Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: /nwmymqS6pIbI4F/0TAiEoZWokEIxfMtimCRYy4U3Uk=
Subject key identifier: 94:46:BE:50:87:95:7A:BD:75:2F:77:F7:F1:F4:59:DD:2F:EF:6B:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 239AF0F89EC1D390AA079E0CD6E07759DBFCBC78
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:9a:f0:f8:9e:c1:d3:90:aa:07:9e:0c:d6:e0:77:59:db:fc:bc:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=c7f11b73537d1d0b47705762c71e94160e654947c6c71cb24a27222a91860e7f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:42:56:27:f6:29:77:83:84:45:1b:99:58:99:
14:7c:f6:18:db:ea:84:ae:8b:d4:86:d6:ba:38:52:
8e:2e:cc:73:1b:08:a3:0d:dc:4a:9d:e3:b0:81:18:
e5:8d:b6:c2:28:b1:3e:18:78:52:3b:3e:0d:75:39:
60:39:e5:5c:ff:58:e1:6f:80:bd:54:31:58:d5:22:
1d:97:3c:ee:57:62:57:58:ad:d1:eb:48:a6:e4:a6:
ee:a6:ae:d1:6a:20:c9:2d:62:85:15:8a:d8:83:58:
04:2b:42:f4:73:ae:fb:aa:42:fb:b6:f3:4d:be:f2:
2b:7f:96:74:9d:17:2e:b6:a4:1f:dc:f4:1c:6d:22:
05:ef:c5:26:2a:b3:be:24:a4:6c:65:7e:82:7d:2e:
08:e3:c8:76:d7:1f:9f:72:b4:3b:a9:f9:68:2c:69:
11:62:f4:37:04:3a:f5:45:22:2a:b1:4d:bb:56:1c:
8f:c3:0e:64:e9:5f:2e:8e:ae:14:55:32:ab:8c:ee:
5f:34:23:b0:7e:ee:8d:72:c8:ea:e8:ed:9b:c1:59:
c7:ae:8e:af:f9:ee:12:56:5d:60:25:e7:90:fe:31:
e5:80:79:d2:c3:4b:07:a4:8a:67:b6:f1:24:bb:2b:
2b:1f:55:1c:70:10:f8:3a:09:fd:02:ca:99:23:16:
3c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:46:BE:50:87:95:7A:BD:75:2F:77:F7:F1:F4:59:DD:2F:EF:6B:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:48:1b:dd:50:2a:2f:eb:71:a0:56:e9:c1:63:7e:99:92:4f:
e5:74:fc:a2:5b:6f:ca:3b:70:80:d7:e2:44:d9:0c:ac:50:dc:
04:1f:f3:7c:f9:b2:41:5e:e2:c5:3e:10:7c:99:ec:a1:2d:e7:
38:2c:f2:71:d1:6e:b7:9c:b7:73:11:ae:a6:90:a3:6f:0c:9d:
6d:65:f8:2e:d3:56:70:a3:29:b8:b9:5a:7d:f7:21:9c:21:59:
71:97:f7:40:de:7f:48:da:d0:f9:74:30:64:df:a6:be:9f:c5:
c9:7e:4b:2a:4f:6c:08:5f:a7:78:19:6a:6e:a3:5a:c7:76:c9:
95:ac:e4:f2:f0:f2:ef:d9:a2:9b:bd:d0:b2:94:9b:e1:6f:bb:
e0:d2:7e:fa:f8:de:ab:f5:09:1e:6c:26:88:24:bb:08:2e:b2:
48:ce:1d:a6:be:f9:0a:98:dc:43:dc:b1:7e:97:4f:66:e7:a1:
b0:51:33:eb:a5:cc:01:d1:52:8b:39:70:01:65:76:8d:03:12:
99:de:75:6c:eb:eb:34:26:17:be:15:fa:15:cc:2b:a0:68:f8:
54:df:94:2b:0f:2d:f9:a4:45:56:22:32:6c:90:28:a7:b2:a8:
a5:6e:50:9d:14:e9:cf:d5:e1:25:88:74:56:85:4a:d9:f7:56:
9b:ec:1a:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI5rw+J7B05CqB54M1uB3Wdv8vHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3ZjExYjczNTM3ZDFkMGI0NzcwNTc2MmM3MWU5NDE2MGU2NTQ5NDdjNmM3
MWNiMjRhMjcyMjJhOTE4NjBlN2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5CVif2KXeDhEUbmViZFHz2GNvqhK6L1IbWujhSji7McxsIow3cSp3jsIEY
5Y22wiixPhh4Ujs+DXU5YDnlXP9Y4W+AvVQxWNUiHZc87ldiV1it0etIpuSm7qau
0WogyS1ihRWK2INYBCtC9HOu+6pC+7bzTb7yK3+WdJ0XLrakH9z0HG0iBe/FJiqz
viSkbGV+gn0uCOPIdtcfn3K0O6n5aCxpEWL0NwQ69UUiKrFNu1Ycj8MOZOlfLo6u
FFUyq4zuXzQjsH7ujXLI6ujtm8FZx66Or/nuElZdYCXnkP4x5YB50sNLB6SKZ7bx
JLsrKx9VHHAQ+DoJ/QLKmSMWPIcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSURr5Q
h5V6vXUvd/fx9FndL+9rUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQCTSBvdUCov63GgVunBY36Zkk/ldPyiW2/KO3CA1+JE
2QysUNwEH/N8+bJBXuLFPhB8meyhLec4LPJx0W63nLdzEa6mkKNvDJ1tZfgu01Zw
oym4uVp99yGcIVlxl/dA3n9I2tD5dDBk36a+n8XJfksqT2wIX6d4GWpuo1rHdsmV
rOTy8PLv2aKbvdCylJvhb7vg0n76+N6r9QkebCaIJLsILrJIzh2mvvkKmNxD3LF+
l09m56GwUTPrpcwB0VKLOXABZXaNAxKZ3nVs6+s0Jhe+FfoVzCugaPhU35QrDy35
pEVWIjJskCinsqilblCdFOnP1eEliHRWhUrZ91ab7BrI
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org