Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: xLqdXgXaSnsrmYD0JQIAm+NVaX72B4TXkhq4ZLeThCo=
Subject key identifier: 4A:A2:32:3A:AD:75:EA:DF:FF:71:1A:5A:4B:48:91:A0:47:6F:90:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D4351322B0E4161AF775E0356F044F05B656E31
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:43:51:32:2b:0e:41:61:af:77:5e:03:56:f0:44:f0:5b:65:6e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=3d97d8db00c44c5bf5f6462c99e0bd2b6ac66396cdb865147f1810f8da1053a2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d0:46:50:33:04:56:96:c4:ca:d0:82:56:d0:
3d:a3:3c:f3:b4:86:6f:f5:aa:31:0e:bb:4f:fb:2f:
38:39:cb:f3:2a:7f:3d:42:8c:74:01:d4:17:87:11:
23:88:c5:eb:b2:b2:5f:41:2c:ab:29:ea:32:a6:b1:
f8:6c:56:f0:42:7d:54:c0:36:5a:5a:42:a3:c9:05:
5c:4b:3c:1e:46:94:07:98:44:3d:9e:39:db:85:31:
2c:44:d5:29:bb:0f:ba:db:ac:c5:2c:fa:1f:63:f6:
6e:39:99:56:22:90:fd:47:5e:9e:1d:13:e0:bf:46:
39:a1:d8:86:dc:4a:d2:3b:77:62:b6:b5:9d:a3:16:
fe:f5:eb:cd:00:04:96:bd:1a:83:ab:04:41:c6:2b:
b3:47:0f:8b:a4:fc:09:7d:1f:49:b5:7c:22:c9:13:
b0:d6:ae:74:66:10:2b:0c:9c:ff:56:bb:1c:9b:16:
af:08:5c:05:05:dc:89:3e:f6:e1:d9:a9:fc:1a:c1:
02:bb:f5:01:d6:45:23:97:ae:31:09:0f:c3:ad:ea:
80:83:1a:56:9a:79:83:cf:70:f2:3d:b7:85:21:11:
df:5b:4e:b3:ca:f4:93:d9:61:ce:f0:cb:87:e2:25:
fb:67:30:b7:8c:ae:95:76:f2:e1:1c:a6:13:f8:c6:
de:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A2:32:3A:AD:75:EA:DF:FF:71:1A:5A:4B:48:91:A0:47:6F:90:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:da:55:2b:24:e5:bd:46:d1:c3:23:f8:27:57:35:27:e2:98:
cc:ee:df:c0:c7:21:1e:ce:16:dd:33:da:c2:a2:c9:c5:b0:31:
be:61:75:b0:e0:46:80:b6:a8:c2:fb:8c:c1:01:85:5f:be:ef:
77:99:cf:e4:18:f6:c9:65:69:13:a4:b4:db:9e:77:36:25:33:
2d:d0:11:5f:e3:6a:ab:24:08:44:db:f0:c9:c0:c0:f2:85:a4:
ff:80:0c:43:03:46:df:40:01:e3:ff:4a:3d:84:3b:5d:de:93:
3a:86:a6:64:47:5d:7f:b3:6c:43:8d:5c:96:51:29:45:e8:f4:
ab:c4:a2:7e:45:4f:ff:2c:86:64:75:50:bf:46:03:b4:8b:b7:
f4:2b:84:2e:b9:1a:b7:f1:ec:80:3e:b5:b3:90:0e:e5:90:1e:
9b:69:8f:ab:46:70:e7:ba:e2:98:ee:ba:65:40:36:74:d4:ac:
f4:7d:71:80:d3:51:35:31:08:d7:55:ac:d2:e9:a1:f0:45:b3:
a4:d5:62:f2:37:a7:fb:3b:83:ec:96:42:3a:60:cc:01:7f:0b:
af:c5:3d:ef:b8:1e:60:69:e6:40:c3:6a:6e:41:e0:7e:88:65:
64:25:15:b5:29:e9:77:ac:bf:dd:8c:cd:f7:a7:95:e7:5d:64:
7f:3c:95:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTUNRMisOQWGvd14DVvBE8FtlbjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkOTdkOGRiMDBjNDRjNWJmNWY2NDYyYzk5ZTBiZDJiNmFjNjYzOTZjZGI4
NjUxNDdmMTgxMGY4ZGExMDUzYTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTQRlAzBFaWxMrQglbQPaM887SGb/WqMQ67T/svODnL8yp/PUKMdAHUF4cR
I4jF67KyX0EsqynqMqax+GxW8EJ9VMA2WlpCo8kFXEs8HkaUB5hEPZ4524UxLETV
KbsPutusxSz6H2P2bjmZViKQ/Udenh0T4L9GOaHYhtxK0jt3Yra1naMW/vXrzQAE
lr0ag6sEQcYrs0cPi6T8CX0fSbV8IskTsNaudGYQKwyc/1a7HJsWrwhcBQXciT72
4dmp/BrBArv1AdZFI5euMQkPw63qgIMaVpp5g89w8j23hSER31tOs8r0k9lhzvDL
h+Il+2cwt4yulXby4RymE/jG3skCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRKojI6
rXXq3/9xGlpLSJGgR2+QuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBn2lUrJOW9RtHDI/gnVzUn4pjM7t/AxyEezhbdM9rC
osnFsDG+YXWw4EaAtqjC+4zBAYVfvu93mc/kGPbJZWkTpLTbnnc2JTMt0BFf42qr
JAhE2/DJwMDyhaT/gAxDA0bfQAHj/0o9hDtd3pM6hqZkR11/s2xDjVyWUSlF6PSr
xKJ+RU//LIZkdVC/RgO0i7f0K4QuuRq38eyAPrWzkA7lkB6baY+rRnDnuuKY7rpl
QDZ01Kz0fXGA01E1MQjXVazS6aHwRbOk1WLyN6f7O4PslkI6YMwBfwuvxT3vuB5g
aeZAw2puQeB+iGVkJRW1Kel3rL/djM33p5XnXWR/PJWS
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org