Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/197a8641-5e8c-47f5-b202-941d73190653.roa
File: 197a8641-5e8c-47f5-b202-941d73190653.roa (raw, json)
Hash identifier: HM5DwI8xAs/Fl/SXtcuOoz8/2yoB/pAs6gaDemmfrWw=
Subject key identifier: FC:7E:27:47:C3:08:53:1D:13:43:C7:FD:3F:A4:B5:CA:54:F2:C8:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7942F95FCB1C08A1F2EA2F5B64D54AE5E464DE7B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/197a8641-5e8c-47f5-b202-941d73190653.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:42:f9:5f:cb:1c:08:a1:f2:ea:2f:5b:64:d5:4a:e5:e4:64:de:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=75fb4b61a673b43ef9a3c058ec23396b446bc96184735c47620a1b22d1564a6a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9f:26:bf:fa:4c:d1:64:39:1f:7b:df:7b:ec:
5c:6a:f1:a3:85:37:38:df:b7:04:66:34:4d:21:dd:
81:fd:b7:19:ca:0b:5c:7e:a9:fb:8b:e7:a8:8f:b2:
1e:ea:15:4f:71:8b:aa:7d:c1:2b:89:af:c6:a6:e0:
96:0f:54:15:a6:9a:67:df:59:24:10:78:6c:a7:74:
b0:61:8a:e3:a6:d4:28:af:26:32:2f:f7:ca:78:cf:
71:79:bc:bd:ff:f0:cb:54:e4:94:c2:50:7b:96:eb:
2b:32:04:48:d3:c8:a1:a5:d1:a8:ce:81:14:b0:f1:
fe:89:5b:1a:be:cc:97:9f:d6:60:5c:49:6f:19:2f:
15:17:77:9d:83:8b:30:cf:d5:08:09:9e:41:81:02:
0d:8d:22:ba:c9:f9:9b:45:b7:62:9d:6b:18:63:99:
e7:db:71:b6:a9:cc:19:05:c5:60:e9:a7:19:47:5b:
68:af:73:e0:bd:8e:a6:cf:ba:97:6a:e7:de:6e:7f:
eb:cb:92:43:0c:09:07:48:d1:f6:ed:0c:fd:2d:7d:
44:3c:01:f4:6b:8e:5c:7a:f5:39:7f:14:7c:24:3a:
89:30:a1:0e:fe:56:4a:78:d0:be:d3:f8:37:7b:61:
a6:cc:31:5a:c6:28:b4:fe:84:c2:9b:3c:f9:af:df:
e5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7E:27:47:C3:08:53:1D:13:43:C7:FD:3F:A4:B5:CA:54:F2:C8:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/197a8641-5e8c-47f5-b202-941d73190653.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:36:21:3a:1e:ae:29:93:c0:80:eb:3e:71:55:c4:6b:f4:c1:
e6:20:8c:56:d1:c3:ae:da:5b:6d:22:dc:4d:1f:b4:b8:cc:73:
ff:7a:fa:17:ed:9d:a3:c2:b4:f5:95:fa:41:c3:14:a6:78:b7:
21:39:3c:21:fa:64:b2:3b:a9:cc:a9:be:ee:ae:1a:aa:25:11:
d6:e3:8f:a1:7d:86:7e:63:fd:f7:7f:c9:29:ad:92:a8:c3:b8:
85:22:c5:ce:07:75:e7:0d:87:77:74:83:fb:ec:da:f1:55:3a:
fe:80:ff:14:cd:da:b8:cc:d5:c6:ef:77:ad:8a:3c:45:d5:95:
fa:9c:8a:e4:0a:1e:49:0b:9b:6e:18:7f:d7:62:c9:5b:9e:4a:
55:81:38:91:f4:aa:37:1c:74:d6:54:d4:fd:45:8c:bb:96:24:
f4:75:a7:16:50:d7:3a:4e:f0:f9:f2:1d:67:39:17:1f:30:49:
72:06:e1:11:65:4f:15:8e:73:37:31:a1:d4:b5:49:c7:93:1f:
d5:e3:08:f8:11:54:c6:c0:19:82:f5:99:8a:d1:d5:75:83:9c:
4b:1d:d6:f8:f7:8a:1a:85:ac:f4:ca:e8:e9:1a:ab:73:65:6c:
f0:c1:ff:50:ba:54:a0:ba:91:95:ad:f2:e3:a3:50:af:76:2e:
9e:23:0f:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeUL5X8scCKHy6i9bZNVK5eRk3nswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1ZmI0YjYxYTY3M2I0M2VmOWEzYzA1OGVjMjMzOTZiNDQ2YmM5NjE4NDcz
NWM0NzYyMGExYjIyZDE1NjRhNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKfJr/6TNFkOR9733vsXGrxo4U3ON+3BGY0TSHdgf23GcoLXH6p+4vnqI+y
HuoVT3GLqn3BK4mvxqbglg9UFaaaZ99ZJBB4bKd0sGGK46bUKK8mMi/3ynjPcXm8
vf/wy1TklMJQe5brKzIESNPIoaXRqM6BFLDx/olbGr7Ml5/WYFxJbxkvFRd3nYOL
MM/VCAmeQYECDY0iusn5m0W3Yp1rGGOZ59txtqnMGQXFYOmnGUdbaK9z4L2Ops+6
l2rn3m5/68uSQwwJB0jR9u0M/S19RDwB9GuOXHr1OX8UfCQ6iTChDv5WSnjQvtP4
N3thpswxWsYotP6Ewps8+a/f5ZMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8fidH
wwhTHRNDx/0/pLXKVPLIPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTk3YTg2NDEtNWU4Yy00N2Y1LWIyMDItOTQxZDczMTkwNjUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQDHNiE6Hq4pk8CA6z5xVcRr9MHmIIxW0cOu2lttItxN
H7S4zHP/evoX7Z2jwrT1lfpBwxSmeLchOTwh+mSyO6nMqb7urhqqJRHW44+hfYZ+
Y/33f8kprZKow7iFIsXOB3XnDYd3dIP77NrxVTr+gP8Uzdq4zNXG73etijxF1ZX6
nIrkCh5JC5tuGH/XYslbnkpVgTiR9Ko3HHTWVNT9RYy7liT0dacWUNc6TvD58h1n
ORcfMElyBuERZU8VjnM3MaHUtUnHkx/V4wj4EVTGwBmC9ZmK0dV1g5xLHdb494oa
haz0yujpGqtzZWzwwf9QulSgupGVrfLjo1Cvdi6eIw/v
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org