Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8184de91-4284-44f8-acc1-0d319b511ea5.roa
File: 8184de91-4284-44f8-acc1-0d319b511ea5.roa (raw, json)
Hash identifier: Ox1acuOIAgf+bORp4D1TLpb2zhaX4w739WLi0B30Fes=
Subject key identifier: CE:87:A0:65:47:95:7E:30:59:F3:FF:16:68:A5:A2:B6:FB:13:22:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7483ECAE0D5BD9EC63FC7A09BE685435E7BB9E77
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8184de91-4284-44f8-acc1-0d319b511ea5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:83:ec:ae:0d:5b:d9:ec:63:fc:7a:09:be:68:54:35:e7:bb:9e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d0616baa22e6c5b455b8d642acf7899cc0ff5155082d8443e1bb70220fa4cda4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:26:ad:7f:86:a9:d1:cd:4d:0a:b4:87:8c:9b:
38:02:39:e9:6d:6a:c6:de:b1:54:91:2a:35:d7:b9:
7c:04:b8:7f:de:8a:a3:9d:3f:60:b3:c3:c1:22:f9:
13:94:2e:9f:82:03:87:24:29:c2:db:77:24:8c:7a:
62:48:e6:69:d5:de:99:7f:0d:60:08:6f:37:64:6b:
cc:c2:3f:0d:d7:4e:7b:c9:c6:fc:41:5c:f8:4b:f7:
fa:ac:b7:d0:f9:35:68:8a:52:bb:88:80:77:e5:b7:
65:71:e3:01:b3:4d:91:73:e8:53:2c:a2:c4:bd:ca:
2f:cf:87:da:8d:fd:02:69:79:71:32:86:a7:9f:cc:
e2:2b:93:ce:30:a2:cc:e5:a5:30:56:e7:83:34:12:
90:5d:1b:dd:f6:f5:a1:da:2d:1a:2e:74:b4:03:e1:
43:e0:2c:6c:c7:5e:42:84:17:2d:2d:45:9e:f7:53:
d2:2e:ed:9c:11:4a:91:60:5e:7c:3e:d9:d3:f0:d5:
7c:e6:d5:aa:e4:a1:c1:c6:91:d0:b6:96:4d:44:8e:
73:63:4a:43:d2:85:ac:54:e0:df:fe:47:f2:00:ad:
b9:6a:4b:b7:4a:e1:48:09:00:eb:a7:8f:c8:5f:b4:
5e:c6:93:8a:0d:ba:96:43:c5:d3:24:fa:4c:e3:52:
19:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:87:A0:65:47:95:7E:30:59:F3:FF:16:68:A5:A2:B6:FB:13:22:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8184de91-4284-44f8-acc1-0d319b511ea5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
73:dd:1e:f4:f1:c7:14:c9:55:bc:f1:58:d7:5b:74:d4:e4:3d:
5c:c0:1d:d3:a5:73:63:3b:c2:55:82:2e:a0:05:18:0a:5f:8a:
97:10:d2:bb:3e:6b:da:a2:b8:97:cf:c1:77:97:1c:5f:ab:f0:
58:21:fe:ad:df:dc:45:0b:61:44:39:39:dd:c3:e9:ff:a2:a7:
d1:67:dc:43:9e:80:71:93:6a:2a:30:0e:55:d0:a1:ef:19:55:
db:76:91:60:6d:20:39:20:4c:37:d5:fe:ce:62:d4:23:be:35:
83:ab:f6:8f:d0:18:d2:22:22:e5:f8:b5:b0:b8:ff:05:b7:99:
e5:a5:48:6e:b2:09:8d:b9:35:17:4a:b1:e5:79:5e:0a:57:b4:
b8:75:bc:0b:23:1d:5e:b4:88:6d:8c:39:94:ec:ad:21:79:18:
72:63:3e:e0:88:95:26:3f:d9:9b:ea:dc:e4:bb:56:98:0b:c9:
6b:ad:fd:d8:71:92:fe:6e:45:bf:ad:28:7d:35:d6:71:1a:e5:
36:29:90:02:b4:18:0a:a5:98:0b:65:41:33:28:96:74:62:bf:
58:53:96:dd:34:be:fe:82:b6:9d:9e:e0:f4:ad:47:83:d0:63:
28:89:46:7f:70:88:37:9e:c4:7e:37:fa:39:90:27:25:01:72:
dd:99:07:e6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdIPsrg1b2exj/HoJvmhUNee7nncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNjE2YmFhMjJlNmM1YjQ1NWI4ZDY0MmFjZjc4OTljYzBmZjUxNTUwODJk
ODQ0M2UxYmI3MDIyMGZhNGNkYTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALImrX+GqdHNTQq0h4ybOAI56W1qxt6xVJEqNde5fAS4f96Ko50/YLPDwSL5
E5Qun4IDhyQpwtt3JIx6YkjmadXemX8NYAhvN2RrzMI/DddOe8nG/EFc+Ev3+qy3
0Pk1aIpSu4iAd+W3ZXHjAbNNkXPoUyyixL3KL8+H2o39Aml5cTKGp5/M4iuTzjCi
zOWlMFbngzQSkF0b3fb1odotGi50tAPhQ+AsbMdeQoQXLS1FnvdT0i7tnBFKkWBe
fD7Z0/DVfObVquShwcaR0LaWTUSOc2NKQ9KFrFTg3/5H8gCtuWpLt0rhSAkA66eP
yF+0XsaTig26lkPF0yT6TONSGSECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTOh6Bl
R5V+MFnz/xZopaK2+xMiZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODE4NGRlOTEtNDI4NC00NGY4LWFjYzEtMGQzMTliNTExZWE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAc90e9PHHFMlVvPFY11t01OQ9XMAd06VzYzvCVYIu
oAUYCl+KlxDSuz5r2qK4l8/Bd5ccX6vwWCH+rd/cRQthRDk53cPp/6Kn0WfcQ56A
cZNqKjAOVdCh7xlV23aRYG0gOSBMN9X+zmLUI741g6v2j9AY0iIi5fi1sLj/BbeZ
5aVIbrIJjbk1F0qx5XleCle0uHW8CyMdXrSIbYw5lOytIXkYcmM+4IiVJj/Zm+rc
5LtWmAvJa6392HGS/m5Fv60ofTXWcRrlNimQArQYCqWYC2VBMyiWdGK/WFOW3TS+
/oK2nZ7g9K1Hg9BjKIlGf3CIN57Efjf6OZAnJQFy3ZkH5g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org