Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: pBGOQ5NpuuGgpfhQh/+XgHewA1ZIu8P+Dch2NFN4R7g=
Subject key identifier: 61:E8:15:82:F8:DB:A7:E7:97:4E:44:6B:92:A1:37:0F:9C:78:14:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37D81B2FD2BC3331BDBA71E08E5181A06647082D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:d8:1b:2f:d2:bc:33:31:bd:ba:71:e0:8e:51:81:a0:66:47:08:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=0c06ee72123bed02dec309de8c85000a975fb20977acdf8bc4fec00be064cfa3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0d:e5:7d:a5:ad:fa:d3:b6:e3:26:39:b1:54:
85:4b:a2:88:1a:2d:45:53:78:0a:ed:93:ad:69:1a:
78:fe:cc:60:f8:16:68:02:33:e0:2e:e6:0e:18:ce:
b0:f0:33:e0:66:9c:e3:29:07:0b:a5:b0:1d:89:a8:
5d:31:06:3b:7a:8d:67:21:68:f7:a4:cc:b0:3f:a9:
b4:71:db:43:af:cc:f1:1a:de:90:e5:ca:08:40:ab:
f4:d2:7a:1f:75:ba:4f:3e:d1:db:99:81:05:bd:3e:
e7:c5:6d:56:c7:1f:e8:91:36:85:2c:ad:d5:c2:75:
a8:88:7f:b4:fa:99:13:4c:a9:f6:f5:88:a2:b4:ce:
3b:3b:8f:aa:34:85:a4:3b:27:d0:7e:90:ce:ed:87:
6e:2a:fd:64:3a:fe:63:40:6c:b3:09:1e:d9:3c:6b:
9d:18:31:32:e6:fe:9d:4f:bd:c7:f5:38:c9:24:48:
8e:53:9b:6d:16:a1:5a:ad:9f:00:dc:1d:41:92:56:
d4:c5:c0:00:5a:a3:38:a0:eb:ce:70:d8:f8:75:d3:
dd:d4:d3:55:7f:92:3f:80:88:cc:32:fe:3c:72:a5:
d7:47:c6:08:d4:8c:07:18:63:a1:21:87:9f:e5:a1:
07:29:92:e8:b0:e8:09:08:dd:30:6b:67:f3:56:a7:
18:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E8:15:82:F8:DB:A7:E7:97:4E:44:6B:92:A1:37:0F:9C:78:14:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
14:d6:a6:df:d4:a9:3b:3e:ac:80:e7:95:43:46:3f:10:18:80:
f3:a0:23:1a:e8:c1:0c:53:8c:fd:37:a0:d7:fa:51:6e:dc:c3:
e4:b1:26:aa:83:40:eb:71:3e:7c:cf:41:47:51:40:40:1b:3e:
40:4b:79:ba:ba:ed:54:f0:a4:ac:7b:8a:9e:21:45:56:49:cc:
80:87:fd:fc:bd:a3:71:cc:a3:2f:0e:31:70:ae:40:6d:79:cb:
13:76:43:3a:12:df:8f:af:00:db:d6:89:10:c5:2b:ce:4e:ea:
1f:6a:df:cc:7f:11:a5:f3:f5:01:96:f9:26:95:fe:d2:37:27:
22:8c:f6:bc:42:1b:57:ca:25:1b:95:7c:20:d2:ff:77:e1:14:
da:e4:25:9a:46:dc:13:2c:a0:5a:81:e7:aa:70:f7:01:b3:68:
39:ad:ca:31:f0:3d:58:9d:ab:75:08:f9:f7:03:2b:90:30:cd:
9e:84:3a:b3:ac:3c:37:73:b3:5e:d4:4d:1f:12:5b:53:f1:c8:
7d:26:a5:d6:0e:54:3f:f6:a4:69:97:97:71:d0:9a:46:d4:2f:
54:bf:a4:af:bd:1b:e2:05:c3:93:99:d2:80:02:a0:00:c4:62:
c9:a5:46:68:9d:a5:73:69:fa:df:c0:a3:4d:8d:55:61:29:c4:
9a:b9:24:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN9gbL9K8MzG9unHgjlGBoGZHCC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMDZlZTcyMTIzYmVkMDJkZWMzMDlkZThjODUwMDBhOTc1ZmIyMDk3N2Fj
ZGY4YmM0ZmVjMDBiZTA2NGNmYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJwN5X2lrfrTtuMmObFUhUuiiBotRVN4Cu2TrWkaeP7MYPgWaAIz4C7mDhjO
sPAz4Gac4ykHC6WwHYmoXTEGO3qNZyFo96TMsD+ptHHbQ6/M8RrekOXKCECr9NJ6
H3W6Tz7R25mBBb0+58VtVscf6JE2hSyt1cJ1qIh/tPqZE0yp9vWIorTOOzuPqjSF
pDsn0H6Qzu2Hbir9ZDr+Y0Bsswke2TxrnRgxMub+nU+9x/U4ySRIjlObbRahWq2f
ANwdQZJW1MXAAFqjOKDrznDY+HXT3dTTVX+SP4CIzDL+PHKl10fGCNSMBxhjoSGH
n+WhBymS6LDoCQjdMGtn81anGIUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRh6BWC
+Nun55dORGuSoTcPnHgU9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAFNam39SpOz6sgOeVQ0Y/EBiA86AjGujBDFOM/Teg
1/pRbtzD5LEmqoNA63E+fM9BR1FAQBs+QEt5urrtVPCkrHuKniFFVknMgIf9/L2j
ccyjLw4xcK5AbXnLE3ZDOhLfj68A29aJEMUrzk7qH2rfzH8RpfP1AZb5JpX+0jcn
Ioz2vEIbV8olG5V8INL/d+EU2uQlmkbcEyygWoHnqnD3AbNoOa3KMfA9WJ2rdQj5
9wMrkDDNnoQ6s6w8N3OzXtRNHxJbU/HIfSal1g5UP/akaZeXcdCaRtQvVL+kr70b
4gXDk5nSgAKgAMRiyaVGaJ2lc2n638CjTY1VYSnEmrkk/g==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org