Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
File: 49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa (raw, json)
Hash identifier: jwMakxZZbYZd+qcxIYGipjU2AO1ebBlSEn7WF2aahRg=
Subject key identifier: 1E:A2:ED:57:53:2D:C6:25:B9:99:56:C8:36:72:96:8F:80:4D:AC:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13DE935158CF150BF9B8141C16A0EFC13819B679
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:de:93:51:58:cf:15:0b:f9:b8:14:1c:16:a0:ef:c1:38:19:b6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=a69041c54348e8fc28b7e772aec5656d80dbbba617a733792cdf553f3fe7f40a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b2:2a:af:6b:48:ee:3a:9a:69:ad:1d:02:65:
9f:f2:88:c9:35:bd:90:db:2f:6f:bf:03:c1:ff:c4:
f5:66:b3:90:6b:c9:d2:df:f1:a6:ee:76:03:ae:4b:
32:24:d8:4a:18:ad:23:e7:2b:d9:7e:f4:c8:da:09:
4b:56:59:2c:cb:83:6e:9b:cf:ee:a0:8f:5d:f1:1a:
62:9e:07:fa:09:bf:7d:a3:b3:6b:ed:bd:88:4b:5d:
cf:a0:c0:6f:86:bb:2b:c4:ce:16:2f:d3:f7:2c:b3:
74:59:e1:97:0c:09:8b:6e:42:8e:94:0b:9e:1a:0e:
c8:9a:b8:1e:c7:6e:42:94:95:e6:38:56:a8:c7:60:
71:b8:04:51:c0:93:a6:10:16:be:a1:14:a9:21:6d:
4e:1b:62:98:b9:f7:80:52:87:ca:83:80:20:d6:0a:
40:a0:39:a4:63:bd:69:7b:9c:b2:c4:21:43:8b:33:
7b:a8:12:a2:9c:a7:e2:ac:0f:62:db:eb:91:d9:49:
72:b7:cb:27:cb:39:8b:79:75:b0:4d:4c:ea:bd:43:
7d:66:a2:9b:fc:e0:e1:49:0d:79:6e:80:29:f3:19:
ae:a9:43:ee:e1:fd:a1:6b:2c:4c:6f:52:00:96:87:
0c:93:42:b4:67:58:8d:3f:f4:86:00:73:c3:b4:22:
ee:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A2:ED:57:53:2D:C6:25:B9:99:56:C8:36:72:96:8F:80:4D:AC:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49016cf3-23c5-4b17-b3e9-1c36e6cac1e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:da:3f:54:9d:c5:5f:9a:81:52:6f:57:6c:79:63:01:01:16:
62:2e:e7:51:be:18:9d:62:09:37:54:0d:a5:ac:77:f1:64:a2:
12:0b:6f:93:50:76:8e:b4:01:cf:25:6f:44:41:5f:f0:72:77:
22:ab:97:6b:bd:fc:14:f5:f5:b4:37:08:f2:5c:bf:8c:6a:0e:
5b:3d:4e:47:46:7d:7b:2b:1c:f5:00:95:87:c3:f5:10:43:00:
d5:4b:d5:95:07:eb:ea:95:49:4f:44:af:c0:2d:67:f9:69:cd:
2a:b4:7c:5f:47:89:52:21:d6:6e:ed:1c:2c:23:6e:d7:84:30:
31:ac:8c:47:15:f1:f1:1d:e5:c3:32:de:1c:46:8e:41:53:82:
0d:8e:47:5b:0d:11:54:04:12:41:81:7d:59:31:8f:d1:ad:a6:
50:ad:39:3d:fb:4e:b0:06:b1:4d:fc:b6:c9:1d:90:67:93:94:
da:5c:36:3a:d0:87:4e:9c:68:b4:64:f2:24:1b:85:07:72:26:
84:c9:2e:d8:b9:ef:cf:55:5e:fd:fe:5d:12:c6:0b:83:63:23:
d8:1e:b4:3a:9f:54:aa:42:61:ea:ce:c5:76:68:a4:d9:84:5d:
ff:ba:13:08:62:33:c9:47:54:dc:2c:3f:9c:70:bf:bd:40:38:
b7:f2:1f:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE96TUVjPFQv5uBQcFqDvwTgZtnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2OTA0MWM1NDM0OGU4ZmMyOGI3ZTc3MmFlYzU2NTZkODBkYmJiYTYxN2E3
MzM3OTJjZGY1NTNmM2ZlN2Y0MGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCyKq9rSO46mmmtHQJln/KIyTW9kNsvb78Dwf/E9WazkGvJ0t/xpu52A65L
MiTYShitI+cr2X70yNoJS1ZZLMuDbpvP7qCPXfEaYp4H+gm/faOza+29iEtdz6DA
b4a7K8TOFi/T9yyzdFnhlwwJi25CjpQLnhoOyJq4HsduQpSV5jhWqMdgcbgEUcCT
phAWvqEUqSFtThtimLn3gFKHyoOAINYKQKA5pGO9aXucssQhQ4sze6gSopyn4qwP
YtvrkdlJcrfLJ8s5i3l1sE1M6r1DfWaim/zg4UkNeW6AKfMZrqlD7uH9oWssTG9S
AJaHDJNCtGdYjT/0hgBzw7Qi7g8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeou1X
Uy3GJbmZVsg2cpaPgE2szzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkwMTZjZjMtMjNjNS00YjE3LWIzZTktMWMzNmU2Y2FjMWUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ2j9UncVfmoFSb1dseWMBARZiLudRvhidYgk3VA2l
rHfxZKISC2+TUHaOtAHPJW9EQV/wcnciq5drvfwU9fW0NwjyXL+Mag5bPU5HRn17
Kxz1AJWHw/UQQwDVS9WVB+vqlUlPRK/ALWf5ac0qtHxfR4lSIdZu7RwsI27XhDAx
rIxHFfHxHeXDMt4cRo5BU4INjkdbDRFUBBJBgX1ZMY/RraZQrTk9+06wBrFN/LbJ
HZBnk5TaXDY60IdOnGi0ZPIkG4UHciaEyS7Yue/PVV79/l0SxguDYyPYHrQ6n1Sq
QmHqzsV2aKTZhF3/uhMIYjPJR1TcLD+ccL+9QDi38h93
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org