Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
File: c0680170-a405-45c9-bf7f-03cb2e587884.roa (raw, json)
Hash identifier: 4XwQQ5il/HgW2Ua4b0595Qa9siKVbrIWECBH65v5m3k=
Subject key identifier: 0D:13:31:77:56:D9:E1:E0:E6:9A:A6:B5:07:AA:F3:E4:84:E3:99:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C66624A57CB10E86751227B33ED1834F9BCEAAD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 195.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:66:62:4a:57:cb:10:e8:67:51:22:7b:33:ed:18:34:f9:bc:ea:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d86a4d9ce2d1463a4431c3685493dbe05ed012d9382b7289cb3d0cea0d7ea77f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f6:b7:81:cf:99:0a:6d:10:4f:a3:27:49:4a:
f4:02:6c:b1:81:09:0e:6e:aa:30:fd:c3:47:78:23:
69:1d:be:0f:e7:70:1a:26:55:df:51:2f:60:6e:98:
3f:28:95:d3:2e:73:1d:42:1b:f4:e8:95:40:59:24:
ea:1a:ae:e1:6a:5f:b7:44:c7:ea:e7:dd:71:b9:7f:
dd:df:d7:64:58:f1:1d:bd:3c:dd:84:08:dd:21:62:
16:f8:e2:2d:35:21:b2:f9:20:e8:b9:3c:07:ab:fa:
23:e7:82:fc:78:f9:f7:c9:b4:55:61:f8:13:d2:c3:
23:74:8b:f1:18:d0:8f:61:20:14:e5:c2:6f:20:15:
07:7b:b8:d6:e7:07:f8:1a:a2:96:cf:d1:16:aa:e5:
a9:b6:17:96:d6:75:85:61:83:b5:2a:bc:17:7a:82:
a1:0d:5d:ad:e3:cd:4d:30:72:28:24:b9:86:98:59:
14:f2:0c:3e:9c:0b:f6:c7:8c:75:d4:39:b3:73:b8:
7a:3d:b4:33:e1:60:83:8c:67:aa:84:27:4b:64:c0:
af:47:fd:f9:99:9f:b1:af:d1:d3:9e:48:02:8c:48:
c0:2a:24:32:9f:79:47:18:ac:fe:b1:32:14:1f:c7:
dc:7d:4a:c0:2e:81:1d:c1:89:50:22:82:d8:e3:d2:
b0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:13:31:77:56:D9:E1:E0:E6:9A:A6:B5:07:AA:F3:E4:84:E3:99:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0680170-a405-45c9-bf7f-03cb2e587884.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:09:97:c5:21:7d:d5:16:b5:98:ae:70:b6:d8:41:e7:b2:80:
fd:e1:97:02:e4:16:ad:97:bf:2d:1c:32:92:fb:de:1f:b9:fd:
be:fa:33:10:03:ac:b5:7f:24:77:2a:e1:e0:1e:3f:a7:86:37:
67:b9:9b:09:18:21:14:90:29:53:d3:37:f8:a7:6f:75:34:19:
49:16:f8:47:bf:d6:5f:77:9e:e5:0f:2e:1f:c9:3c:da:12:d6:
37:59:05:91:36:fc:13:6c:9b:d4:8b:12:5f:d2:1d:38:b6:a7:
a2:0c:2f:47:14:2d:2b:ac:f8:18:fa:f0:26:21:a3:8b:d1:ac:
70:73:78:f2:cd:25:4e:70:39:1f:06:12:60:a8:65:98:c0:71:
75:8a:c0:c9:64:57:8f:8d:75:8c:75:94:6f:f3:b9:5a:17:46:
79:1b:20:ef:3a:5f:31:ca:ed:21:58:9f:ac:d7:56:26:7a:dd:
d1:5a:60:83:09:c0:20:29:07:32:c0:00:ac:cf:ac:d6:2b:bf:
4a:1a:e0:ba:18:f0:6c:34:7e:ee:b9:c3:7f:3f:82:26:39:61:
de:69:93:b9:34:eb:77:6c:78:f0:45:af:b4:e0:39:0d:d2:56:
b4:06:df:5a:ce:b8:11:76:6b:71:df:f3:64:76:06:1a:ba:a9:
ed:76:90:72
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULGZiSlfLEOhnUSJ7M+0YNPm86q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4NmE0ZDljZTJkMTQ2M2E0NDMxYzM2ODU0OTNkYmUwNWVkMDEyZDkzODJi
NzI4OWNiM2QwY2VhMGQ3ZWE3N2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIz2t4HPmQptEE+jJ0lK9AJssYEJDm6qMP3DR3gjaR2+D+dwGiZV31EvYG6Y
PyiV0y5zHUIb9OiVQFkk6hqu4Wpft0TH6ufdcbl/3d/XZFjxHb083YQI3SFiFvji
LTUhsvkg6Lk8B6v6I+eC/Hj598m0VWH4E9LDI3SL8RjQj2EgFOXCbyAVB3u41ucH
+Bqils/RFqrlqbYXltZ1hWGDtSq8F3qCoQ1drePNTTByKCS5hphZFPIMPpwL9seM
ddQ5s3O4ej20M+Fgg4xnqoQnS2TAr0f9+Zmfsa/R055IAoxIwCokMp95Rxis/rEy
FB/H3H1KwC6BHcGJUCKC2OPSsBUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNEzF3
Vtnh4OaaprUHqvPkhOOZUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA2ODAxNzAtYTQwNS00NWM5LWJmN2YtMDNjYjJlNTg3ODg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQC1CZfFIX3VFrWYrnC22EHnsoD94ZcC5Batl78tHDKS
+94fuf2++jMQA6y1fyR3KuHgHj+nhjdnuZsJGCEUkClT0zf4p291NBlJFvhHv9Zf
d57lDy4fyTzaEtY3WQWRNvwTbJvUixJf0h04tqeiDC9HFC0rrPgY+vAmIaOL0axw
c3jyzSVOcDkfBhJgqGWYwHF1isDJZFePjXWMdZRv87laF0Z5GyDvOl8xyu0hWJ+s
11Ymet3RWmCDCcAgKQcywACsz6zWK79KGuC6GPBsNH7uucN/P4ImOWHeaZO5NOt3
bHjwRa+04DkN0la0Bt9azrgRdmtx3/NkdgYauqntdpBy
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org