Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/adc1220c-3515-4928-b808-ab48f97a186c.roa
File: adc1220c-3515-4928-b808-ab48f97a186c.roa (raw, json)
Hash identifier: K0qWKARg/RHDicA4Az+qjiRWyS0wS5kP/y6zvIsDbl4=
Subject key identifier: 9F:E4:D2:3A:32:8B:BE:9B:49:13:23:47:7C:41:83:DA:5A:32:7A:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D34C3790BB3929913B0C632B99CFFF2364F59CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/adc1220c-3515-4928-b808-ab48f97a186c.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:34:c3:79:0b:b3:92:99:13:b0:c6:32:b9:9c:ff:f2:36:4f:59:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=f99dba0d31ea22de2108fd12b2287855fa1a8ee873cfbecd1d4bddbe9af1e5f7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:14:2e:68:95:32:92:3b:bb:2d:4f:47:35:39:
c0:a6:c5:4a:bd:66:fc:a0:22:81:fc:2d:05:7a:a4:
d3:fa:2d:c2:d7:5c:f1:94:c5:d8:86:e5:27:d2:af:
5f:1b:16:81:c5:36:b0:cf:72:a9:c7:7e:71:26:64:
94:ed:f2:be:04:af:25:54:36:89:0f:6e:e5:8f:55:
a2:df:c8:51:79:e6:a8:48:b0:fe:33:aa:b1:1c:c3:
cf:28:a8:09:61:a3:17:9d:1f:28:47:13:bb:39:8f:
ee:fc:14:28:ee:13:e6:07:3f:3b:ea:62:9b:81:4c:
6d:7e:6d:38:ce:82:e3:34:2f:03:ec:2b:08:31:22:
09:41:ab:bd:de:ce:70:18:95:3c:7f:8c:d3:aa:13:
89:85:11:9b:74:7a:d4:dc:f0:d6:0f:6b:0e:40:ec:
0d:78:5d:25:54:c2:79:e5:2b:d2:ef:f9:ac:53:59:
b3:c4:9f:25:e9:f8:4b:ff:a2:65:49:0c:e3:58:a1:
de:b2:d5:e2:85:bb:22:46:c9:1b:59:c8:14:f8:b6:
6f:65:46:24:db:af:91:d8:33:7f:1e:3d:29:5d:27:
f3:0c:52:1b:39:52:f5:78:69:23:ac:4c:89:db:e3:
92:ab:d7:e9:63:f0:12:03:35:20:66:94:d6:55:ee:
ce:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E4:D2:3A:32:8B:BE:9B:49:13:23:47:7C:41:83:DA:5A:32:7A:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/adc1220c-3515-4928-b808-ab48f97a186c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:44:ab:32:e2:a4:a8:b3:55:ad:9b:e5:06:99:20:ab:67:57:
b8:e1:8e:35:32:da:f6:98:ac:f0:13:70:14:46:84:de:5b:aa:
e3:05:7d:67:fb:d1:80:b4:98:14:7b:99:54:02:b0:98:cc:c3:
13:fb:02:40:e1:84:72:43:51:a8:ca:42:48:cd:20:b8:e2:8c:
6e:11:86:4f:5a:b0:05:03:80:cc:61:b9:57:e3:1f:d8:38:0e:
1d:f5:21:ab:86:ea:2d:a3:32:98:57:5d:12:63:82:1d:2d:a1:
0d:54:ef:2a:b1:9a:c8:2d:1a:e2:41:67:76:63:dc:4f:75:55:
11:c7:b9:6d:37:9e:30:9a:0b:77:b2:28:ce:e9:a5:67:8b:0d:
7b:ce:47:68:8c:14:ba:35:95:bc:3a:b5:2b:2a:48:d3:29:33:
03:1d:49:e3:b6:15:f9:19:81:1d:0f:ff:df:00:59:98:8e:6f:
3d:e9:48:40:12:d2:d5:44:0a:b2:39:2d:18:10:89:06:07:f7:
ec:4d:2d:ac:ec:44:4e:ff:6c:42:a8:8d:58:41:63:9f:19:05:
e5:88:20:29:0e:40:ae:14:27:c4:79:18:01:7b:85:af:84:51:
17:ea:1f:dc:0c:19:9e:32:28:8e:3d:08:7f:96:cc:95:64:2c:
f0:1a:fb:00
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHTTDeQuzkpkTsMYyuZz/8jZPWcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5OWRiYTBkMzFlYTIyZGUyMTA4ZmQxMmIyMjg3ODU1ZmExYThlZTg3M2Nm
YmVjZDFkNGJkZGJlOWFmMWU1ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQULmiVMpI7uy1PRzU5wKbFSr1m/KAigfwtBXqk0/otwtdc8ZTF2IblJ9Kv
XxsWgcU2sM9yqcd+cSZklO3yvgSvJVQ2iQ9u5Y9Vot/IUXnmqEiw/jOqsRzDzyio
CWGjF50fKEcTuzmP7vwUKO4T5gc/O+pim4FMbX5tOM6C4zQvA+wrCDEiCUGrvd7O
cBiVPH+M06oTiYURm3R61Nzw1g9rDkDsDXhdJVTCeeUr0u/5rFNZs8SfJen4S/+i
ZUkM41ih3rLV4oW7IkbJG1nIFPi2b2VGJNuvkdgzfx49KV0n8wxSGzlS9XhpI6xM
idvjkqvX6WPwEgM1IGaU1lXuzuMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSf5NI6
Mou+m0kTI0d8QYPaWjJ65DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWRjMTIyMGMtMzUxNS00OTI4LWI4MDgtYWI0OGY5N2ExODZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAskSrMuKkqLNVrZvlBpkgq2dXuOGONTLa9pis8BNw
FEaE3luq4wV9Z/vRgLSYFHuZVAKwmMzDE/sCQOGEckNRqMpCSM0guOKMbhGGT1qw
BQOAzGG5V+Mf2DgOHfUhq4bqLaMymFddEmOCHS2hDVTvKrGayC0a4kFndmPcT3VV
Ece5bTeeMJoLd7IozumlZ4sNe85HaIwUujWVvDq1KypI0ykzAx1J47YV+RmBHQ//
3wBZmI5vPelIQBLS1UQKsjktGBCJBgf37E0trOxETv9sQqiNWEFjnxkF5YggKQ5A
rhQnxHkYAXuFr4RRF+of3AwZnjIojj0If5bMlWQs8Br7AA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:30 2024 by rpki-client on console-ams.rpki-client.org