Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
File: a92f2152-65f4-45b1-b1ba-aeb6af713988.roa (raw, json)
Hash identifier: EB2BHR58tBlvf4HKbTGkqzAafmm2/DzqxvEfY+qH+AA=
Subject key identifier: BD:95:EE:DD:1C:22:2E:33:E9:C8:30:1E:C8:3A:6B:C2:44:94:40:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B56250A1531B79E47A011D2C48F21ACFDDB59C0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:56:25:0a:15:31:b7:9e:47:a0:11:d2:c4:8f:21:ac:fd:db:59:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=af86bb4829233cec4dd96fc66c672892ef9bfe7af647ca3aaf7ac94152265674, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f1:00:9f:6a:f6:c6:71:96:26:b9:f0:b5:90:
2a:f5:4c:eb:20:2d:c9:4a:44:d9:75:ab:e2:84:ff:
43:00:1e:39:44:83:aa:f9:25:8f:ca:8e:7d:66:3b:
7d:a2:ff:6f:80:73:26:ce:b1:17:88:b0:43:d1:49:
b6:95:ee:ac:1b:51:0a:07:b4:62:08:93:02:34:0c:
f3:11:9b:6a:9f:a1:53:b5:77:87:b0:47:4e:c3:14:
df:9f:53:68:20:62:1c:e9:04:5f:e5:03:ba:dc:04:
72:17:c2:9d:f2:e4:ae:2d:6f:c7:ab:ae:a0:80:30:
1a:9b:a7:e5:97:ca:8c:d1:bb:08:52:3f:1f:66:26:
40:c5:ca:42:95:25:45:7f:f8:30:8c:47:b4:a0:bc:
9a:72:7d:0f:0f:e5:9b:5f:1b:0c:f2:d5:ab:88:ea:
26:11:bf:28:91:5d:33:75:1f:92:bd:6a:97:7d:4a:
1b:6e:1d:46:28:b1:a1:43:77:08:35:42:bd:30:58:
c1:8b:b1:2f:df:fd:b3:a9:52:07:f8:e5:13:58:cb:
1d:e5:8e:e4:53:7c:f9:70:22:6b:73:25:13:79:6c:
e5:70:a4:71:fa:14:7b:b4:71:1f:e6:26:2e:75:d4:
65:7a:17:7a:3b:7d:8d:87:c4:b7:a9:14:a0:2c:ec:
19:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:95:EE:DD:1C:22:2E:33:E9:C8:30:1E:C8:3A:6B:C2:44:94:40:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a92f2152-65f4-45b1-b1ba-aeb6af713988.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.171.0/24
Signature Algorithm: sha256WithRSAEncryption
14:29:b5:37:30:d5:50:03:8b:a2:53:f7:32:cf:4d:02:de:8d:
0a:de:a0:7a:ef:db:50:cc:df:7b:fd:2a:cd:f3:11:36:f1:d9:
04:a2:ac:35:f7:d7:1c:e8:6c:e5:fb:f9:a6:4d:f9:42:d0:80:
5f:6f:22:82:dd:48:55:e6:3a:c0:7e:3a:54:65:85:71:05:00:
5b:0b:27:b0:87:7f:63:fb:a0:0f:1a:16:69:d6:29:60:89:23:
63:bf:14:90:79:60:7f:9a:4a:55:0c:28:68:3e:4c:d7:0d:e3:
65:19:c4:fd:04:a2:f2:9b:aa:ce:f3:b9:fe:d6:c4:3e:0d:cd:
a2:b8:23:b8:52:f9:ed:e9:87:c0:ad:ee:5d:bd:db:c0:73:d7:
75:a3:c4:8b:2f:dc:1c:08:3c:cd:39:2b:a7:83:05:b6:b6:36:
60:a4:f9:df:6c:56:a3:3e:90:51:69:56:70:15:b8:10:f8:62:
84:75:4c:91:d1:93:d8:49:dd:b6:fe:71:d8:a1:b7:56:cd:34:
6d:d6:76:fd:23:de:4e:87:88:59:ed:08:55:df:a8:48:01:a4:
85:90:28:f1:b0:de:66:86:f1:5a:c8:79:8f:9d:d7:6d:c6:ca:
d0:ed:28:ba:de:a9:09:fd:60:8a:c7:97:39:62:76:57:1a:85:
0c:43:0e:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUS1YlChUxt55HoBHSxI8hrP3bWcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmODZiYjQ4MjkyMzNjZWM0ZGQ5NmZjNjZjNjcyODkyZWY5YmZlN2FmNjQ3
Y2EzYWFmN2FjOTQxNTIyNjU2NzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/xAJ9q9sZxlia58LWQKvVM6yAtyUpE2XWr4oT/QwAeOUSDqvklj8qOfWY7
faL/b4BzJs6xF4iwQ9FJtpXurBtRCge0YgiTAjQM8xGbap+hU7V3h7BHTsMU359T
aCBiHOkEX+UDutwEchfCnfLkri1vx6uuoIAwGpun5ZfKjNG7CFI/H2YmQMXKQpUl
RX/4MIxHtKC8mnJ9Dw/lm18bDPLVq4jqJhG/KJFdM3Ufkr1ql31KG24dRiixoUN3
CDVCvTBYwYuxL9/9s6lSB/jlE1jLHeWO5FN8+XAia3MlE3ls5XCkcfoUe7RxH+Ym
LnXUZXoXejt9jYfEt6kUoCzsGa0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS9le7d
HCIuM+nIMB7IOmvCRJRA5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTkyZjIxNTItNjVmNC00NWIxLWIxYmEtYWViNmFmNzEzOTg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qzAN
BgkqhkiG9w0BAQsFAAOCAQEAFCm1NzDVUAOLolP3Ms9NAt6NCt6geu/bUMzfe/0q
zfMRNvHZBKKsNffXHOhs5fv5pk35QtCAX28igt1IVeY6wH46VGWFcQUAWwsnsId/
Y/ugDxoWadYpYIkjY78UkHlgf5pKVQwoaD5M1w3jZRnE/QSi8puqzvO5/tbEPg3N
orgjuFL57emHwK3uXb3bwHPXdaPEiy/cHAg8zTkrp4MFtrY2YKT532xWoz6QUWlW
cBW4EPhihHVMkdGT2Endtv5x2KG3Vs00bdZ2/SPeToeIWe0IVd+oSAGkhZAo8bDe
ZobxWsh5j53XbcbK0O0out6pCf1giseXOWJ2VxqFDEMOdA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org