Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json)
Hash identifier: D7ACnzst7Z9YBA3kSBYJZaWqiiUqmPSAfJZAyJzCNh4=
Subject key identifier: BE:71:54:D2:47:98:A4:F5:25:A0:0E:90:16:CD:A3:0E:F2:24:4B:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69F425E49B328331DE510415088A629EFF1AC3D7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:f4:25:e4:9b:32:83:31:de:51:04:15:08:8a:62:9e:ff:1a:c3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=89e3547488cbeb855a33b912522ee8354aa3744b6f2f6c9db8cb7fd2ba8c81f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0d:e6:5b:0a:10:f3:fe:ab:d6:61:6c:4b:9c:
ab:9c:43:3f:7f:0b:40:2f:36:89:a7:da:d4:af:42:
fa:11:27:66:e1:77:fd:64:82:25:d5:6e:44:5f:90:
ae:e4:f9:2a:5c:bc:b8:b7:47:20:e0:79:ab:7d:46:
5d:80:88:c1:39:a3:ff:cc:23:22:f7:9d:64:4e:70:
c2:a2:81:8c:b7:64:94:ea:26:a8:a4:09:30:cb:80:
dd:0b:a2:af:17:82:43:88:dc:58:ee:46:e5:9c:27:
0f:a2:e1:1f:31:e8:a5:88:f7:58:e9:ce:64:60:d5:
21:d7:27:62:25:a4:eb:35:2f:d2:6f:87:37:8b:08:
99:f8:cb:bd:68:d6:e0:c2:57:01:b8:20:42:dc:8e:
38:04:dd:f8:c7:dd:86:ef:4a:12:10:25:60:82:30:
fb:09:fb:b9:0e:7d:a7:8f:4a:06:fc:97:88:16:1f:
70:de:65:5d:59:a2:a3:f7:02:26:56:b6:6f:4a:40:
9c:6b:e8:d3:b4:49:7a:87:2d:69:30:c1:78:e2:02:
c4:2a:75:78:39:55:ab:ae:6f:c8:6c:00:1f:1f:2d:
24:a9:f5:d8:26:8d:d2:39:28:d2:f9:60:41:c4:b7:
34:01:7d:08:d7:ca:5e:b2:f3:4e:d7:36:49:c0:94:
32:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:71:54:D2:47:98:A4:F5:25:A0:0E:90:16:CD:A3:0E:F2:24:4B:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:b2:50:44:45:bb:98:96:c6:0d:0d:73:53:d1:09:82:9c:ea:
79:2a:25:ac:da:a2:13:4b:97:23:e3:6c:ff:64:56:7b:6e:ef:
9c:22:6c:09:fd:89:79:ec:94:e2:1a:ed:ee:f9:84:a7:20:09:
b3:86:36:c1:ef:98:dc:f6:b2:2c:74:fd:67:25:6b:e2:f6:9b:
48:53:5d:0a:53:77:a6:8d:e6:69:8c:74:7c:83:a1:89:30:09:
7c:df:a6:f6:03:50:f9:cf:16:90:72:72:ed:18:94:56:56:be:
79:22:e0:ab:8a:7e:42:7e:72:cf:5b:5f:0b:65:c2:db:1c:e1:
5f:0a:19:e1:0f:ed:38:60:44:66:76:9a:ea:02:06:fd:e9:59:
17:e5:32:d3:05:0f:a4:b3:a8:d6:9f:bb:53:e5:fc:62:4d:26:
a2:38:a2:44:8b:e7:51:5e:12:73:10:c3:59:e5:55:c9:9b:1c:
dc:e1:b9:73:54:82:98:ba:fd:e1:37:49:df:ab:7a:e2:d0:87:
0b:1a:8c:07:25:85:ea:ac:94:ff:dd:58:9c:f7:a8:18:df:be:
17:f0:55:eb:1d:55:95:ff:03:65:1d:51:7a:fe:90:8a:c4:12:
dd:fe:bd:3d:3d:c4:f8:bb:2c:f8:48:25:be:60:29:11:06:0f:
b5:4c:4f:f0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUafQl5JsygzHeUQQVCIpinv8aw9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5ZTM1NDc0ODhjYmViODU1YTMzYjkxMjUyMmVlODM1NGFhMzc0NGI2ZjJm
NmM5ZGI4Y2I3ZmQyYmE4YzgxZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgN5lsKEPP+q9ZhbEucq5xDP38LQC82iafa1K9C+hEnZuF3/WSCJdVuRF+Q
ruT5Kly8uLdHIOB5q31GXYCIwTmj/8wjIvedZE5wwqKBjLdklOomqKQJMMuA3Qui
rxeCQ4jcWO5G5ZwnD6LhHzHopYj3WOnOZGDVIdcnYiWk6zUv0m+HN4sImfjLvWjW
4MJXAbggQtyOOATd+Mfdhu9KEhAlYIIw+wn7uQ59p49KBvyXiBYfcN5lXVmio/cC
Jla2b0pAnGvo07RJeoctaTDBeOICxCp1eDlVq65vyGwAHx8tJKn12CaN0jko0vlg
QcS3NAF9CNfKXrLzTtc2ScCUMicCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+cVTS
R5ik9SWgDpAWzaMO8iRLSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQBLslBERbuYlsYNDXNT0QmCnOp5KiWs2qITS5cj42z/
ZFZ7bu+cImwJ/Yl57JTiGu3u+YSnIAmzhjbB75jc9rIsdP1nJWvi9ptIU10KU3em
jeZpjHR8g6GJMAl836b2A1D5zxaQcnLtGJRWVr55IuCrin5CfnLPW18LZcLbHOFf
ChnhD+04YERmdprqAgb96VkX5TLTBQ+ks6jWn7tT5fxiTSaiOKJEi+dRXhJzEMNZ
5VXJmxzc4blzVIKYuv3hN0nfq3ri0IcLGowHJYXqrJT/3Vic96gY374X8FXrHVWV
/wNlHVF6/pCKxBLd/r09PcT4uyz4SCW+YCkRBg+1TE/w
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org