Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
File: ba49e847-161e-4e06-ade5-750cb58ef3e5.roa (raw, json)
Hash identifier: BmYblZUGUjLq1dFG64chPYIV+c6VrL4GAtuIE9ce4ck=
Subject key identifier: 9E:DC:FF:7A:A8:05:13:60:16:4C:92:0B:FD:01:19:55:0F:71:CA:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 501F35934A97A607F7E7B7B1F1E2D5865BCF36B2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:1f:35:93:4a:97:a6:07:f7:e7:b7:b1:f1:e2:d5:86:5b:cf:36:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=faa49e7f7debb2397d580ae5524b88d40f57f1af55b958e67170f5b07c2332e8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:05:eb:54:bc:31:90:8b:89:15:a3:44:a6:90:
6e:6d:54:fb:71:26:cd:f4:0b:f2:8f:d6:2e:bd:4f:
d3:c7:68:22:86:b5:69:1f:5d:b3:01:e5:fe:61:54:
19:db:d4:b1:e0:41:94:c0:8d:ab:6c:93:e8:2e:5e:
be:7e:a8:6d:eb:10:62:3a:f2:18:f6:10:5a:d7:53:
c9:a5:df:e9:11:9d:d1:b4:ee:29:8b:ae:de:19:c3:
aa:bd:e2:69:38:6f:5f:00:e1:16:9e:ea:22:9d:96:
fb:d0:2a:1b:2c:dd:4d:60:30:19:43:82:3e:47:28:
68:00:d6:91:3c:7d:ab:cb:28:a6:32:ce:69:1d:74:
cd:c6:5f:35:47:ba:a9:9c:bb:e1:aa:f3:53:53:dc:
85:4e:91:22:0c:f0:62:14:30:bc:58:16:09:86:74:
44:74:d8:eb:90:47:db:92:43:79:96:72:39:31:bf:
a9:20:7d:fc:1a:f1:d1:bb:f2:59:12:ac:f8:5c:88:
9e:2e:e4:48:81:56:7a:96:36:6c:22:46:dc:40:a8:
ef:7d:5c:6e:e3:71:31:93:02:9c:0b:78:ae:d1:ff:
cb:7f:ba:ae:36:49:ef:c9:36:e9:77:4d:46:86:e3:
af:81:e3:8a:15:e7:0f:66:da:3b:a1:fb:bf:b5:cb:
cf:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:DC:FF:7A:A8:05:13:60:16:4C:92:0B:FD:01:19:55:0F:71:CA:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ba49e847-161e-4e06-ade5-750cb58ef3e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
cc:d0:cc:d6:7f:c7:6b:e7:6d:8f:05:aa:c5:8d:9a:8b:6e:d5:
d3:1d:58:5e:df:1c:fb:27:05:b3:05:34:af:cc:3c:6e:32:04:
8f:74:44:4c:96:f4:69:d6:27:0e:6c:d0:d9:e4:4f:bf:c4:27:
a0:c9:ee:a0:f3:62:ec:21:d0:06:d4:53:a2:0e:5f:41:09:51:
ca:5a:4d:3d:98:35:d1:52:b0:ab:cf:bf:e4:58:a3:39:ab:7e:
91:19:a7:90:51:84:53:1d:06:43:6d:ba:11:6c:e0:82:80:56:
b7:42:b7:71:69:30:be:9f:1b:2f:1b:20:7b:df:ed:66:c0:d6:
1c:f7:ff:30:b0:88:b1:df:e5:48:1d:d3:1c:6f:9b:d3:fa:8d:
8c:c3:76:d2:0c:07:aa:1e:90:dd:6d:4a:ab:32:95:6b:09:ae:
2e:57:45:9f:9a:66:5a:6f:94:e3:bd:c2:b2:d4:8e:ae:d6:4e:
41:98:d8:21:87:c0:fb:2f:86:9c:fc:5f:41:b5:2b:03:3f:cc:
9e:3e:e7:47:75:93:f9:d1:55:85:0d:ec:35:27:65:ff:f0:77:
df:a0:cd:1e:a1:5a:4e:16:a9:ad:3b:cf:0c:60:db:90:d2:17:
8c:52:09:67:4e:a9:0b:c7:2f:b4:eb:9b:e7:6c:4b:d5:8e:64:
b8:87:7f:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUB81k0qXpgf357ex8eLVhlvPNrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhYTQ5ZTdmN2RlYmIyMzk3ZDU4MGFlNTUyNGI4OGQ0MGY1N2YxYWY1NWI5
NThlNjcxNzBmNWIwN2MyMzMyZTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkF61S8MZCLiRWjRKaQbm1U+3EmzfQL8o/WLr1P08doIoa1aR9dswHl/mFU
GdvUseBBlMCNq2yT6C5evn6obesQYjryGPYQWtdTyaXf6RGd0bTuKYuu3hnDqr3i
aThvXwDhFp7qIp2W+9AqGyzdTWAwGUOCPkcoaADWkTx9q8sopjLOaR10zcZfNUe6
qZy74arzU1PchU6RIgzwYhQwvFgWCYZ0RHTY65BH25JDeZZyOTG/qSB9/Brx0bvy
WRKs+FyIni7kSIFWepY2bCJG3ECo731cbuNxMZMCnAt4rtH/y3+6rjZJ78k26XdN
Robjr4HjihXnD2baO6H7v7XLzzMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSe3P96
qAUTYBZMkgv9ARlVD3HKyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmE0OWU4NDctMTYxZS00ZTA2LWFkZTUtNzUwY2I1OGVmM2U1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAzNDM1n/Ha+dtjwWqxY2ai27V0x1YXt8c+ycFswU0
r8w8bjIEj3RETJb0adYnDmzQ2eRPv8QnoMnuoPNi7CHQBtRTog5fQQlRylpNPZg1
0VKwq8+/5FijOat+kRmnkFGEUx0GQ226EWzggoBWt0K3cWkwvp8bLxsge9/tZsDW
HPf/MLCIsd/lSB3THG+b0/qNjMN20gwHqh6Q3W1KqzKVawmuLldFn5pmWm+U473C
stSOrtZOQZjYIYfA+y+GnPxfQbUrAz/Mnj7nR3WT+dFVhQ3sNSdl//B336DNHqFa
ThaprTvPDGDbkNIXjFIJZ06pC8cvtOub52xL1Y5kuId/Qw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:50 2024 by rpki-client on console-ams.rpki-client.org