Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: ZZrb+NxMp9sOCH2plhXjlBd4TQa2iFEpb5jiZPMJ2J4=
Subject key identifier: 91:74:67:50:AF:99:7F:7B:B0:9A:52:74:33:12:FF:3E:6D:A6:39:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67F7334812F88E788FA9ADB3F63527116AC2407A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:f7:33:48:12:f8:8e:78:8f:a9:ad:b3:f6:35:27:11:6a:c2:40:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=e32db39987424c4d1353a09a95bff545bde6ffa7ee887ea819a367fc188c97a6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:28:b2:8d:75:65:6e:e6:17:ed:91:be:97:37:
61:a0:01:51:53:e8:eb:7c:4e:cb:1b:81:cb:c2:a0:
ed:52:a1:a5:7c:2a:26:72:9a:3c:7e:45:d6:fa:4f:
21:1a:46:6b:f2:18:3b:86:27:15:e5:3d:bd:5e:8e:
a6:72:f2:ff:15:9f:66:1b:c4:78:38:95:d2:24:50:
ce:81:9e:c5:b4:4e:cb:f4:d2:8f:65:90:b9:55:1d:
ff:3f:de:9c:ea:39:a1:6f:6f:63:c4:cc:76:56:34:
5d:14:b3:f6:5f:bc:a3:fb:6f:2c:04:b2:75:28:c7:
55:18:33:1b:f3:02:76:d0:4b:29:bc:b8:3a:65:f8:
31:2c:71:f3:26:cf:82:f5:17:94:2b:59:d2:ff:3d:
da:ee:46:43:09:52:ff:07:4c:4a:f0:fd:cf:cc:0a:
3a:e2:f7:dc:d4:d6:12:a4:e9:5e:09:06:95:aa:41:
3b:d7:2c:75:0a:98:39:94:33:12:66:ba:e2:1c:b5:
0d:68:4f:04:93:4b:f4:08:80:07:fd:19:4e:ad:20:
c6:24:83:ac:06:83:75:54:df:58:4e:84:62:a9:48:
9d:ab:f8:33:9e:7e:f3:be:41:bb:98:95:06:86:36:
c5:fe:a8:82:e3:78:b1:12:4a:7e:16:ce:bd:2f:f7:
81:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:74:67:50:AF:99:7F:7B:B0:9A:52:74:33:12:FF:3E:6D:A6:39:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
46:18:62:ac:bd:9b:a8:a0:7c:b2:e4:57:f9:35:74:30:ce:be:
86:82:56:01:ba:e1:8c:74:45:a9:cf:36:6b:28:91:a3:ad:c2:
d2:d1:d6:fd:86:bb:28:89:c5:2d:2e:de:f4:b4:c5:37:a6:ff:
19:25:20:bf:1b:d7:54:6f:74:15:ba:e6:47:98:82:6f:a1:1c:
04:e1:ab:c2:97:dc:1c:41:89:59:17:3e:1c:e7:4d:75:fd:26:
ac:00:13:f1:29:ba:9e:db:ff:38:7c:bd:66:08:69:41:33:a9:
01:dc:f0:e7:46:29:a6:64:73:fd:58:b6:c0:14:4c:6d:9f:a7:
71:45:19:e0:da:f4:58:d2:81:61:bb:40:56:59:fa:c2:b7:a3:
d0:ae:84:d6:7b:1e:45:7b:a8:1d:6d:dc:2c:26:9e:61:55:31:
a7:5b:20:01:54:0c:4e:2c:38:4f:dc:d4:a9:04:a2:8b:a1:79:
c4:09:31:98:55:71:fa:da:bd:a3:44:1e:9c:2f:99:38:6e:a3:
cd:ef:e2:33:bd:aa:c2:68:fd:16:67:2a:59:c6:93:78:7d:f5:
23:2c:db:26:88:95:03:66:6b:0f:3b:3c:f5:ce:23:c3:e6:d0:
32:b5:a6:72:29:16:8e:dc:8a:12:69:d4:83:d6:8a:da:db:64:
87:89:ce:f8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ/czSBL4jniPqa2z9jUnEWrCQHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzMmRiMzk5ODc0MjRjNGQxMzUzYTA5YTk1YmZmNTQ1YmRlNmZmYTdlZTg4
N2VhODE5YTM2N2ZjMTg4Yzk3YTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAoso11ZW7mF+2Rvpc3YaABUVPo63xOyxuBy8Kg7VKhpXwqJnKaPH5F1vpP
IRpGa/IYO4YnFeU9vV6OpnLy/xWfZhvEeDiV0iRQzoGexbROy/TSj2WQuVUd/z/e
nOo5oW9vY8TMdlY0XRSz9l+8o/tvLASydSjHVRgzG/MCdtBLKby4OmX4MSxx8ybP
gvUXlCtZ0v892u5GQwlS/wdMSvD9z8wKOuL33NTWEqTpXgkGlapBO9csdQqYOZQz
Ema64hy1DWhPBJNL9AiAB/0ZTq0gxiSDrAaDdVTfWE6EYqlInav4M55+875Bu5iV
BoY2xf6oguN4sRJKfhbOvS/3gR8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSRdGdQ
r5l/e7CaUnQzEv8+baY5ZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEARhhirL2bqKB8suRX+TV0MM6+hoJWAbrhjHRFqc82
ayiRo63C0tHW/Ya7KInFLS7e9LTFN6b/GSUgvxvXVG90FbrmR5iCb6EcBOGrwpfc
HEGJWRc+HOdNdf0mrAAT8Sm6ntv/OHy9ZghpQTOpAdzw50YppmRz/Vi2wBRMbZ+n
cUUZ4Nr0WNKBYbtAVln6wrej0K6E1nseRXuoHW3cLCaeYVUxp1sgAVQMTiw4T9zU
qQSii6F5xAkxmFVx+tq9o0QenC+ZOG6jze/iM72qwmj9FmcqWcaTeH31IyzbJoiV
A2ZrDzs89c4jw+bQMrWmcikWjtyKEmnUg9aK2ttkh4nO+A==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:08 2024 by rpki-client on console-fra.rpki-client.org