Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
File: 5bf13655-f776-45ba-8cff-e3d853dce89d.roa (raw, json)
Hash identifier: mdUqlN9T+ScahgoeFK/SmOh2iq2GLB2RFz/mZCCaZ3E=
Subject key identifier: 0B:AF:77:51:97:07:1F:80:1A:96:5F:20:BA:72:6A:12:70:F7:AA:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E4901D464FC5B4C4188DCC128F02F6FD953463C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:49:01:d4:64:fc:5b:4c:41:88:dc:c1:28:f0:2f:6f:d9:53:46:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=a705450520ea9048c4afbaad4a4b0a9dcade5d80f4451f91648ce4802eef465c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4a:cc:3a:06:18:00:60:53:ef:0d:8a:6f:2d:
a6:fa:01:5d:cc:68:36:20:df:2c:c6:19:74:d2:d6:
2a:c7:76:e1:73:4c:e6:3a:e3:29:a1:88:9d:53:39:
de:5c:19:e7:13:f4:38:a3:69:a3:6d:f8:5f:81:97:
40:09:ea:cd:4d:2b:26:cb:fc:87:ad:34:4b:8d:c0:
14:b9:58:61:80:1d:a4:d1:38:68:b5:51:71:66:4e:
55:0d:0b:7e:66:e1:81:d0:bc:0d:96:ae:75:28:44:
fd:08:a4:af:b5:cd:ef:cd:75:8a:1b:c5:4a:02:a2:
d9:d7:c3:ff:6a:a4:39:90:45:7b:9a:c8:d0:8e:fe:
82:1f:9c:5d:0b:f9:fe:aa:40:6b:96:f0:66:f0:29:
13:07:7b:c1:10:f3:6c:2e:d5:cf:85:be:da:0a:50:
a2:64:ac:31:8d:a6:31:88:b5:52:be:12:e5:87:0e:
c2:40:e4:21:9a:28:32:91:23:95:25:70:1e:55:17:
ef:26:df:d3:52:5b:31:12:8e:eb:1a:9d:78:6e:e7:
79:95:31:35:ed:7c:52:1e:e1:e2:0b:ba:ca:90:70:
6b:45:8f:9f:d8:3a:99:51:10:95:8d:87:12:0e:ee:
95:ff:7a:77:93:c1:3b:00:94:08:b1:61:8c:ab:bf:
c3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AF:77:51:97:07:1F:80:1A:96:5F:20:BA:72:6A:12:70:F7:AA:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bf13655-f776-45ba-8cff-e3d853dce89d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:f1:6f:c2:d2:b6:85:7e:d9:21:90:b9:f5:e0:fc:a7:0f:ca:
24:f8:32:2a:94:ec:84:2e:b9:46:e3:1c:f7:36:6b:00:ad:5e:
05:8f:f6:1e:d1:9a:bb:9a:b3:ec:53:8f:06:73:d7:0e:4f:79:
8b:49:2d:43:67:70:62:70:07:fe:c3:21:93:2f:d9:e6:e8:0a:
2d:2a:9a:7c:08:94:51:95:1d:ae:44:e2:62:80:d8:d6:cb:44:
d4:d5:00:4c:5a:f1:d1:50:a1:2b:e1:d0:03:9a:3a:1f:d2:1e:
a2:30:2e:5d:39:4e:ba:b1:f6:16:77:da:86:72:58:8a:c9:49:
91:71:07:7b:88:d2:d0:18:d4:07:90:19:eb:4b:d1:f5:04:88:
ea:95:20:17:80:45:22:fa:30:60:f3:ee:a9:03:de:8f:7f:f1:
79:af:82:64:e1:eb:8e:3b:c8:2a:84:46:ed:eb:ec:68:21:ab:
b1:b6:3b:26:74:76:d9:37:72:8b:67:76:b4:28:40:ab:24:fc:
07:73:0e:e9:9d:f4:f9:3c:37:a9:6f:c3:70:61:09:ff:71:8e:
1c:28:cc:7f:2d:1a:05:4e:6f:8e:b8:f4:59:72:ca:be:52:11:
f6:d5:88:e6:2a:ca:79:4a:0d:38:5a:7e:74:54:d8:56:55:05:
f1:0c:74:85
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfkkB1GT8W0xBiNzBKPAvb9lTRjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3MDU0NTA1MjBlYTkwNDhjNGFmYmFhZDRhNGIwYTlkY2FkZTVkODBmNDQ1
MWY5MTY0OGNlNDgwMmVlZjQ2NWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJKzDoGGABgU+8Nim8tpvoBXcxoNiDfLMYZdNLWKsd24XNM5jrjKaGInVM5
3lwZ5xP0OKNpo234X4GXQAnqzU0rJsv8h600S43AFLlYYYAdpNE4aLVRcWZOVQ0L
fmbhgdC8DZaudShE/Qikr7XN7811ihvFSgKi2dfD/2qkOZBFe5rI0I7+gh+cXQv5
/qpAa5bwZvApEwd7wRDzbC7Vz4W+2gpQomSsMY2mMYi1Ur4S5YcOwkDkIZooMpEj
lSVwHlUX7ybf01JbMRKO6xqdeG7neZUxNe18Uh7h4gu6ypBwa0WPn9g6mVEQlY2H
Eg7ulf96d5PBOwCUCLFhjKu/w1ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQLr3dR
lwcfgBqWXyC6cmoScPeq5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWJmMTM2NTUtZjc3Ni00NWJhLThjZmYtZTNkODUzZGNlODlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAoPFvwtK2hX7ZIZC59eD8pw/KJPgyKpTshC65RuMc
9zZrAK1eBY/2HtGau5qz7FOPBnPXDk95i0ktQ2dwYnAH/sMhky/Z5ugKLSqafAiU
UZUdrkTiYoDY1stE1NUATFrx0VChK+HQA5o6H9IeojAuXTlOurH2FnfahnJYislJ
kXEHe4jS0BjUB5AZ60vR9QSI6pUgF4BFIvowYPPuqQPej3/xea+CZOHrjjvIKoRG
7evsaCGrsbY7JnR22Tdyi2d2tChAqyT8B3MO6Z30+Tw3qW/DcGEJ/3GOHCjMfy0a
BU5vjrj0WXLKvlIR9tWI5irKeUoNOFp+dFTYVlUF8Qx0hQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org