Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
File: bd71a746-3cc9-4570-bf5d-cc70358205b8.roa (raw, json)
Hash identifier: f+tOsWTOW7R8iYvyt02fDJ8Gfl64Ocm7538feKjHWaQ=
Subject key identifier: E0:9E:B5:21:C1:30:FA:D5:B4:DC:E0:73:2F:1A:5E:71:2D:C6:BC:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44131102452FE9D0605FCF446A714D9B15C7C1C1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:13:11:02:45:2f:e9:d0:60:5f:cf:44:6a:71:4d:9b:15:c7:c1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9ab7cbe7705249b0151f4fe168d67eacd5f08d387a68691ea0b384a20d62c9fc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:9f:cd:c9:a9:60:b7:87:ee:a5:fa:97:8a:
45:9f:9e:0d:50:2a:10:12:23:8b:8e:09:34:26:31:
75:15:35:90:23:65:91:83:eb:10:e4:95:6b:7b:22:
fa:b6:8d:74:4e:11:84:79:45:37:47:36:a3:10:be:
94:a6:90:80:5a:1e:84:71:e2:bc:9e:2c:ad:f5:76:
a2:44:a8:7c:f9:cb:10:75:a0:9e:04:50:86:9e:7f:
57:65:43:1a:4f:23:ce:98:ad:25:6c:04:8e:39:5d:
9d:0c:a1:d5:06:b9:11:20:b0:85:79:ec:b5:8c:cb:
ff:6c:15:09:5f:5f:20:8e:f1:23:84:80:88:8a:7f:
31:c7:ce:68:53:17:12:2a:cc:e7:1c:8f:5d:03:b2:
f5:ef:41:47:e3:fb:bd:4a:d8:6f:89:12:64:8f:2f:
85:8b:79:25:97:88:25:a8:b7:ae:f8:39:c6:48:39:
e8:04:6d:68:b2:0e:63:11:eb:5e:1f:6d:0a:90:96:
c4:2f:d0:31:8b:42:19:71:2d:37:b3:a7:c7:e4:5c:
40:ae:47:a0:86:0e:45:28:1f:5f:39:c5:b8:2d:98:
a7:67:ac:d1:f3:73:d1:4e:34:ab:0c:ca:cf:04:da:
be:d2:e6:ee:f6:9e:04:0c:5f:b6:cc:b2:42:18:4d:
68:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:9E:B5:21:C1:30:FA:D5:B4:DC:E0:73:2F:1A:5E:71:2D:C6:BC:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bd71a746-3cc9-4570-bf5d-cc70358205b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
99:fd:1f:b2:65:f3:8f:c7:34:fd:2c:7e:bd:22:a8:c5:54:3f:
61:bf:bc:7e:f5:d9:27:83:04:e9:d2:56:4f:24:16:d9:5f:74:
37:f9:ed:67:12:52:97:5b:b3:3d:4c:c1:0b:24:f9:0a:64:15:
e4:05:72:23:5f:4e:ac:ad:fb:86:5c:16:9a:74:9f:f4:fe:fa:
87:62:29:4b:3a:a1:ec:a6:0f:06:bf:d5:ad:12:16:d6:4f:d6:
05:13:98:62:0f:d6:40:4f:09:17:81:04:ca:33:68:a0:3f:76:
7c:6b:26:b9:a2:4e:dc:16:20:b1:82:01:fc:b0:b0:01:14:da:
2d:1e:82:46:75:31:e7:eb:2f:7f:cf:fb:b7:64:c3:f4:39:dd:
d9:7d:71:11:71:36:25:c3:38:e4:fc:3f:d8:09:4c:50:90:05:
b5:4f:62:55:97:ec:94:e6:0b:6c:89:80:3a:f8:75:e9:c6:65:
e2:b9:b7:07:15:4f:7a:3e:45:de:24:ab:fb:8e:80:9d:99:fd:
36:15:59:a1:aa:4c:e2:3a:e8:1f:3b:2f:9a:1f:f6:43:dc:df:
09:a3:da:26:41:8e:d7:c3:fc:13:6c:71:83:17:15:d6:b3:a6:
d4:c7:e2:7e:8a:5a:64:c4:49:5b:bb:90:4d:00:1b:4a:0b:37:
2f:02:72:24
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURBMRAkUv6dBgX89EanFNmxXHwcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhYjdjYmU3NzA1MjQ5YjAxNTFmNGZlMTY4ZDY3ZWFjZDVmMDhkMzg3YTY4
NjkxZWEwYjM4NGEyMGQ2MmM5ZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtCn83JqWC3h+6l+peKRZ+eDVAqEBIji44JNCYxdRU1kCNlkYPrEOSVa3si
+raNdE4RhHlFN0c2oxC+lKaQgFoehHHivJ4srfV2okSofPnLEHWgngRQhp5/V2VD
Gk8jzpitJWwEjjldnQyh1Qa5ESCwhXnstYzL/2wVCV9fII7xI4SAiIp/McfOaFMX
EirM5xyPXQOy9e9BR+P7vUrYb4kSZI8vhYt5JZeIJai3rvg5xkg56ARtaLIOYxHr
Xh9tCpCWxC/QMYtCGXEtN7Onx+RcQK5HoIYORSgfXznFuC2Yp2es0fNz0U40qwzK
zwTavtLm7vaeBAxftsyyQhhNaKECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTgnrUh
wTD61bTc4HMvGl5xLca8XjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmQ3MWE3NDYtM2NjOS00NTcwLWJmNWQtY2M3MDM1ODIwNWI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmf0fsmXzj8c0/Sx+vSKoxVQ/Yb+8fvXZJ4ME6dJW
TyQW2V90N/ntZxJSl1uzPUzBCyT5CmQV5AVyI19OrK37hlwWmnSf9P76h2IpSzqh
7KYPBr/VrRIW1k/WBROYYg/WQE8JF4EEyjNooD92fGsmuaJO3BYgsYIB/LCwARTa
LR6CRnUx5+svf8/7t2TD9Dnd2X1xEXE2JcM45Pw/2AlMUJAFtU9iVZfslOYLbImA
Ovh16cZl4rm3BxVPej5F3iSr+46AnZn9NhVZoapM4jroHzsvmh/2Q9zfCaPaJkGO
18P8E2xxgxcV1rOm1MfifopaZMRJW7uQTQAbSgs3LwJyJA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org