Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0405df2-d412-488a-b5ee-d265912dd3cc.roa
File: c0405df2-d412-488a-b5ee-d265912dd3cc.roa (raw, json)
Hash identifier: rhIeE4wKpg2iYI9QMAEYrcfAycK1wfh/09EsaqkoTk4=
Subject key identifier: 38:B5:03:E6:EF:1A:99:90:6A:3A:45:56:78:A9:CC:46:99:D8:B4:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72C411184B98F652B6CC3778DA874B8401E4E1CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0405df2-d412-488a-b5ee-d265912dd3cc.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:c4:11:18:4b:98:f6:52:b6:cc:37:78:da:87:4b:84:01:e4:e1:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=2bf6b02fad525e6835f605b3dfe0887e5fa060bab7a395390337f4d81044f461, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5e:b4:fa:da:a5:77:52:f6:2e:ff:c8:c8:a4:
de:4d:bd:6d:c9:f9:16:98:5c:a7:37:ac:5e:e8:72:
0f:21:a9:7a:e1:fa:a6:a5:3f:cf:54:54:33:17:b8:
00:3c:3b:ac:e6:e7:54:b1:51:54:39:79:ab:4d:d2:
3f:ab:da:f6:2e:48:8b:d7:d3:e0:06:d9:4e:11:f6:
c6:2e:45:89:c1:08:a6:bf:62:8f:d6:65:c3:6e:86:
3b:b7:4d:d6:c9:29:ea:42:0c:c8:5b:a9:b2:6f:73:
d2:9a:78:c7:0d:c2:17:0b:c9:0f:ec:b3:10:26:e4:
9d:a9:5d:88:96:5f:36:ec:95:7e:f4:b7:1c:3d:a4:
e8:0f:7d:8a:24:ce:1f:2d:d2:02:f3:1d:aa:fd:e3:
b7:13:1c:49:38:a5:be:d2:94:de:b9:82:45:5a:74:
6a:54:57:aa:f8:92:56:7d:0f:f4:62:a6:58:26:ba:
96:6a:ed:b7:c7:60:fa:c0:cf:0c:68:4d:43:a6:de:
5c:51:e3:55:ce:5a:52:aa:56:29:4b:e5:02:87:d3:
17:76:92:dd:a3:de:3b:cc:0f:4b:fc:31:c5:3d:01:
f5:e1:b2:4e:a7:c3:06:75:ac:7e:1d:cd:6e:45:6c:
54:f6:9c:56:3d:e8:5e:25:e5:a0:70:15:e2:2e:e2:
1f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B5:03:E6:EF:1A:99:90:6A:3A:45:56:78:A9:CC:46:99:D8:B4:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0405df2-d412-488a-b5ee-d265912dd3cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:a4:f6:74:52:a8:54:0f:f0:4e:02:7d:a2:0c:54:85:9c:7b:
a4:98:c5:23:03:02:0b:8e:9c:81:35:e2:27:6a:2a:4b:05:b8:
36:4b:f6:11:19:99:51:e4:a4:c9:71:92:2f:0c:ec:66:d8:cb:
0b:bf:3c:1a:b8:bc:43:d1:23:ed:fb:be:1a:83:f7:93:da:aa:
02:ef:ca:e3:be:8b:97:52:26:51:7a:6c:9c:a6:66:f7:c0:01:
e5:2c:d4:e3:cb:37:a0:ee:73:e9:0e:04:a5:01:96:c6:55:11:
84:cc:3b:1c:5e:64:cf:79:3b:0a:d4:b1:dc:25:f2:bd:1b:6c:
78:4b:f3:bb:1f:47:34:ba:08:41:12:ca:06:8e:ca:c2:d1:85:
30:e4:8a:8a:5b:ff:11:fb:1b:1c:b4:42:f4:ea:07:b4:de:c3:
e1:f7:13:db:75:08:bc:93:71:1e:84:d7:e0:df:6c:89:1a:ab:
8f:0f:04:f3:7e:26:67:b4:37:a9:8a:07:1d:54:3e:80:59:86:
a6:a9:e5:58:75:c4:4d:72:6a:c4:5a:a4:0a:e3:ff:23:78:76:
ea:f2:68:3a:5c:06:59:dd:a2:08:0d:61:43:9c:93:4c:b7:ad:
7c:a5:04:32:1e:a9:f6:35:d5:49:7a:e6:b3:31:84:5d:f2:52:
20:5f:f2:69
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcsQRGEuY9lK2zDd42odLhAHk4c4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiZjZiMDJmYWQ1MjVlNjgzNWY2MDViM2RmZTA4ODdlNWZhMDYwYmFiN2Ez
OTUzOTAzMzdmNGQ4MTA0NGY0NjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVetPrapXdS9i7/yMik3k29bcn5FphcpzesXuhyDyGpeuH6pqU/z1RUMxe4
ADw7rObnVLFRVDl5q03SP6va9i5Ii9fT4AbZThH2xi5FicEIpr9ij9Zlw26GO7dN
1skp6kIMyFupsm9z0pp4xw3CFwvJD+yzECbknaldiJZfNuyVfvS3HD2k6A99iiTO
Hy3SAvMdqv3jtxMcSTilvtKU3rmCRVp0alRXqviSVn0P9GKmWCa6lmrtt8dg+sDP
DGhNQ6beXFHjVc5aUqpWKUvlAofTF3aS3aPeO8wPS/wxxT0B9eGyTqfDBnWsfh3N
bkVsVPacVj3oXiXloHAV4i7iH68CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ4tQPm
7xqZkGo6RVZ4qcxGmdi0WzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA0MDVkZjItZDQxMi00ODhhLWI1ZWUtZDI2NTkxMmRkM2NjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBypPZ0UqhUD/BOAn2iDFSFnHukmMUjAwILjpyBNeIn
aipLBbg2S/YRGZlR5KTJcZIvDOxm2MsLvzwauLxD0SPt+74ag/eT2qoC78rjvouX
UiZRemycpmb3wAHlLNTjyzeg7nPpDgSlAZbGVRGEzDscXmTPeTsK1LHcJfK9G2x4
S/O7H0c0ughBEsoGjsrC0YUw5IqKW/8R+xsctEL06ge03sPh9xPbdQi8k3EehNfg
32yJGquPDwTzfiZntDepigcdVD6AWYamqeVYdcRNcmrEWqQK4/8jeHbq8mg6XAZZ
3aIIDWFDnJNMt618pQQyHqn2NdVJeuazMYRd8lIgX/Jp
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org