Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: Jd8cUwOjGC+Mm6yDrJALLOr3kb2CFOC5/j2cw2OPccU=
Subject key identifier: 3F:6F:BB:D8:1E:2B:25:32:A6:0D:08:63:59:23:EC:FD:44:7D:26:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B6C41E1F180F5AABEDF9EF4B4390E2FAA005F68
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:6c:41:e1:f1:80:f5:aa:be:df:9e:f4:b4:39:0e:2f:aa:00:5f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=3e7f199a34bca1ec4c34d87ebdb5ebb2ed8f7c8be250a9311ca363db1ca86915, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:3a:52:13:20:4b:44:52:f5:8a:88:75:3e:
77:25:fd:bd:55:75:6f:8c:b7:16:19:3f:29:5a:ab:
41:4a:2a:34:e1:f3:5c:db:9a:a9:6a:38:3e:3d:4a:
8d:2e:c7:3c:86:30:a8:33:18:2d:ac:f4:2d:03:09:
28:0e:54:ca:cb:66:da:11:15:a1:80:37:87:2e:8c:
8e:0e:49:f8:0f:1b:94:d3:87:6a:9b:34:fa:19:ac:
94:dd:4d:53:aa:2f:ac:b3:5e:a5:11:51:50:41:01:
2b:63:d1:70:e0:61:dc:ba:d1:f7:82:b9:15:2a:c9:
93:63:d5:b2:78:3d:35:c9:47:5e:fe:4e:ab:8b:15:
4b:d3:77:c7:1c:96:b8:4b:2f:ff:5f:14:27:88:1c:
a6:61:56:51:56:a5:e0:ab:76:0b:38:6d:3e:03:85:
c2:7a:93:58:f7:77:00:8b:50:d6:cc:ee:57:80:d1:
38:91:15:df:f9:67:fc:df:78:1b:5b:7a:76:98:34:
af:e7:a5:a3:83:90:de:7e:91:0f:12:4b:fc:6f:73:
93:d2:31:cc:ac:3e:2a:40:54:9c:22:a5:7d:f3:8b:
b2:6b:6a:cf:5d:58:c5:91:56:35:d5:46:f0:a2:23:
50:27:c5:f8:45:66:54:59:fc:90:01:ac:30:8a:05:
e0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6F:BB:D8:1E:2B:25:32:A6:0D:08:63:59:23:EC:FD:44:7D:26:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
62:cf:e5:dd:f3:a7:52:8d:c2:f1:ee:6c:8d:cb:91:59:47:94:
d2:99:5b:3a:ef:87:b4:f5:12:76:85:dc:b7:eb:a8:69:a2:5c:
76:5a:23:b8:9c:81:99:ef:a4:71:c1:ab:7f:81:74:ac:f0:f5:
6f:8c:f0:b1:04:1a:af:31:c6:dd:fe:b5:3b:a1:56:d6:04:6b:
c9:85:02:d9:ff:41:b2:56:96:4d:aa:f7:e4:04:7d:9f:5d:72:
c3:86:e0:cb:a3:d2:a7:88:35:d5:28:42:48:41:ff:9e:e4:52:
d7:46:52:d9:eb:5d:16:58:48:c7:95:3b:35:53:55:5c:dd:94:
36:0f:93:1b:b1:38:6c:5f:81:30:67:ab:49:b0:61:a2:a9:51:
33:97:27:4b:fa:11:8c:fa:26:cd:34:75:96:d2:fd:21:04:a2:
29:23:c1:e9:9b:1d:ca:54:e4:a3:3a:0b:55:e0:ae:78:f8:cc:
c6:10:15:48:73:71:5c:e7:ea:89:c0:4a:0c:79:cb:84:91:0d:
1a:de:c8:32:6a:d2:a6:40:9a:ea:38:1d:e0:7b:fd:fd:59:75:
cc:48:af:b0:24:ad:13:cf:79:e6:97:e6:b2:53:a1:ee:20:8b:
4f:88:80:a4:b0:96:f2:a8:d1:66:db:68:da:07:32:c8:4e:8c:
34:8b:f3:92
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUa2xB4fGA9aq+3570tDkOL6oAX2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlN2YxOTlhMzRiY2ExZWM0YzM0ZDg3ZWJkYjVlYmIyZWQ4ZjdjOGJlMjUw
YTkzMTFjYTM2M2RiMWNhODY5MTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANW6OlITIEtEUvWKiHU+dyX9vVV1b4y3Fhk/KVqrQUoqNOHzXNuaqWo4Pj1K
jS7HPIYwqDMYLaz0LQMJKA5Uystm2hEVoYA3hy6Mjg5J+A8blNOHaps0+hmslN1N
U6ovrLNepRFRUEEBK2PRcOBh3LrR94K5FSrJk2PVsng9NclHXv5Oq4sVS9N3xxyW
uEsv/18UJ4gcpmFWUVal4Kt2CzhtPgOFwnqTWPd3AItQ1szuV4DROJEV3/ln/N94
G1t6dpg0r+elo4OQ3n6RDxJL/G9zk9IxzKw+KkBUnCKlffOLsmtqz11YxZFWNdVG
8KIjUCfF+EVmVFn8kAGsMIoF4MsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ/b7vY
HislMqYNCGNZI+z9RH0mljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAYs/l3fOnUo3C8e5sjcuRWUeU0plbOu+HtPUSdoXc
t+uoaaJcdlojuJyBme+kccGrf4F0rPD1b4zwsQQarzHG3f61O6FW1gRryYUC2f9B
slaWTar35AR9n11yw4bgy6PSp4g11ShCSEH/nuRS10ZS2etdFlhIx5U7NVNVXN2U
Ng+TG7E4bF+BMGerSbBhoqlRM5cnS/oRjPomzTR1ltL9IQSiKSPB6ZsdylTkozoL
VeCuePjMxhAVSHNxXOfqicBKDHnLhJENGt7IMmrSpkCa6jgd4Hv9/Vl1zEivsCSt
E8955pfmslOh7iCLT4iApLCW8qjRZtto2gcyyE6MNIvzkg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org