Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
File: ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa (raw, json)
Hash identifier: 6eIQgbNV4fofbj+CRvvljFdV1rmQtOSXbSwe+zgRf+g=
Subject key identifier: D9:44:D2:DC:91:B3:68:E4:4E:0D:CA:5B:5B:7F:BB:DA:C7:7A:95:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2346B44DA569A16F68C96D310699340E3F9972F8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:46:b4:4d:a5:69:a1:6f:68:c9:6d:31:06:99:34:0e:3f:99:72:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d833c0b860d41bf3a81d43e713586c1135a7c2479c0fbc9b320578d907bbdc96, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f9:bf:66:33:1e:f1:8a:95:d2:85:f2:0f:2e:
27:77:1e:84:68:81:98:34:bd:84:fe:12:0b:b9:5a:
b8:ea:26:c7:18:91:82:f4:d3:95:4a:8d:aa:06:87:
bb:a9:0b:e8:ca:7b:6d:fd:27:8d:61:af:65:c5:96:
15:38:2c:2b:4b:87:b6:1d:55:22:c6:60:bd:ff:55:
11:56:2a:21:05:e5:4a:06:97:0a:f7:2d:f8:c1:32:
b9:ff:96:35:c3:42:10:6f:7e:ee:64:1e:1a:3f:51:
01:64:79:b3:cb:a7:f3:a5:2c:b9:d0:be:71:b7:d2:
5a:c8:bc:9c:44:e7:97:42:ea:01:86:cd:5d:02:2b:
d3:9d:66:d2:06:72:da:32:b5:9e:a8:c9:52:23:40:
58:a5:21:fe:06:9c:87:30:48:53:f1:be:99:72:47:
af:54:fb:f7:2f:32:58:f4:69:98:bb:5e:d6:4d:87:
17:3f:8e:da:0c:82:56:af:72:eb:1c:84:2c:b2:e5:
57:bb:9c:8e:91:9a:ee:86:43:3d:0a:c8:91:7c:07:
ae:70:1a:d3:c2:61:73:ea:1d:a3:d9:61:03:12:8c:
55:05:9b:fd:f3:b5:15:8b:81:9e:95:10:82:06:33:
38:1d:0e:4d:ec:21:b5:59:81:29:a9:93:36:3f:90:
16:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:44:D2:DC:91:B3:68:E4:4E:0D:CA:5B:5B:7F:BB:DA:C7:7A:95:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:0b:7b:f9:b3:78:82:9c:26:77:f5:cf:8d:94:f1:ed:ac:b0:
b5:65:1f:1d:bb:e5:cf:e7:b0:2b:fe:c5:73:b5:39:42:2f:3e:
23:8f:e3:1a:9d:d9:38:7c:0c:ee:00:c9:b8:79:d9:8c:fd:32:
bd:03:9f:f9:5d:25:4a:ad:27:98:23:2e:94:44:43:d4:ec:b1:
de:84:53:ce:45:c4:2f:91:eb:62:20:0f:b6:78:d2:22:49:c3:
ea:a9:46:7f:13:eb:3c:e6:e0:30:2a:5f:19:b5:88:e1:51:40:
fc:e9:0b:1c:79:b7:41:20:e1:49:9d:c5:a3:a9:83:07:c2:36:
22:92:5e:52:ee:cd:95:79:b7:cb:e5:6b:ba:14:08:46:2e:87:
65:2c:88:eb:b8:55:50:08:ad:9a:aa:cc:39:e2:9f:5b:17:37:
77:cb:db:1a:17:3e:ed:16:66:e7:35:9e:00:ef:85:4c:eb:d2:
0f:1d:3d:11:89:19:3c:92:f1:51:f1:30:60:49:6e:ce:1e:3f:
18:93:16:46:48:18:87:4f:a9:fe:21:0d:6f:94:df:8d:5e:ad:
5d:72:d3:b8:29:6a:c8:8c:7e:0c:3f:5f:db:94:a9:89:92:07:
81:d6:7c:31:8c:79:1f:76:63:ba:da:29:72:37:c5:d9:74:ab:
5d:33:f9:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI0a0TaVpoW9oyW0xBpk0Dj+ZcvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4MzNjMGI4NjBkNDFiZjNhODFkNDNlNzEzNTg2YzExMzVhN2MyNDc5YzBm
YmM5YjMyMDU3OGQ5MDdiYmRjOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJr5v2YzHvGKldKF8g8uJ3cehGiBmDS9hP4SC7lauOomxxiRgvTTlUqNqgaH
u6kL6Mp7bf0njWGvZcWWFTgsK0uHth1VIsZgvf9VEVYqIQXlSgaXCvct+MEyuf+W
NcNCEG9+7mQeGj9RAWR5s8un86UsudC+cbfSWsi8nETnl0LqAYbNXQIr051m0gZy
2jK1nqjJUiNAWKUh/gachzBIU/G+mXJHr1T79y8yWPRpmLte1k2HFz+O2gyCVq9y
6xyELLLlV7ucjpGa7oZDPQrIkXwHrnAa08Jhc+odo9lhAxKMVQWb/fO1FYuBnpUQ
ggYzOB0OTewhtVmBKamTNj+QFs8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTZRNLc
kbNo5E4Nyltbf7vax3qVlzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2U4N2RiYjktNDQxMy00MmMyLWJhODEtNDRjY2RmOTViZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQB1C3v5s3iCnCZ39c+NlPHtrLC1ZR8du+XP57Ar/sVz
tTlCLz4jj+Mandk4fAzuAMm4edmM/TK9A5/5XSVKrSeYIy6UREPU7LHehFPORcQv
ketiIA+2eNIiScPqqUZ/E+s85uAwKl8ZtYjhUUD86QscebdBIOFJncWjqYMHwjYi
kl5S7s2VebfL5Wu6FAhGLodlLIjruFVQCK2aqsw54p9bFzd3y9saFz7tFmbnNZ4A
74VM69IPHT0RiRk8kvFR8TBgSW7OHj8YkxZGSBiHT6n+IQ1vlN+NXq1dctO4KWrI
jH4MP1/blKmJkgeB1nwxjHkfdmO62ilyN8XZdKtdM/lJ
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org