU971riwLrFrczjX42tmxs0e
HzieiFxr6scvBKtwG3mNQ7uWQ5cpll2rdAoPIdLNByjpH7lQhU/be0lIVA6WTFLp
WWoxUecps+WmZt+m1q8WhSF2oydOTroRK/TLFq9etRdUTjhGwdjGD/avKknasLsQ
QAzPu2KaJGWT2v8J/8c6bFM6V6u6ljaUXJ9znwbJiJQU
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org