Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
File: 1dff7204-d968-4bb7-8e61-2db8925bf33e.roa (raw, json)
Hash identifier: vBZVClh2eQooOmZEHe3F2Um4g6Xu2oM3EFttGpVxGw0=
Subject key identifier: 61:78:43:5D:A1:88:95:48:E3:25:89:8A:DF:73:3A:E9:D5:6C:DB:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70A0FDDBAB2EE23AE91AE1C30A3253090CDC634F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:a0:fd:db:ab:2e:e2:3a:e9:1a:e1:c3:0a:32:53:09:0c:dc:63:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=fc95c205d366c12ae7a7085152285189c12d6ee68ecc4d91b4d3864a72dc48ed, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e6:1a:3c:c7:63:30:b6:60:c1:8e:e4:dc:ba:
7e:46:ce:ad:f4:79:b4:ac:f0:68:2b:61:88:1d:4b:
24:67:56:23:6b:36:c4:e9:86:1b:a3:11:38:33:a0:
13:6d:1b:a5:23:38:7e:e2:96:98:92:0f:79:58:34:
7e:00:a6:9b:15:3a:f8:1e:ad:49:5c:78:16:8d:c6:
ff:db:b5:94:3f:1a:7e:37:4e:1b:b3:bd:8d:f6:13:
9c:d2:4c:04:3e:90:fb:1f:d9:bf:27:77:21:11:61:
ca:2b:a0:08:e2:0a:4b:f2:d0:69:3f:08:ee:89:83:
cb:01:24:d9:19:1d:97:e3:69:3d:f7:1f:d1:a8:a3:
53:dd:55:60:82:cd:13:c9:d2:b7:e5:a9:cf:d0:93:
2b:bb:91:cf:07:ab:82:ca:1c:c8:7e:0c:a6:04:6e:
6b:90:3c:23:28:e5:f6:0d:45:f3:d3:77:c8:e4:0b:
08:b2:36:28:ef:5d:b1:0a:3c:10:32:3c:7e:33:17:
f5:2c:4a:b0:87:ac:7f:ec:fa:70:7a:e9:bb:de:53:
48:2f:b9:c5:d3:c1:93:2f:da:18:31:a5:96:24:8a:
92:54:ec:f2:9f:fb:f7:b2:af:5e:16:6f:03:99:b3:
6d:5a:8d:2b:65:37:ab:f9:6c:f1:a1:33:89:94:6b:
bf:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:78:43:5D:A1:88:95:48:E3:25:89:8A:DF:73:3A:E9:D5:6C:DB:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1dff7204-d968-4bb7-8e61-2db8925bf33e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:73:42:a4:5e:f1:8c:a6:29:50:e1:5f:8a:1c:7e:b7:32:3b:
37:ef:ff:15:4d:a8:82:16:a2:75:6f:56:a4:2a:be:d9:4b:7c:
75:3c:47:ab:d5:58:80:2a:13:a1:2a:c9:78:f4:41:d3:be:4f:
3b:b0:dc:bc:7f:1c:66:18:9f:7e:03:a2:36:13:24:e2:11:6b:
21:9d:d0:a9:f6:ab:c7:e7:ba:94:6b:fb:31:2e:cc:38:f5:9d:
98:dc:e5:45:72:e6:9c:f4:eb:fb:57:a8:bf:f3:cc:31:5d:94:
65:df:c6:9a:47:c3:d9:9a:93:81:45:1c:26:c2:27:b9:f3:e7:
0d:f5:28:21:cf:c4:11:f2:73:97:3f:07:38:f4:cd:d7:a2:10:
dd:b9:ef:05:b1:a6:d5:07:d7:26:ce:c6:f1:21:60:3d:15:c3:
61:4e:69:5b:2c:fb:36:78:b3:a6:df:9e:7a:a0:1a:7a:b7:7f:
5d:26:a3:57:e9:c9:19:e0:b3:5c:62:ec:38:77:37:63:1e:b6:
46:bd:8d:0d:bb:e8:08:3f:47:e5:da:86:a3:fa:5b:68:61:6f:
58:ec:3d:5c:59:60:ac:08:14:2a:78:aa:90:5b:43:80:11:60:
54:26:9b:2d:d2:cf:61:c1:0f:35:36:0c:5f:46:d0:49:3c:3e:
1c:33:f5:a1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcKD926su4jrpGuHDCjJTCQzcY08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjOTVjMjA1ZDM2NmMxMmFlN2E3MDg1MTUyMjg1MTg5YzEyZDZlZTY4ZWNj
NGQ5MWI0ZDM4NjRhNzJkYzQ4ZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzmGjzHYzC2YMGO5Ny6fkbOrfR5tKzwaCthiB1LJGdWI2s2xOmGG6MRODOg
E20bpSM4fuKWmJIPeVg0fgCmmxU6+B6tSVx4Fo3G/9u1lD8afjdOG7O9jfYTnNJM
BD6Q+x/Zvyd3IRFhyiugCOIKS/LQaT8I7omDywEk2Rkdl+NpPfcf0aijU91VYILN
E8nSt+Wpz9CTK7uRzwergsocyH4MpgRua5A8Iyjl9g1F89N3yOQLCLI2KO9dsQo8
EDI8fjMX9SxKsIesf+z6cHrpu95TSC+5xdPBky/aGDGlliSKklTs8p/797KvXhZv
A5mzbVqNK2U3q/ls8aEziZRrvxMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRheENd
oYiVSOMliYrfczrp1WzbGDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRmZjcyMDQtZDk2OC00YmI3LThlNjEtMmRiODkyNWJmMzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQCyc0KkXvGMpilQ4V+KHH63Mjs37/8VTaiCFqJ1b1ak
Kr7ZS3x1PEer1ViAKhOhKsl49EHTvk87sNy8fxxmGJ9+A6I2EyTiEWshndCp9qvH
57qUa/sxLsw49Z2Y3OVFcuac9Ov7V6i/88wxXZRl38aaR8PZmpOBRRwmwie58+cN
9Sghz8QR8nOXPwc49M3XohDdue8FsabVB9cmzsbxIWA9FcNhTmlbLPs2eLOm3556
oBp6t39dJqNX6ckZ4LNcYuw4dzdjHrZGvY0Nu+gIP0fl2oaj+ltoYW9Y7D1cWWCs
CBQqeKqQW0OAEWBUJpst0s9hwQ81NgxfRtBJPD4cM/Wh
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org