Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
File: 55eb1295-2121-40dc-bdd3-a11a68da507a.roa (raw, json)
Hash identifier: S6gOBRhKGNNpSLlKV+xJM2t4w+Wl6f9UutIgiCIOuNc=
Subject key identifier: C3:08:AA:02:B2:2F:2C:A9:A3:37:3C:B9:FC:3E:A0:D9:C5:1E:78:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32371D53A3D37F661C18A08339850385EC15F57B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:37:1d:53:a3:d3:7f:66:1c:18:a0:83:39:85:03:85:ec:15:f5:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=e7638239982a247cb68e08499a37dfa8e7c08ec5fea85e683f5811a5203b8163, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f5:5c:ed:ae:d3:b5:3f:da:74:f2:f9:e8:0d:
65:70:a0:51:c7:c6:e2:d3:47:90:16:ba:87:80:ab:
99:4b:16:21:ce:ae:a9:1c:6d:89:f7:f2:83:a6:8b:
52:2c:77:4f:56:e0:35:a0:25:97:c7:ef:40:e0:1e:
78:87:a7:e9:13:5b:de:59:79:cc:ac:21:28:a0:b2:
05:26:ef:8d:00:54:59:4b:78:aa:58:03:06:4c:64:
0e:ad:01:5a:76:26:88:3a:83:a9:ab:09:8a:e6:e6:
17:e8:90:17:3d:11:9b:e9:b8:08:10:fa:d9:4c:66:
47:65:9c:99:59:9e:ff:c1:ef:03:8c:85:e1:fd:c6:
63:80:ac:98:f0:f9:34:d6:fd:2d:21:64:33:cc:cb:
e3:eb:b7:db:1c:2f:08:27:80:55:ee:90:13:1f:fd:
37:18:0a:35:c0:69:d7:70:ae:c2:0c:70:61:97:20:
81:49:32:36:09:a8:92:5f:a5:9a:08:97:bb:58:72:
dd:59:24:a5:20:0a:d0:e6:87:29:2b:c5:a3:88:ca:
ce:e5:dc:c7:d2:4d:97:c2:da:3e:6a:62:f9:fe:d7:
29:bb:ab:61:b1:3a:27:6a:30:91:e0:55:b9:b8:bc:
ed:af:97:55:9b:0c:9b:47:3a:da:84:e7:3b:27:76:
6d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:08:AA:02:B2:2F:2C:A9:A3:37:3C:B9:FC:3E:A0:D9:C5:1E:78:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55eb1295-2121-40dc-bdd3-a11a68da507a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
5a:ee:76:f3:15:9d:14:9f:f6:a0:a6:3f:c5:40:04:f2:04:bd:
42:39:2f:83:dd:e7:f4:47:05:1a:a7:de:57:a6:db:37:51:26:
43:d3:57:64:3c:05:f0:43:db:3b:e1:1f:d7:02:67:df:54:fc:
a5:78:58:f4:f7:01:84:81:80:d2:98:22:79:b5:db:a7:8a:23:
d2:a1:44:be:d8:b6:a9:b4:6d:1b:77:0a:04:68:7b:66:0b:11:
f4:00:ba:15:67:0a:6a:fe:3c:4d:e3:ba:f6:1c:21:95:f0:6d:
a9:a4:28:e8:d9:ec:fb:4f:e6:f3:d8:4d:6b:87:68:af:1b:6a:
d6:d3:df:47:e0:f5:12:c8:95:31:0e:f2:d9:e8:eb:9a:ef:28:
31:37:1b:ca:52:4e:fe:7c:52:60:02:da:c1:70:ac:02:3f:8c:
c5:ef:8e:92:53:a3:60:5c:05:a9:cc:88:42:20:48:ba:6b:55:
a7:38:24:70:4a:af:d2:09:2a:dd:45:04:ae:fc:61:da:be:dc:
7f:af:f0:0d:f6:b3:fe:d9:72:ae:93:c3:6e:8f:98:21:a3:6b:
fb:7c:4b:29:31:5f:0f:b6:88:bf:ff:9f:b6:1f:4f:61:1c:a5:
48:33:2c:65:f8:21:c5:b3:88:6c:c4:2a:48:66:9d:ce:ca:96:
16:b1:a1:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMjcdU6PTf2YcGKCDOYUDhewV9XswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU3NjM4MjM5OTgyYTI0N2NiNjhlMDg0OTlhMzdkZmE4ZTdjMDhlYzVmZWE4
NWU2ODNmNTgxMWE1MjAzYjgxNjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOn1XO2u07U/2nTy+egNZXCgUcfG4tNHkBa6h4CrmUsWIc6uqRxtiffyg6aL
Uix3T1bgNaAll8fvQOAeeIen6RNb3ll5zKwhKKCyBSbvjQBUWUt4qlgDBkxkDq0B
WnYmiDqDqasJiubmF+iQFz0Rm+m4CBD62UxmR2WcmVme/8HvA4yF4f3GY4CsmPD5
NNb9LSFkM8zL4+u32xwvCCeAVe6QEx/9NxgKNcBp13CuwgxwYZcggUkyNgmokl+l
mgiXu1hy3VkkpSAK0OaHKSvFo4jKzuXcx9JNl8LaPmpi+f7XKburYbE6J2owkeBV
ubi87a+XVZsMm0c62oTnOyd2beMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTDCKoC
si8sqaM3PLn8PqDZxR54CDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTVlYjEyOTUtMjEyMS00MGRjLWJkZDMtYTExYTY4ZGE1MDdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAWu528xWdFJ/2oKY/xUAE8gS9Qjkvg93n9EcFGqfe
V6bbN1EmQ9NXZDwF8EPbO+Ef1wJn31T8pXhY9PcBhIGA0pgiebXbp4oj0qFEvti2
qbRtG3cKBGh7ZgsR9AC6FWcKav48TeO69hwhlfBtqaQo6Nns+0/m89hNa4dorxtq
1tPfR+D1EsiVMQ7y2ejrmu8oMTcbylJO/nxSYALawXCsAj+Mxe+OklOjYFwFqcyI
QiBIumtVpzgkcEqv0gkq3UUErvxh2r7cf6/wDfaz/tlyrpPDbo+YIaNr+3xLKTFf
D7aIv/+fth9PYRylSDMsZfghxbOIbMQqSGadzsqWFrGhhw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:28 2024 by rpki-client on console-ams.rpki-client.org