Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: zgDGXUGNSuku1ulHEhkr4iZnWNFBoY4outJOtOz3OqU=
Subject key identifier: 9D:70:C2:55:81:23:DF:A5:8C:41:E4:37:8D:AF:01:32:FC:36:46:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 281FDB62DE3AE5B9B84ED4E7C3D9FF9D80649802
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:1f:db:62:de:3a:e5:b9:b8:4e:d4:e7:c3:d9:ff:9d:80:64:98:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=729fac14eb4b1de48286cbc61594dc20bdb8c86ec11075b2e870f8730fc831df, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c9:34:92:c4:97:25:fa:f2:0d:f3:77:e0:b7:
86:e9:76:c3:8a:8b:ad:ef:f2:ff:aa:9c:75:ec:9b:
8b:fb:43:95:2a:68:46:65:46:06:a6:a7:6c:d7:96:
8c:13:91:c9:3d:57:b3:58:1e:bb:08:e9:7c:34:92:
15:94:a5:5c:97:5e:8c:15:33:2f:27:05:d9:35:4f:
9c:85:48:75:fc:f7:49:d7:61:4a:7a:85:0c:e7:61:
89:15:d1:9f:e6:48:b0:a9:0a:61:d5:5d:bc:be:54:
32:78:3f:60:87:ef:0c:b2:a7:2f:64:5d:54:95:e0:
db:b7:23:a8:cb:6b:1f:ef:f1:88:1e:18:d0:c2:67:
a9:27:6d:02:ca:ec:46:f6:26:93:4b:bf:bb:b7:c9:
ac:b5:5e:6e:9c:41:d2:05:be:51:c0:6e:d5:a4:7c:
ee:97:60:55:7d:56:db:72:f5:39:b2:8b:00:85:07:
18:a6:f6:6a:e7:99:e7:83:65:e2:5d:2d:f1:c8:36:
e7:00:18:fa:8a:01:1a:fc:3c:ee:e5:34:6c:ba:9d:
6e:2e:44:a4:3d:ae:4c:6c:c1:9f:57:4e:f9:f6:1d:
4b:96:d3:36:c8:b4:78:a6:d8:93:6c:95:1f:92:9e:
82:5b:3f:6c:77:b7:ce:9e:3e:ee:b4:4b:18:d0:c3:
ac:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:70:C2:55:81:23:DF:A5:8C:41:E4:37:8D:AF:01:32:FC:36:46:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:6f:58:97:3f:36:20:f0:0f:3d:83:c2:60:9b:0d:cd:44:b3:
b2:31:a4:f6:d7:45:b2:80:a5:c0:c5:c6:82:bc:65:02:10:5d:
fd:e0:1a:78:fb:83:59:91:1c:02:df:5b:b4:96:cf:db:ba:3a:
70:4f:ef:e4:9d:47:ef:04:a4:da:0c:48:89:6a:cc:5c:9a:10:
58:29:36:87:1e:fb:32:a5:91:c0:64:60:e1:f9:cb:8b:30:4b:
c8:74:28:18:36:b7:bc:55:97:3f:16:7a:bd:5b:16:fe:a4:92:
87:57:f7:40:8e:e8:0a:1d:9f:95:6e:e5:96:67:49:df:4d:e3:
63:ec:af:34:70:bf:2a:99:c3:cd:2c:41:f0:58:31:50:42:34:
2c:9c:1c:fb:6f:b4:b8:88:f4:61:87:75:c0:6e:ec:ba:ca:aa:
da:88:6a:d1:b2:17:de:27:a8:dd:cb:e4:0c:d5:31:83:52:e2:
5e:5f:dd:cf:72:8f:0f:42:60:f8:67:98:66:c1:6a:6d:6d:3f:
e8:1a:98:b6:75:8a:af:ce:43:88:a2:a4:21:54:4a:51:7f:53:
0f:e9:c8:76:54:4f:58:55:c8:a9:49:38:db:ab:05:3d:47:0f:
3a:ea:f0:35:d6:1e:a2:71:c1:73:f8:c4:de:48:7f:41:48:a3:
03:ee:bc:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKB/bYt465bm4TtTnw9n/nYBkmAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyOWZhYzE0ZWI0YjFkZTQ4Mjg2Y2JjNjE1OTRkYzIwYmRiOGM4NmVjMTEw
NzViMmU4NzBmODczMGZjODMxZGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3JNJLElyX68g3zd+C3hul2w4qLre/y/6qcdeybi/tDlSpoRmVGBqanbNeW
jBORyT1Xs1geuwjpfDSSFZSlXJdejBUzLycF2TVPnIVIdfz3SddhSnqFDOdhiRXR
n+ZIsKkKYdVdvL5UMng/YIfvDLKnL2RdVJXg27cjqMtrH+/xiB4Y0MJnqSdtAsrs
RvYmk0u/u7fJrLVebpxB0gW+UcBu1aR87pdgVX1W23L1ObKLAIUHGKb2aueZ54Nl
4l0t8cg25wAY+ooBGvw87uU0bLqdbi5EpD2uTGzBn1dO+fYdS5bTNsi0eKbYk2yV
H5Kegls/bHe3zp4+7rRLGNDDrMUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSdcMJV
gSPfpYxB5DeNrwEy/DZGHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQBYb1iXPzYg8A89g8Jgmw3NRLOyMaT210WygKXAxcaC
vGUCEF394Bp4+4NZkRwC31u0ls/bujpwT+/knUfvBKTaDEiJasxcmhBYKTaHHvsy
pZHAZGDh+cuLMEvIdCgYNre8VZc/Fnq9Wxb+pJKHV/dAjugKHZ+VbuWWZ0nfTeNj
7K80cL8qmcPNLEHwWDFQQjQsnBz7b7S4iPRhh3XAbuy6yqraiGrRshfeJ6jdy+QM
1TGDUuJeX93Pco8PQmD4Z5hmwWptbT/oGpi2dYqvzkOIoqQhVEpRf1MP6ch2VE9Y
VcipSTjbqwU9Rw866vA11h6iccFz+MTeSH9BSKMD7rxv
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org