Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: UUBFcyE3OdMmj561zVOTltx9zy01QM4VJewuYs+9IMI=
Subject key identifier: D5:BB:94:83:E6:B8:5F:08:65:79:35:64:D1:BC:3A:8C:84:76:81:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14A90D6E980F52FDAC899B7BDFD23358FE557031
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:a9:0d:6e:98:0f:52:fd:ac:89:9b:7b:df:d2:33:58:fe:55:70:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=c9b3c615abfc98b74448a739cb0afefb3a215ed05981ebb6868845855c27d821, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6b:eb:c6:67:01:e4:a1:ca:e2:f9:e3:1a:00:
fc:80:c2:26:93:66:84:d2:52:be:e4:c1:cf:a2:91:
12:f8:64:22:61:11:d6:13:30:ee:dc:de:ba:6c:d1:
d6:17:16:ff:1a:9d:45:76:5b:16:77:47:ef:e3:f5:
78:44:33:82:c2:27:6c:d5:51:57:4d:13:34:1b:c3:
76:56:e9:2c:ab:9b:79:cc:67:87:00:85:bd:de:fc:
94:5a:24:2c:8e:26:93:a1:79:5e:ac:33:b0:62:9d:
93:ae:39:52:d0:63:7c:5e:81:02:92:56:7a:3f:85:
54:45:13:58:ad:c5:59:35:47:01:28:0f:f8:83:5d:
bb:6a:ed:a0:ba:09:52:ca:39:68:8d:e7:c2:53:08:
ba:5f:a7:74:b8:3d:03:5e:6c:64:2b:be:23:1d:a4:
9e:32:30:98:4d:46:8b:25:71:58:79:85:dd:6d:cd:
8a:74:f5:73:d7:60:ee:52:f4:cb:99:57:c5:cc:03:
35:3e:22:e8:05:75:d6:39:ee:73:8c:0d:99:2f:df:
1c:9a:b9:89:65:b9:f1:af:14:89:b4:2d:fe:ce:10:
27:2a:21:e7:c5:49:01:ae:0a:d9:c7:04:83:24:d3:
28:02:c2:3b:2e:79:d6:35:72:33:c1:65:88:cd:7d:
80:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BB:94:83:E6:B8:5F:08:65:79:35:64:D1:BC:3A:8C:84:76:81:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:45:7e:73:f0:02:51:47:a7:99:ba:6e:33:b2:bd:c1:aa:b9:
05:0c:9b:a1:02:fd:de:dd:71:7e:45:d3:3d:dd:75:0d:13:08:
ec:72:84:53:76:6f:5a:58:26:45:05:4f:28:9a:97:24:68:13:
8e:61:23:d3:05:5c:54:9e:81:5e:f5:ce:1b:3f:c6:56:70:9d:
3a:1c:92:a9:82:61:1a:58:c4:7f:ca:c5:f3:0c:55:06:41:f8:
89:cf:f5:01:83:db:7b:b1:ef:70:04:2b:a8:22:74:d3:5b:46:
d0:84:8f:32:9b:37:92:c2:a0:79:a1:4c:57:3d:d9:a7:f5:51:
23:1a:ae:61:9f:d3:c4:dc:80:f7:7e:b4:d2:ed:03:eb:a8:6c:
33:c0:4c:ac:e5:d3:fa:14:13:1b:a7:ad:9e:49:71:03:c7:b9:
17:f8:e1:3b:e4:71:2f:17:1f:10:1a:e9:1e:0b:a5:0d:e4:81:
15:4c:02:2c:eb:15:c6:1d:f4:ad:53:7b:b8:8a:76:5c:b5:f4:
31:61:7e:67:ce:91:3f:f3:59:0a:c5:78:6f:f1:42:c6:69:e7:
00:df:8b:a6:c5:a7:26:24:3c:00:90:f7:26:d5:96:56:7b:63:
a1:a2:c6:45:e4:ae:93:c0:0b:db:9f:90:9a:2c:62:81:3d:9d:
a0:05:59:18
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFKkNbpgPUv2siZt739IzWP5VcDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5YjNjNjE1YWJmYzk4Yjc0NDQ4YTczOWNiMGFmZWZiM2EyMTVlZDA1OTgx
ZWJiNjg2ODg0NTg1NWMyN2Q4MjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxr68ZnAeShyuL54xoA/IDCJpNmhNJSvuTBz6KREvhkImER1hMw7tzeumzR
1hcW/xqdRXZbFndH7+P1eEQzgsInbNVRV00TNBvDdlbpLKubecxnhwCFvd78lFok
LI4mk6F5XqwzsGKdk645UtBjfF6BApJWej+FVEUTWK3FWTVHASgP+INdu2rtoLoJ
Uso5aI3nwlMIul+ndLg9A15sZCu+Ix2knjIwmE1GiyVxWHmF3W3NinT1c9dg7lL0
y5lXxcwDNT4i6AV11jnuc4wNmS/fHJq5iWW58a8UibQt/s4QJyoh58VJAa4K2ccE
gyTTKALCOy551jVyM8FliM19gGMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTVu5SD
5rhfCGV5NWTRvDqMhHaBhzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQA3RX5z8AJRR6eZum4zsr3BqrkFDJuhAv3e3XF+RdM9
3XUNEwjscoRTdm9aWCZFBU8ompckaBOOYSPTBVxUnoFe9c4bP8ZWcJ06HJKpgmEa
WMR/ysXzDFUGQfiJz/UBg9t7se9wBCuoInTTW0bQhI8ymzeSwqB5oUxXPdmn9VEj
Gq5hn9PE3ID3frTS7QPrqGwzwEys5dP6FBMbp62eSXEDx7kX+OE75HEvFx8QGuke
C6UN5IEVTAIs6xXGHfStU3u4inZctfQxYX5nzpE/81kKxXhv8ULGaecA34umxacm
JDwAkPcm1ZZWe2OhosZF5K6TwAvbn5CaLGKBPZ2gBVkY
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org