Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab1e8156-1e29-44e7-a78d-0697ecae5b91.roa
File: ab1e8156-1e29-44e7-a78d-0697ecae5b91.roa (raw, json)
Hash identifier: iJx0FEzOSStWwHE8biMg2LGtgVtcySfxc23RIB9yX4A=
Subject key identifier: A1:1F:E6:15:BA:E0:E9:6C:2F:73:0E:7E:9F:77:41:4A:C3:FE:E2:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38585584999F80106349F063329BB0CFBAF62E14
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab1e8156-1e29-44e7-a78d-0697ecae5b91.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:58:55:84:99:9f:80:10:63:49:f0:63:32:9b:b0:cf:ba:f6:2e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=3b4ce16b6de97c4e1a78caa9a582789e2410cbf33cba6859d48d9c8572778c44, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:05:f5:54:ba:b6:f6:fe:52:e1:da:e6:dc:fa:
4b:76:76:99:b6:e0:02:c0:a1:6b:dc:c1:3e:f5:ec:
6f:25:bd:e7:90:2e:43:e7:cf:0b:e3:d9:a9:ad:b0:
82:08:53:8b:b8:72:e3:15:f5:26:3f:b7:bb:72:75:
5f:3d:04:67:7f:66:71:4f:cf:de:b4:06:3c:13:0a:
07:c3:67:83:14:ed:ae:27:b4:a6:49:53:0b:2c:4f:
db:d4:cb:70:4f:26:98:11:83:69:b7:2d:33:c7:6f:
fb:17:ea:5d:6d:b7:78:5e:2e:19:28:5e:47:e5:db:
00:c4:df:d7:94:cb:aa:bb:8e:5a:91:8b:3e:68:c2:
5b:c1:5e:d2:10:51:ca:33:8e:57:bd:a7:b0:28:47:
cf:ec:e9:0e:3e:c9:52:e3:7e:1c:b2:23:02:be:64:
ef:7c:5a:a5:41:71:96:ac:8e:bf:73:0e:a4:c4:f0:
67:fa:0d:fb:b6:36:6a:94:b4:f4:81:92:46:d9:8d:
07:a2:fa:45:52:4e:28:41:ae:2a:2c:6a:ae:c6:ed:
a6:c8:45:98:01:f3:63:1b:d7:5b:47:ad:55:41:f1:
9b:74:69:f0:a0:18:11:14:a5:c8:e7:3b:1a:c8:cc:
e2:c0:54:dc:99:49:0c:a3:52:8e:35:59:2a:52:7b:
97:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1F:E6:15:BA:E0:E9:6C:2F:73:0E:7E:9F:77:41:4A:C3:FE:E2:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ab1e8156-1e29-44e7-a78d-0697ecae5b91.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e1:74:2d:45:62:d4:be:68:5d:e7:b6:7b:09:1c:1d:2e:30:
f7:c5:4d:32:1d:19:8e:dc:54:bd:7a:6d:1c:1f:2e:6b:21:e8:
6f:e9:c6:3b:1f:7d:1a:84:39:45:4b:36:f4:0d:60:27:ed:7d:
07:bc:68:78:a0:3a:77:cd:20:b6:b0:c7:e2:51:f2:b2:dc:70:
9d:24:0e:40:22:b9:a2:31:aa:5c:4e:c0:1e:2b:5b:08:cf:e2:
5e:4b:81:55:cc:86:0a:4c:65:56:8b:c4:97:87:06:05:44:52:
e0:2f:05:19:98:41:3e:93:8a:a3:9d:95:1d:f2:6e:6d:ad:e0:
4a:d2:ef:74:7e:e3:6b:8a:41:01:f6:a5:3c:4a:6c:95:d5:b7:
cf:04:25:25:89:62:16:41:31:0e:71:6b:60:c4:ab:a1:6f:89:
70:e0:12:8f:b1:f9:28:74:f8:e6:87:b2:39:2c:89:2f:27:c9:
37:3e:20:b8:cc:b4:51:e6:96:1d:f5:5b:e7:e2:8e:69:0e:78:
51:c2:7d:2d:90:54:1f:75:e9:a1:03:d1:a2:e0:1e:07:4b:19:
f3:c0:1f:9b:00:59:a8:b8:f7:a2:97:92:2d:0b:fe:d7:d7:f3:
6b:5f:15:92:73:5f:e6:32:41:95:4d:76:71:20:1c:6a:ab:16:
69:08:0c:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOFhVhJmfgBBjSfBjMpuwz7r2LhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiNGNlMTZiNmRlOTdjNGUxYTc4Y2FhOWE1ODI3ODllMjQxMGNiZjMzY2Jh
Njg1OWQ0OGQ5Yzg1NzI3NzhjNDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoF9VS6tvb+UuHa5tz6S3Z2mbbgAsCha9zBPvXsbyW955AuQ+fPC+PZqa2w
gghTi7hy4xX1Jj+3u3J1Xz0EZ39mcU/P3rQGPBMKB8NngxTtrie0pklTCyxP29TL
cE8mmBGDabctM8dv+xfqXW23eF4uGSheR+XbAMTf15TLqruOWpGLPmjCW8Fe0hBR
yjOOV72nsChHz+zpDj7JUuN+HLIjAr5k73xapUFxlqyOv3MOpMTwZ/oN+7Y2apS0
9IGSRtmNB6L6RVJOKEGuKixqrsbtpshFmAHzYxvXW0etVUHxm3Rp8KAYERSlyOc7
GsjM4sBU3JlJDKNSjjVZKlJ7l4sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBShH+YV
uuDpbC9zDn6fd0FKw/7izjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWIxZTgxNTYtMWUyOS00NGU3LWE3OGQtMDY5N2VjYWU1YjkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAguF0LUVi1L5oXee2ewkcHS4w98VNMh0ZjtxUvXpt
HB8uayHob+nGOx99GoQ5RUs29A1gJ+19B7xoeKA6d80gtrDH4lHystxwnSQOQCK5
ojGqXE7AHitbCM/iXkuBVcyGCkxlVovEl4cGBURS4C8FGZhBPpOKo52VHfJuba3g
StLvdH7ja4pBAfalPEpsldW3zwQlJYliFkExDnFrYMSroW+JcOASj7H5KHT45oey
OSyJLyfJNz4guMy0UeaWHfVb5+KOaQ54UcJ9LZBUH3XpoQPRouAeB0sZ88AfmwBZ
qLj3opeSLQv+19fza18VknNf5jJBlU12cSAcaqsWaQgMmA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org