Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: biFZuPqOT9qommq5U1nGkswf6TwanfMKd1OxMvbY9vs=
Subject key identifier: 10:ED:78:E7:12:13:49:2B:5B:83:F4:7B:3D:CF:F9:62:F0:B1:D7:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A3152E32EBAC671BCD16EAC14C678F24AF4DDB4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:31:52:e3:2e:ba:c6:71:bc:d1:6e:ac:14:c6:78:f2:4a:f4:dd:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=8f8a49ce652f3d03f9ad38380e06fa857d2f1d793a59e4a352164f18080549f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ab:0b:c0:b3:3a:17:2a:94:5f:5a:b4:6a:27:
91:7a:75:46:c8:94:a5:21:12:80:b9:6e:61:56:72:
82:3c:d9:70:1b:c1:9d:7b:85:17:fc:eb:bd:c2:9d:
bc:91:45:0e:7f:21:d9:a7:3a:8b:44:1c:c8:c6:5f:
70:29:a7:c8:dc:b9:eb:be:3e:46:0a:27:a8:1e:29:
e2:07:47:f5:9a:a7:d6:e9:15:40:c0:4d:68:9a:81:
3b:67:91:57:e7:21:72:26:13:65:29:d6:83:1a:6d:
4c:b6:76:bd:71:9e:b6:8b:bb:6b:67:e7:55:d4:5f:
49:d6:21:48:8f:f3:6d:cf:e1:42:82:22:68:7f:4b:
7b:8f:ee:bb:61:5d:69:fc:5e:29:45:cb:38:ae:f1:
f7:1b:75:6f:3a:a1:49:7b:02:8f:99:66:00:93:5f:
0b:5e:6e:e5:09:1f:f6:16:93:65:dd:a2:1e:86:f1:
3e:54:48:6d:d4:8c:0d:35:3e:e0:05:16:1a:11:93:
e8:0c:a7:a6:e5:99:4e:01:3c:5f:f9:ea:70:82:31:
c4:10:b1:57:67:de:48:b6:a6:03:8f:9a:cf:4d:56:
ca:e2:7b:3f:6c:12:7e:fa:e9:15:43:0d:a6:4c:09:
d1:62:4a:a9:d1:b0:c8:3c:21:7c:0f:7e:71:ae:03:
74:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:ED:78:E7:12:13:49:2B:5B:83:F4:7B:3D:CF:F9:62:F0:B1:D7:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8b:70:a2:3a:66:36:1f:02:58:d3:a5:5f:89:aa:40:03:c1:31:
13:bf:7a:a6:d0:6c:d0:01:8b:a7:b1:a6:f5:98:2f:32:01:59:
da:65:fc:f5:d7:be:3b:cd:7f:5b:ed:21:42:b3:8f:eb:ac:90:
71:c0:38:96:88:85:9c:a1:15:ed:35:4d:3c:ec:b0:52:73:42:
57:b8:d8:8c:7c:0c:7b:50:f9:7f:cd:20:b2:21:51:79:8b:cb:
35:c6:ec:51:d4:53:64:f4:4a:de:a5:a3:93:30:06:4a:75:f4:
08:fc:f2:b5:99:5b:2c:7e:0c:c4:b3:80:4f:9c:f2:45:91:60:
c0:e4:9e:bd:11:66:12:9c:22:5a:5d:93:81:e6:27:fb:a6:60:
e4:3a:ef:9a:72:28:3f:a8:5b:43:33:13:9b:20:3b:54:bf:70:
3e:57:d9:a2:18:83:a8:c3:72:46:99:69:17:a7:f6:81:8c:a5:
03:00:0d:47:b6:35:65:19:a4:87:34:21:e4:6b:76:18:46:79:
14:4d:fc:c4:54:f2:8c:ae:1a:16:e3:be:3a:bd:47:be:9d:f7:
75:6e:b8:e9:e4:f3:55:ee:e2:9a:80:d0:41:58:b9:9f:66:26:
7c:90:d1:e2:80:8f:e5:5c:4c:7e:fb:8e:9a:24:45:99:ef:28:
6b:57:63:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCjFS4y66xnG80W6sFMZ48kr03bQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmOGE0OWNlNjUyZjNkMDNmOWFkMzgzODBlMDZmYTg1N2QyZjFkNzkzYTU5
ZTRhMzUyMTY0ZjE4MDgwNTQ5ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCrC8CzOhcqlF9atGonkXp1RsiUpSESgLluYVZygjzZcBvBnXuFF/zrvcKd
vJFFDn8h2ac6i0QcyMZfcCmnyNy5674+RgonqB4p4gdH9Zqn1ukVQMBNaJqBO2eR
V+chciYTZSnWgxptTLZ2vXGetou7a2fnVdRfSdYhSI/zbc/hQoIiaH9Le4/uu2Fd
afxeKUXLOK7x9xt1bzqhSXsCj5lmAJNfC15u5Qkf9haTZd2iHobxPlRIbdSMDTU+
4AUWGhGT6AynpuWZTgE8X/nqcIIxxBCxV2feSLamA4+az01WyuJ7P2wSfvrpFUMN
pkwJ0WJKqdGwyDwhfA9+ca4DdDECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQ7Xjn
EhNJK1uD9Hs9z/li8LHXTzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQCLcKI6ZjYfAljTpV+JqkADwTETv3qm0GzQAYunsab1
mC8yAVnaZfz11747zX9b7SFCs4/rrJBxwDiWiIWcoRXtNU087LBSc0JXuNiMfAx7
UPl/zSCyIVF5i8s1xuxR1FNk9ErepaOTMAZKdfQI/PK1mVssfgzEs4BPnPJFkWDA
5J69EWYSnCJaXZOB5if7pmDkOu+acig/qFtDMxObIDtUv3A+V9miGIOow3JGmWkX
p/aBjKUDAA1HtjVlGaSHNCHka3YYRnkUTfzEVPKMrhoW4746vUe+nfd1brjp5PNV
7uKagNBBWLmfZiZ8kNHigI/lXEx++46aJEWZ7yhrV2Ph
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org