Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
File: b1171dc0-a8bf-436d-9808-e316391b2b94.roa (raw, json)
Hash identifier: f7wEYeZ2ZzZwum1xknLTuoQ2IYcMl5aUxUG2AIPqvS0=
Subject key identifier: 40:3B:3D:87:F7:00:30:D9:C5:CB:8E:58:15:66:0A:C9:F4:5D:1E:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CE46EB3637F94856459F0D0329F934FFECB4023
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e4:6e:b3:63:7f:94:85:64:59:f0:d0:32:9f:93:4f:fe:cb:40:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=18d5be7424c7906c2f3170650d3cdc5d2475d56aab5d583df9a7c53fbc03d591, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:89:5b:74:65:5e:e0:26:45:ca:7c:c1:f3:99:
c8:a5:59:2b:7a:8c:96:a5:f1:b3:7b:e0:4c:5d:33:
c5:0b:d1:4a:6a:97:89:b1:e9:48:19:3c:7e:86:0e:
a5:81:7d:7b:9b:fb:31:bf:79:43:b0:0a:b1:3d:18:
a6:61:a2:30:87:1b:2f:77:f1:7b:fb:62:2c:5b:bc:
db:4d:a5:ad:50:13:f2:47:b7:4d:2e:e5:fb:df:3a:
45:7f:89:34:f5:9d:87:68:75:b2:d5:da:dc:7a:26:
9e:27:22:c4:73:84:d0:43:ae:86:1b:5a:55:5b:84:
82:f9:dc:20:d2:f7:ba:9f:23:45:bd:87:77:8d:17:
aa:27:15:22:45:1e:38:1e:dc:60:cd:bd:fe:da:11:
ae:c2:de:c7:55:9a:11:bc:dc:d7:ab:f3:f5:1e:d3:
d7:3a:a2:2d:69:7c:e3:43:71:01:96:83:d6:6e:d6:
83:60:5a:01:f9:b5:4b:89:df:60:f8:e2:3b:18:2e:
5f:9c:8f:05:72:07:f2:10:84:e4:94:55:af:57:90:
78:3a:87:bc:55:29:c7:f4:1c:87:1a:56:d2:17:1a:
38:91:4d:ba:bc:11:c2:d2:70:ba:c2:0f:f4:c8:82:
b3:d1:de:15:8e:7a:e1:37:0c:b9:0a:aa:ba:d2:ab:
10:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3B:3D:87:F7:00:30:D9:C5:CB:8E:58:15:66:0A:C9:F4:5D:1E:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1171dc0-a8bf-436d-9808-e316391b2b94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:a3:78:75:d4:9f:60:8b:87:1d:fd:24:8c:f5:51:93:09:69:
22:a4:b2:79:4f:1d:7d:1b:cf:c5:25:a2:57:e1:90:46:c1:e2:
71:ea:13:02:24:e2:4c:31:e4:13:98:b9:e6:a1:20:47:fb:09:
49:8b:09:b0:3c:32:ac:e0:b8:8a:9e:5f:b3:4e:54:fc:4d:ce:
b3:9a:ec:c2:5d:36:ad:79:b9:fe:53:9c:82:57:49:0f:a6:a6:
8f:bf:f4:52:d8:f8:11:32:ed:22:9e:bf:40:e7:66:6b:9d:8b:
28:35:d9:c2:6d:a5:6b:f8:f6:39:d0:ab:33:62:89:6e:4d:c3:
53:6d:ef:9b:01:1d:98:95:92:ba:94:63:c2:f5:68:23:23:b0:
51:57:1a:56:c1:6e:87:08:81:84:62:56:b6:4e:d7:ea:a5:57:
97:77:82:93:b6:db:71:9b:f0:57:11:43:c6:01:88:93:ea:e7:
be:75:5c:be:db:3b:92:60:a9:0d:c8:2b:96:ce:e3:72:fb:8c:
76:3f:85:13:38:ff:51:f2:02:e6:70:c6:3e:cc:76:e9:02:80:
76:3b:32:23:af:71:75:42:47:60:f5:b2:03:8b:b9:c0:68:68:
fc:ca:1a:97:db:3a:83:b4:c6:6b:35:77:ca:57:3e:f3:0e:c0:
de:13:2c:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfORus2N/lIVkWfDQMp+TT/7LQCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4ZDViZTc0MjRjNzkwNmMyZjMxNzA2NTBkM2NkYzVkMjQ3NWQ1NmFhYjVk
NTgzZGY5YTdjNTNmYmMwM2Q1OTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuJW3RlXuAmRcp8wfOZyKVZK3qMlqXxs3vgTF0zxQvRSmqXibHpSBk8foYO
pYF9e5v7Mb95Q7AKsT0YpmGiMIcbL3fxe/tiLFu8202lrVAT8ke3TS7l+986RX+J
NPWdh2h1stXa3HomnicixHOE0EOuhhtaVVuEgvncINL3up8jRb2Hd40XqicVIkUe
OB7cYM29/toRrsLex1WaEbzc16vz9R7T1zqiLWl840NxAZaD1m7Wg2BaAfm1S4nf
YPjiOxguX5yPBXIH8hCE5JRVr1eQeDqHvFUpx/QchxpW0hcaOJFNurwRwtJwusIP
9MiCs9HeFY564TcMuQqqutKrEEsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRAOz2H
9wAw2cXLjlgVZgrJ9F0eQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjExNzFkYzAtYThiZi00MzZkLTk4MDgtZTMxNjM5MWIyYjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQBxo3h11J9gi4cd/SSM9VGTCWkipLJ5Tx19G8/FJaJX
4ZBGweJx6hMCJOJMMeQTmLnmoSBH+wlJiwmwPDKs4LiKnl+zTlT8Tc6zmuzCXTat
ebn+U5yCV0kPpqaPv/RS2PgRMu0inr9A52ZrnYsoNdnCbaVr+PY50KszYoluTcNT
be+bAR2YlZK6lGPC9WgjI7BRVxpWwW6HCIGEYla2TtfqpVeXd4KTtttxm/BXEUPG
AYiT6ue+dVy+2zuSYKkNyCuWzuNy+4x2P4UTOP9R8gLmcMY+zHbpAoB2OzIjr3F1
Qkdg9bIDi7nAaGj8yhqX2zqDtMZrNXfKVz7zDsDeEyxD
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org