Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
File: 43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa (raw, json)
Hash identifier: 7Dd9w+Yq9O8UBEAvEkIV40y5T/ccapUbCVTvdcVjAz4=
Subject key identifier: D5:5E:D0:CA:24:65:C9:2A:77:F3:73:F2:74:B3:57:49:51:9C:34:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A84D618137DBE68C309B373CC635DE5B452ACD1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:84:d6:18:13:7d:be:68:c3:09:b3:73:cc:63:5d:e5:b4:52:ac:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9e830e06c8630b234e2ea1ddb91f507cdfdedd2f488c5658e9c33f0304cb8261, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bd:10:39:9a:3a:65:2c:d9:34:e6:f3:72:6b:
f4:1f:24:81:d9:5e:2c:57:de:f6:de:c1:7a:eb:ba:
6f:93:39:35:7f:a3:56:34:95:0d:a2:34:a6:4c:9a:
be:12:44:b7:6a:9c:a7:86:af:08:2f:c8:7e:1c:9a:
12:f7:70:d1:9e:36:0e:2f:a8:e3:9f:6e:af:19:e1:
de:f1:e8:a5:6f:66:d2:35:cf:90:0c:41:52:99:53:
08:41:7b:c6:bc:c1:6c:df:99:b2:d1:c2:b8:df:a4:
39:c3:6a:6f:99:cb:7d:e6:be:f4:56:8b:af:70:58:
88:9a:74:c0:a2:d5:bd:9d:a9:68:51:6a:5a:48:b4:
1a:e1:15:f9:d8:f7:70:31:4c:81:70:23:87:e6:29:
f0:d3:d0:8f:a7:cc:5d:46:b2:0e:18:b9:a7:2e:d6:
3f:73:e4:5f:70:22:ad:be:a7:af:05:52:c4:f2:06:
26:7b:72:ca:7f:e0:15:29:db:e8:f1:a8:0a:e0:2e:
b0:ff:3a:f8:17:0f:0e:c5:8c:06:16:7d:3d:ae:27:
e4:21:22:b8:eb:3c:56:9a:d8:d7:a3:f8:42:15:68:
90:7f:0e:04:9e:f7:eb:b7:33:55:98:ca:9b:93:46:
0c:5a:2b:ee:b8:39:71:24:9a:e8:65:90:6c:13:80:
51:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:5E:D0:CA:24:65:C9:2A:77:F3:73:F2:74:B3:57:49:51:9C:34:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43b4f5e1-05ed-4c2c-96a9-165348835e8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:71:39:a6:c6:c1:0d:db:4a:c5:e8:97:db:70:ea:cf:62:80:
a4:d7:e9:3b:f3:1c:c3:79:e8:39:39:41:28:f8:14:c8:fe:c9:
3d:39:30:2a:d6:1c:f5:86:9b:64:1d:cd:27:46:80:f2:c6:2a:
9f:61:a9:4b:31:95:e0:70:f6:6f:52:bf:91:7e:ef:38:3b:ec:
de:5a:80:f6:92:71:78:9f:20:b6:4d:51:3e:37:bf:cc:0d:d2:
f5:06:a4:cb:7c:43:c5:d3:7b:a0:c9:cd:2f:ae:a7:66:7b:30:
c4:99:37:88:31:44:4e:13:52:c5:77:75:9c:4e:01:1f:78:cd:
b0:ba:54:e9:a9:b2:c5:03:24:a5:05:d7:28:b0:67:75:58:ab:
2f:e6:72:d0:9c:bf:91:d7:da:46:0a:f4:dc:32:a0:c7:bb:50:
c0:34:88:15:8d:66:77:c6:7f:e6:bb:78:4c:17:b6:86:fe:c6:
e4:6f:7b:9f:b0:cc:50:a6:0f:10:1d:2e:19:78:50:a8:b5:3e:
63:64:b8:cf:08:76:05:7c:eb:a2:2b:05:e7:d9:e7:5b:e2:a9:
20:03:28:8f:f2:b6:ab:a2:79:c8:1c:84:2d:99:9e:1a:d0:c5:
84:7a:b4:37:dd:e1:83:cd:db:25:10:4a:4a:bb:6e:32:d4:d9:
c0:ed:b3:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSoTWGBN9vmjDCbNzzGNd5bRSrNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDllODMwZTA2Yzg2MzBiMjM0ZTJlYTFkZGI5MWY1MDdjZGZkZWRkMmY0ODhj
NTY1OGU5YzMzZjAzMDRjYjgyNjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANq9EDmaOmUs2TTm83Jr9B8kgdleLFfe9t7Beuu6b5M5NX+jVjSVDaI0pkya
vhJEt2qcp4avCC/IfhyaEvdw0Z42Di+o459urxnh3vHopW9m0jXPkAxBUplTCEF7
xrzBbN+ZstHCuN+kOcNqb5nLfea+9FaLr3BYiJp0wKLVvZ2paFFqWki0GuEV+dj3
cDFMgXAjh+Yp8NPQj6fMXUayDhi5py7WP3PkX3Airb6nrwVSxPIGJntyyn/gFSnb
6PGoCuAusP86+BcPDsWMBhZ9Pa4n5CEiuOs8VprY16P4QhVokH8OBJ7367czVZjK
m5NGDFor7rg5cSSa6GWQbBOAUfsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTVXtDK
JGXJKnfzc/J0s1dJUZw0PjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNiNGY1ZTEtMDVlZC00YzJjLTk2YTktMTY1MzQ4ODM1ZThjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQBbcTmmxsEN20rF6JfbcOrPYoCk1+k78xzDeeg5OUEo
+BTI/sk9OTAq1hz1hptkHc0nRoDyxiqfYalLMZXgcPZvUr+Rfu84O+zeWoD2knF4
nyC2TVE+N7/MDdL1BqTLfEPF03ugyc0vrqdmezDEmTeIMUROE1LFd3WcTgEfeM2w
ulTpqbLFAySlBdcosGd1WKsv5nLQnL+R19pGCvTcMqDHu1DANIgVjWZ3xn/mu3hM
F7aG/sbkb3ufsMxQpg8QHS4ZeFCotT5jZLjPCHYFfOuiKwXn2edb4qkgAyiP8rar
onnIHIQtmZ4a0MWEerQ33eGDzdslEEpKu24y1NnA7bOj
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org