Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
File: e07d74df-535d-4244-b607-95997aa421a3.roa (raw, json)
Hash identifier: i4BLeqUqYzFWo+aUlb9IcvdFQ3qfulpGuu1Ml0zDa+Y=
Subject key identifier: 41:CE:29:B7:64:E2:9B:7A:3F:36:0C:31:7A:C9:8E:8B:87:5A:E8:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 658981341B8594114DBEB210F7CF08487E61D0D0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:89:81:34:1b:85:94:11:4d:be:b2:10:f7:cf:08:48:7e:61:d0:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=456fc82d87d0767d2e866b9258c5526d28d2b6d130d813f9d82cc49ef3e70470, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b0:fb:82:3a:35:4e:8c:22:eb:55:41:1d:60:
ef:5f:c7:79:72:1a:b9:ab:18:31:1f:1e:ae:3e:39:
36:0c:43:c1:4d:cc:22:8a:b0:3d:70:f7:56:c0:ff:
e6:5b:9d:92:62:59:87:9e:ff:29:51:97:b6:6e:55:
d5:c0:29:87:65:31:17:7c:05:e2:ba:15:69:fc:ba:
b9:38:78:f6:cd:f2:ac:1c:91:3c:b6:00:03:35:33:
1e:03:46:16:2e:5d:b1:ba:fd:45:f5:e2:7d:fa:18:
f9:f1:3e:fa:0b:f9:56:00:5c:9a:15:93:2b:51:fe:
45:19:36:1d:cc:38:7e:92:bc:20:18:55:80:c2:75:
a5:3b:f9:48:8f:81:97:db:1a:69:f1:d1:d8:6b:f9:
85:10:b0:78:3b:40:38:b7:b6:b9:2b:8f:e4:e6:40:
f6:21:bd:69:e3:72:36:31:52:ed:fc:2f:c0:f3:4d:
fc:1e:97:ff:98:57:d8:df:83:e0:2b:ac:9c:2d:d9:
29:f6:c6:51:d3:66:09:3f:fc:26:9f:4b:2d:a1:77:
a5:d2:3f:58:a2:73:11:d7:6b:f0:a4:d0:7f:92:06:
72:81:b7:a4:b8:e8:b5:2d:8a:09:01:79:66:cb:cb:
89:ab:8f:22:6d:b7:ee:87:b9:a3:6e:4c:5b:99:a7:
49:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CE:29:B7:64:E2:9B:7A:3F:36:0C:31:7A:C9:8E:8B:87:5A:E8:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e07d74df-535d-4244-b607-95997aa421a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:33:ac:38:77:bb:37:b9:9a:5e:4b:91:33:29:5c:29:ce:b4:
eb:04:17:5e:8d:4a:a9:c7:2f:e9:4b:e6:2d:92:14:c1:3b:ad:
f3:f0:3a:3b:08:b1:aa:52:74:6c:bb:da:4d:da:f4:78:64:49:
4a:d2:8b:c4:cd:d5:04:b9:3f:05:ac:88:84:30:56:8f:23:20:
b0:2b:e5:29:68:02:6b:95:23:ad:8e:29:59:20:51:4e:15:0f:
0b:4c:f9:cf:9f:81:19:fc:f4:2c:4a:29:45:c5:ca:d7:81:06:
f0:31:7c:d5:67:86:54:4b:ce:2e:93:fe:28:42:5c:f2:ba:74:
5c:db:c9:8b:b0:ca:20:da:0a:84:9d:8f:bb:97:d3:8f:e2:f3:
50:fc:bc:b5:cf:5a:69:d2:df:d8:d8:0f:d6:73:58:86:02:f0:
a5:12:35:8d:d7:e5:40:8e:c4:76:d0:25:2c:d9:cc:16:80:55:
30:c9:9f:2e:82:81:2b:c0:8c:0c:6b:84:96:0e:2d:08:f1:1b:
c9:aa:3a:5a:d8:a4:33:2f:76:35:05:08:7f:7a:55:1f:af:e0:
33:81:3d:71:6b:f2:89:be:5d:d9:d5:17:44:ca:2a:f4:31:4c:
05:7b:d4:ae:2e:48:d4:4b:4e:d2:d0:09:22:07:e7:93:1f:77:
2b:00:8b:c7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZYmBNBuFlBFNvrIQ988ISH5h0NAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1NmZjODJkODdkMDc2N2QyZTg2NmI5MjU4YzU1MjZkMjhkMmI2ZDEzMGQ4
MTNmOWQ4MmNjNDllZjNlNzA0NzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMew+4I6NU6MIutVQR1g71/HeXIauasYMR8erj45NgxDwU3MIoqwPXD3VsD/
5ludkmJZh57/KVGXtm5V1cAph2UxF3wF4roVafy6uTh49s3yrByRPLYAAzUzHgNG
Fi5dsbr9RfXiffoY+fE++gv5VgBcmhWTK1H+RRk2Hcw4fpK8IBhVgMJ1pTv5SI+B
l9saafHR2Gv5hRCweDtAOLe2uSuP5OZA9iG9aeNyNjFS7fwvwPNN/B6X/5hX2N+D
4CusnC3ZKfbGUdNmCT/8Jp9LLaF3pdI/WKJzEddr8KTQf5IGcoG3pLjotS2KCQF5
ZsvLiauPIm237oe5o25MW5mnSR0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRBzim3
ZOKbej82DDF6yY6Lh1roIDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTA3ZDc0ZGYtNTM1ZC00MjQ0LWI2MDctOTU5OTdhYTQyMWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAsDOsOHe7N7maXkuRMylcKc606wQXXo1Kqccv6Uvm
LZIUwTut8/A6OwixqlJ0bLvaTdr0eGRJStKLxM3VBLk/BayIhDBWjyMgsCvlKWgC
a5UjrY4pWSBRThUPC0z5z5+BGfz0LEopRcXK14EG8DF81WeGVEvOLpP+KEJc8rp0
XNvJi7DKINoKhJ2Pu5fTj+LzUPy8tc9aadLf2NgP1nNYhgLwpRI1jdflQI7EdtAl
LNnMFoBVMMmfLoKBK8CMDGuElg4tCPEbyao6WtikMy92NQUIf3pVH6/gM4E9cWvy
ib5d2dUXRMoq9DFMBXvUri5I1EtO0tAJIgfnkx93KwCLxw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org