Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
File: 6983da84-161e-42b3-9b20-728d967cf78a.roa (raw, json)
Hash identifier: 1HkwwlLIKl9eutiwSUX+PQ8VGaKuVlYvcxRJllUzwZk=
Subject key identifier: 27:8B:80:8A:32:C0:0E:BC:9C:B0:6B:D8:2F:82:C3:8A:76:26:87:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 088A4388E22FA18769D36251BCF37B2D4AE7F845
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:8a:43:88:e2:2f:a1:87:69:d3:62:51:bc:f3:7b:2d:4a:e7:f8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9b0ca157828ca2d815a8e43e016f878c2211a81cc77abce53a455f79a35f00aa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:82:67:c7:83:0e:a4:d8:91:4a:78:9e:92:f5:
64:ee:2c:05:f0:d5:75:ed:1e:3e:9d:ac:56:0c:3a:
0d:1a:6f:76:5b:e1:86:64:d9:19:02:f4:7c:0a:01:
a2:f9:5b:b7:e6:9f:7e:83:a5:a5:a8:6c:d9:cf:61:
82:db:f9:8b:ce:28:12:cb:44:34:98:38:18:d0:bd:
03:f7:e7:a8:f2:47:cb:80:4f:ec:9d:17:2a:c8:1c:
8e:26:16:66:86:55:9a:4d:e7:2f:54:b4:7b:ac:e1:
71:f1:b0:e3:8d:9b:08:14:8b:19:cd:83:f1:06:86:
e1:9d:50:08:c2:04:86:b4:9d:63:b3:4c:ee:9a:f1:
3e:06:21:e0:b3:17:66:ac:0b:a5:88:2e:b8:a5:95:
7d:95:f8:42:38:37:e4:b9:eb:97:f4:8b:60:46:15:
04:26:b2:9e:dc:25:44:8e:96:b9:c3:47:c5:c6:c3:
9c:de:5a:c2:34:de:40:7a:e2:03:60:f3:bc:57:ed:
ce:6e:ae:e7:c0:93:9d:d1:a3:80:a0:fb:56:49:b6:
a0:99:1a:e1:e5:5e:3a:7f:25:cb:9d:5a:0e:26:34:
04:a9:d4:b4:95:72:58:27:f7:b5:5e:4b:5c:dc:ce:
a3:ac:4d:28:8b:c9:da:a8:02:7c:13:0c:af:0e:56:
e0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8B:80:8A:32:C0:0E:BC:9C:B0:6B:D8:2F:82:C3:8A:76:26:87:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6983da84-161e-42b3-9b20-728d967cf78a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:28:a7:42:a3:a7:aa:91:90:ca:6d:53:34:80:67:f1:30:53:
a2:f4:30:24:3a:6e:cf:fa:32:fd:9f:63:c7:74:31:3e:c6:83:
3c:d7:ef:81:f3:33:c8:ff:26:87:ec:15:68:b3:8a:6f:4f:91:
89:6e:66:8d:0a:e3:c6:99:3e:0e:93:f5:73:12:52:c7:62:2b:
54:fe:81:4f:60:1c:16:de:40:a0:6c:da:b1:71:43:40:9e:dc:
67:b6:a5:45:5a:a3:8f:bd:f9:d8:0a:0a:bf:ce:ef:1d:a1:15:
ca:31:d3:28:05:c7:62:8b:8c:b3:79:ae:60:79:ba:c8:8e:50:
9b:d6:33:83:d9:7e:23:fa:27:08:29:62:f7:e0:25:93:a7:7d:
07:7d:ef:08:a4:f8:cf:aa:de:a8:2a:1e:5a:2f:65:99:ce:5a:
47:bf:75:29:ed:36:64:b6:6c:59:14:29:66:a3:f9:4a:15:b1:
2e:0a:62:9e:32:4c:9a:ea:b7:03:89:81:6c:d4:f9:c6:f8:04:
bf:31:c7:fb:a1:dc:a5:c6:1a:c0:8f:60:e0:3a:49:db:1b:c1:
36:0c:62:e6:03:a6:67:d4:b3:b8:a3:52:e3:1d:3a:79:d2:bd:
95:8a:28:37:96:41:05:45:21:52:83:4c:0b:87:cf:e0:3d:75:
d8:c0:e6:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCIpDiOIvoYdp02JRvPN7LUrn+EUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMGNhMTU3ODI4Y2EyZDgxNWE4ZTQzZTAxNmY4NzhjMjIxMWE4MWNjNzdh
YmNlNTNhNDU1Zjc5YTM1ZjAwYWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2CZ8eDDqTYkUp4npL1ZO4sBfDVde0ePp2sVgw6DRpvdlvhhmTZGQL0fAoB
ovlbt+affoOlpahs2c9hgtv5i84oEstENJg4GNC9A/fnqPJHy4BP7J0XKsgcjiYW
ZoZVmk3nL1S0e6zhcfGw442bCBSLGc2D8QaG4Z1QCMIEhrSdY7NM7prxPgYh4LMX
ZqwLpYguuKWVfZX4Qjg35Lnrl/SLYEYVBCayntwlRI6WucNHxcbDnN5awjTeQHri
A2DzvFftzm6u58CTndGjgKD7Vkm2oJka4eVeOn8ly51aDiY0BKnUtJVyWCf3tV5L
XNzOo6xNKIvJ2qgCfBMMrw5W4BcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQni4CK
MsAOvJywa9gvgsOKdiaH9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk4M2RhODQtMTYxZS00MmIzLTliMjAtNzI4ZDk2N2NmNzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQBdKKdCo6eqkZDKbVM0gGfxMFOi9DAkOm7P+jL9n2PH
dDE+xoM81++B8zPI/yaH7BVos4pvT5GJbmaNCuPGmT4Ok/VzElLHYitU/oFPYBwW
3kCgbNqxcUNAntxntqVFWqOPvfnYCgq/zu8doRXKMdMoBcdii4yzea5gebrIjlCb
1jOD2X4j+icIKWL34CWTp30Hfe8IpPjPqt6oKh5aL2WZzlpHv3Up7TZktmxZFClm
o/lKFbEuCmKeMkya6rcDiYFs1PnG+AS/Mcf7odylxhrAj2DgOknbG8E2DGLmA6Zn
1LO4o1LjHTp50r2Viig3lkEFRSFSg0wLh8/gPXXYwOa+
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org