Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bcd928b4-d150-4c40-8fca-0a900d36cb1e.roa
File: bcd928b4-d150-4c40-8fca-0a900d36cb1e.roa (raw, json)
Hash identifier: N8jZ2xu5HuJdT/RVuOwESeWmKTDDZJaaDsKNB1evSSQ=
Subject key identifier: D4:B3:5F:AA:0D:2A:9F:47:7D:85:72:AE:28:CF:DD:BE:60:8B:0F:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: EF134E848DED8820A289DFD2B7C06C5B0AECC8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bcd928b4-d150-4c40-8fca-0a900d36cb1e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 195.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ef:13:4e:84:8d:ed:88:20:a2:89:df:d2:b7:c0:6c:5b:0a:ec:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=36b65379e909c23e3bc8d0a8af13b194f3323469ffbca4a2a7846e0fb37ea4ab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a2:10:0f:2a:23:56:7b:8b:c4:ac:ea:6f:c4:
b7:6c:0e:ff:da:8c:ef:51:f6:2e:9f:fa:7d:17:ab:
27:37:cc:95:10:0b:b5:1b:63:de:59:99:fe:90:5d:
1f:b9:90:86:42:47:8d:5b:fd:a1:1f:44:ae:a4:e9:
e2:89:3a:b3:46:07:07:97:7c:41:9b:14:27:24:dc:
f7:89:93:75:2a:07:01:58:fc:3a:db:e2:c5:b9:2c:
f6:3c:9e:7f:ba:09:f9:06:2b:05:09:fe:d7:e1:9f:
d6:ff:7a:24:9a:9d:6e:1a:75:ad:da:22:d7:78:d2:
66:45:f0:81:33:20:21:d9:47:ed:73:d0:ed:e0:14:
32:c7:aa:6f:03:6a:35:b7:9f:fe:8a:56:4d:37:81:
11:6f:97:99:c1:70:31:5d:a4:39:db:46:7f:7d:d5:
37:75:20:14:d9:ff:6b:b0:e4:33:3b:9b:f2:b9:0b:
a9:9a:de:43:bd:4d:0f:eb:cd:ff:18:c9:66:b0:96:
29:19:af:5d:73:24:e5:3c:96:2b:e3:6a:db:4a:36:
83:5b:55:34:e3:08:27:e3:b3:f2:f2:5b:4b:40:48:
bb:71:07:c1:4b:15:04:6b:eb:9c:b1:b5:16:72:85:
b7:46:36:8a:0b:d7:7c:97:7d:63:86:2a:5f:79:a6:
17:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B3:5F:AA:0D:2A:9F:47:7D:85:72:AE:28:CF:DD:BE:60:8B:0F:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bcd928b4-d150-4c40-8fca-0a900d36cb1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:46:60:32:7f:da:b0:f0:63:93:ed:65:de:c7:cc:cd:f3:e9:
8e:61:d9:98:8f:e1:2f:da:83:fc:1d:ba:67:59:af:cc:49:d2:
44:1f:ae:07:25:eb:e7:9e:2b:fb:ee:50:cf:7c:e7:ca:2d:7f:
11:44:1b:64:16:83:10:f5:3f:97:b8:38:aa:15:a0:93:91:52:
06:41:a2:44:95:02:bb:90:60:2c:0c:a7:a0:ea:e9:3d:61:e5:
01:0e:24:aa:43:8b:e3:93:07:ae:1c:d4:67:65:4c:10:4f:a9:
cf:5d:43:90:09:23:65:28:bc:0b:a1:e2:8e:82:bc:ac:5b:83:
c7:5a:31:08:e8:49:72:db:67:65:4a:3e:38:44:16:d1:de:1e:
d4:da:9c:9e:3c:91:bc:c9:fe:01:28:6f:a6:6c:ad:75:e8:dd:
cb:31:ae:1c:a8:da:d8:5c:c4:01:93:da:3e:73:ea:62:38:61:
f4:00:5c:66:6f:62:6c:8f:b5:d4:e0:20:19:09:ff:f8:9a:d6:
02:e2:30:9b:0c:cc:da:38:82:14:d2:94:50:33:ed:60:cc:c4:
2a:35:04:c5:67:07:91:4a:3e:a6:57:fc:b4:02:76:09:27:f5:
fc:25:77:64:28:63:02:85:1a:17:e3:39:b1:77:ea:34:5e:b0:
41:c1:96:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAO8TToSN7Yggoonf0rfAbFsK7MgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2YjY1Mzc5ZTkwOWMyM2UzYmM4ZDBhOGFmMTNiMTk0ZjMzMjM0NjlmZmJj
YTRhMmE3ODQ2ZTBmYjM3ZWE0YWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWiEA8qI1Z7i8Ss6m/Et2wO/9qM71H2Lp/6fRerJzfMlRALtRtj3lmZ/pBd
H7mQhkJHjVv9oR9ErqTp4ok6s0YHB5d8QZsUJyTc94mTdSoHAVj8Otvixbks9jye
f7oJ+QYrBQn+1+Gf1v96JJqdbhp1rdoi13jSZkXwgTMgIdlH7XPQ7eAUMseqbwNq
Nbef/opWTTeBEW+XmcFwMV2kOdtGf33VN3UgFNn/a7DkMzub8rkLqZreQ71ND+vN
/xjJZrCWKRmvXXMk5TyWK+Nq20o2g1tVNOMIJ+Oz8vJbS0BIu3EHwUsVBGvrnLG1
FnKFt0Y2igvXfJd9Y4YqX3mmF8MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTUs1+q
DSqfR32Fcq4oz92+YIsPmTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmNkOTI4YjQtZDE1MC00YzQwLThmY2EtMGE5MDBkMzZjYjFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQDLRmAyf9qw8GOT7WXex8zN8+mOYdmYj+Ev2oP8Hbpn
Wa/MSdJEH64HJevnniv77lDPfOfKLX8RRBtkFoMQ9T+XuDiqFaCTkVIGQaJElQK7
kGAsDKeg6uk9YeUBDiSqQ4vjkweuHNRnZUwQT6nPXUOQCSNlKLwLoeKOgrysW4PH
WjEI6Ely22dlSj44RBbR3h7U2pyePJG8yf4BKG+mbK116N3LMa4cqNrYXMQBk9o+
c+piOGH0AFxmb2Jsj7XU4CAZCf/4mtYC4jCbDMzaOIIU0pRQM+1gzMQqNQTFZweR
Sj6mV/y0AnYJJ/X8JXdkKGMChRoX4zmxd+o0XrBBwZZd
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org