Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
File: 69740d55-a842-4e2d-a267-6df47f50e20c.roa (raw, json)
Hash identifier: YUKq142rPT5rL9skd+ecayIqi1y50OLPWoY7qrI9nDk=
Subject key identifier: E9:5C:F3:B0:87:E0:26:53:BF:E9:5A:32:F8:84:78:AD:2F:AC:16:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2917096E9CB3D4B8BD9FF02FEDEE06C21A30C2F6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:17:09:6e:9c:b3:d4:b8:bd:9f:f0:2f:ed:ee:06:c2:1a:30:c2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=8a97cfd3d9a73d68000e2589195660a95d1327554afcd0e844d59017ffe2560c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:41:22:8e:46:f0:91:d7:c3:be:3d:e0:5d:6f:
4a:84:12:69:1e:30:47:b9:c3:d1:f1:e0:e6:8a:fc:
33:c4:1c:c1:d7:71:89:78:6e:f9:d7:f2:97:c4:6e:
8f:ea:6b:1e:8a:49:01:31:e7:b6:ba:08:6e:57:d9:
cb:cc:67:7c:67:d1:d5:37:8e:e7:cf:e9:59:2a:3c:
19:1f:e8:db:1f:f4:dc:6e:76:91:7d:23:97:51:ab:
56:9e:3c:56:af:68:c0:82:57:96:07:94:41:d0:15:
39:6f:47:c7:22:48:66:70:52:07:42:e4:01:df:88:
8a:20:0d:62:94:ca:93:cc:7a:ae:1a:5c:52:52:a6:
60:12:69:01:09:56:f5:e7:76:5e:5a:a0:da:6f:5e:
71:1b:7f:ba:23:23:80:2a:49:d1:be:24:88:6a:3f:
13:f0:82:23:d7:35:f8:cd:9a:5b:86:bf:f4:7c:9c:
ce:90:22:81:51:fa:f4:73:4d:b5:66:f1:e4:f0:9b:
b8:69:4f:5e:e9:af:20:3f:43:cf:3b:3d:96:ba:02:
88:c9:13:42:21:bb:fe:97:ec:9e:6d:4c:30:3d:87:
8b:02:b2:cf:f0:3c:fb:d8:c6:d2:21:22:08:5e:bd:
8c:65:29:ed:c6:14:79:85:44:aa:62:27:ad:70:1c:
b8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5C:F3:B0:87:E0:26:53:BF:E9:5A:32:F8:84:78:AD:2F:AC:16:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69740d55-a842-4e2d-a267-6df47f50e20c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:9b:3b:20:b2:43:37:d3:0f:2c:9b:88:02:8e:96:63:30:c6:
2f:c1:2d:7f:75:7d:7a:85:ac:33:1e:e2:48:9f:13:b4:ea:aa:
16:46:96:51:c3:9e:7b:bf:b3:a3:5b:b9:12:b8:18:a1:e0:0e:
5f:c4:98:b0:f4:dd:6c:40:85:58:b8:28:7e:e3:36:a6:67:5d:
e6:67:c3:57:27:cd:a1:9e:54:c2:53:6e:64:1c:a7:7b:1f:a8:
3f:18:0a:b2:8e:2c:7c:bf:80:06:32:c1:8d:24:19:7f:a2:12:
a8:97:34:4a:ea:fd:54:41:65:06:c5:d6:18:d6:84:55:8f:fa:
9d:cb:0c:8e:71:7a:1e:a0:bf:52:5b:fd:ce:d4:df:ab:c7:51:
2e:8c:19:4a:22:40:f6:bd:0a:fd:fb:9e:d0:a0:d3:f3:d1:58:
ad:6e:4b:61:f5:a4:65:b0:3c:93:6f:ec:74:5b:6e:5b:b4:93:
2c:d8:7b:3b:7a:39:4f:ee:b8:d1:b6:36:27:5d:19:98:5a:20:
a8:f2:19:20:ba:fa:52:9e:1e:80:f3:65:ca:cf:64:8a:ce:3f:
76:b5:5f:0f:7c:bb:cd:64:42:f6:e5:a5:72:a2:0d:f9:ed:a7:
91:0e:31:1e:68:17:5c:21:af:74:3c:10:0c:c5:ad:d6:08:80:
0c:57:79:8d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKRcJbpyz1Li9n/Av7e4GwhowwvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhOTdjZmQzZDlhNzNkNjgwMDBlMjU4OTE5NTY2MGE5NWQxMzI3NTU0YWZj
ZDBlODQ0ZDU5MDE3ZmZlMjU2MGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9BIo5G8JHXw7494F1vSoQSaR4wR7nD0fHg5or8M8QcwddxiXhu+dfyl8Ru
j+prHopJATHntroIblfZy8xnfGfR1TeO58/pWSo8GR/o2x/03G52kX0jl1GrVp48
Vq9owIJXlgeUQdAVOW9HxyJIZnBSB0LkAd+IiiANYpTKk8x6rhpcUlKmYBJpAQlW
9ed2Xlqg2m9ecRt/uiMjgCpJ0b4kiGo/E/CCI9c1+M2aW4a/9HyczpAigVH69HNN
tWbx5PCbuGlPXumvID9Dzzs9lroCiMkTQiG7/pfsnm1MMD2HiwKyz/A8+9jG0iEi
CF69jGUp7cYUeYVEqmInrXAcuFkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTpXPOw
h+AmU7/pWjL4hHitL6wWwTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk3NDBkNTUtYTg0Mi00ZTJkLWEyNjctNmRmNDdmNTBlMjBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAW5s7ILJDN9MPLJuIAo6WYzDGL8Etf3V9eoWsMx7i
SJ8TtOqqFkaWUcOee7+zo1u5ErgYoeAOX8SYsPTdbECFWLgofuM2pmdd5mfDVyfN
oZ5UwlNuZBynex+oPxgKso4sfL+ABjLBjSQZf6ISqJc0Sur9VEFlBsXWGNaEVY/6
ncsMjnF6HqC/Ulv9ztTfq8dRLowZSiJA9r0K/fue0KDT89FYrW5LYfWkZbA8k2/s
dFtuW7STLNh7O3o5T+640bY2J10ZmFogqPIZILr6Up4egPNlys9kis4/drVfD3y7
zWRC9uWlcqIN+e2nkQ4xHmgXXCGvdDwQDMWt1giADFd5jQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:06 2024 by rpki-client on console-fra.rpki-client.org