Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa
File: c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa (raw, json)
Hash identifier: CdqphYnf4St3lQ+1P6kHyBlpzEGrwaIwtgFfokvmdV8=
Subject key identifier: 9E:B0:0B:D4:B1:40:67:35:EE:6C:ED:72:87:39:CD:11:4C:22:08:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43D5BF2BE5E23A32794B54BB9D29E11BDF4A1753
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:d5:bf:2b:e5:e2:3a:32:79:4b:54:bb:9d:29:e1:1b:df:4a:17:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=88f24eb29bd546f598b0f4621ac1e723e29eb68a7bd858fdb089a29b36f42e9d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:12:ea:7e:b8:05:cf:b1:ce:e0:3a:ec:e8:e1:
22:a0:e2:92:75:10:f2:0d:67:83:bf:8c:fb:8a:14:
88:f5:7c:2c:47:a2:a6:cb:63:40:48:5a:e0:88:9f:
d7:c1:89:db:b7:11:e4:ea:aa:0a:0c:cf:b2:1c:fe:
4c:7c:df:71:5d:da:5a:ef:5a:66:5d:17:be:c1:a3:
03:98:43:0f:ca:26:ba:9f:72:c5:3b:e8:e6:bc:11:
c5:27:d9:e8:63:07:68:3b:22:a4:a6:53:bb:1d:17:
dd:10:c7:c2:2a:32:70:6d:16:f2:58:a7:c5:ef:ac:
68:eb:00:65:6f:f3:a5:ba:89:2e:ee:42:84:6e:7e:
cf:e9:68:e4:fe:46:f0:fa:63:62:29:c4:ad:22:51:
ee:52:2c:d6:3a:3f:58:af:ff:09:25:3b:c4:0d:34:
ab:5b:26:6f:3e:f3:00:4b:2a:c4:16:56:12:1c:b7:
65:5c:03:27:99:84:54:dd:23:13:4b:ca:9e:e3:33:
00:5e:65:12:f5:36:2e:ae:41:7b:c3:4a:df:26:7e:
02:78:c8:13:4a:52:c0:f5:2a:b3:b3:b6:ec:17:ed:
61:78:e9:10:de:d9:6c:96:d9:dc:f4:b9:a8:6b:7a:
a8:6d:2e:34:05:93:56:33:35:66:f1:09:9d:52:d1:
6d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B0:0B:D4:B1:40:67:35:EE:6C:ED:72:87:39:CD:11:4C:22:08:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c7ebe19f-8477-476a-894a-ce55eb72ce4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
84:e8:fb:85:8b:f4:d7:f4:e0:b3:bc:6c:ea:b6:0b:ad:38:6a:
0e:9d:60:93:9e:e5:b1:34:5f:83:6f:58:67:3d:05:b0:8e:02:
f4:19:09:d7:b8:cc:05:2b:af:fe:0f:89:97:50:2a:b4:b7:2b:
08:31:63:e4:36:ad:1a:79:f5:8e:f5:92:09:a2:86:40:c0:b0:
ee:3e:76:a2:e4:fb:cb:b0:d5:e9:ac:f5:17:23:63:0a:c8:3e:
e6:0c:17:74:ac:c2:8a:6b:7e:ca:7a:60:b2:3f:3a:34:f3:e4:
fe:f8:d8:eb:04:e3:84:06:25:35:54:11:38:7a:99:c4:49:2c:
1c:2f:b5:97:5c:08:47:24:8b:7d:03:51:e4:e1:5a:13:dd:b5:
73:82:03:fe:b6:20:0b:23:23:a1:12:6f:b6:9e:61:70:19:8b:
8a:bd:95:1e:d8:44:29:a0:ef:ba:bb:74:f1:1d:a3:1a:f6:fb:
00:37:6d:90:ff:a4:a6:0a:6c:bf:47:da:34:2a:a0:78:95:c6:
45:18:31:9c:67:63:95:b1:a3:eb:a5:48:9e:cf:ba:33:f5:cf:
e3:5b:8b:b9:7f:63:d4:20:1e:c7:50:ed:18:34:e8:e6:3e:86:
d3:3b:ab:77:19:9f:d3:c1:1e:c9:07:ae:7d:48:b9:2e:9e:0b:
c7:bb:ec:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQ9W/K+XiOjJ5S1S7nSnhG99KF1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZjI0ZWIyOWJkNTQ2ZjU5OGIwZjQ2MjFhYzFlNzIzZTI5ZWI2OGE3YmQ4
NThmZGIwODlhMjliMzZmNDJlOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQS6n64Bc+xzuA67OjhIqDiknUQ8g1ng7+M+4oUiPV8LEeipstjQEha4Iif
18GJ27cR5OqqCgzPshz+THzfcV3aWu9aZl0XvsGjA5hDD8omup9yxTvo5rwRxSfZ
6GMHaDsipKZTux0X3RDHwioycG0W8linxe+saOsAZW/zpbqJLu5ChG5+z+lo5P5G
8PpjYinErSJR7lIs1jo/WK//CSU7xA00q1smbz7zAEsqxBZWEhy3ZVwDJ5mEVN0j
E0vKnuMzAF5lEvU2Lq5Be8NK3yZ+AnjIE0pSwPUqs7O27BftYXjpEN7ZbJbZ3PS5
qGt6qG0uNAWTVjM1ZvEJnVLRbYUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSesAvU
sUBnNe5s7XKHOc0RTCIIMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzdlYmUxOWYtODQ3Ny00NzZhLTg5NGEtY2U1NWViNzJjZTRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAhOj7hYv01/Tgs7xs6rYLrThqDp1gk57lsTRfg29Y
Zz0FsI4C9BkJ17jMBSuv/g+Jl1AqtLcrCDFj5DatGnn1jvWSCaKGQMCw7j52ouT7
y7DV6az1FyNjCsg+5gwXdKzCimt+ynpgsj86NPPk/vjY6wTjhAYlNVQROHqZxEks
HC+1l1wIRySLfQNR5OFaE921c4ID/rYgCyMjoRJvtp5hcBmLir2VHthEKaDvurt0
8R2jGvb7ADdtkP+kpgpsv0faNCqgeJXGRRgxnGdjlbGj66VIns+6M/XP41uLuX9j
1CAex1DtGDTo5j6G0zurdxmf08EeyQeufUi5Lp4Lx7vsPQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org