Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: G3xCrWI/sJm8Jt9FQsbPcWS/Vr9pqfIEHP+rRygs/qQ=
Subject key identifier: 2A:9F:3A:68:DC:E4:68:63:29:97:9C:3F:EB:79:ED:F9:F5:86:B9:83
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53A430B5092D50B27B5D77C65EC173D3795F699B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:a4:30:b5:09:2d:50:b2:7b:5d:77:c6:5e:c1:73:d3:79:5f:69:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5338c7e63459aee034186e63d157c3c576bf65aa5a4214089ae9157890fefb9f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:85:1a:a5:d9:2d:06:60:92:3c:02:ec:d9:c1:
b6:3a:26:39:b8:ab:2c:72:c8:97:80:82:3e:ee:eb:
8f:94:83:a3:7d:98:30:82:6d:20:64:15:41:26:82:
2d:1c:98:d1:45:be:07:95:48:84:50:04:fa:2c:9c:
ae:19:8e:05:ef:dc:fe:b2:9b:fa:3d:31:d0:70:33:
01:83:7b:92:4c:d3:72:e3:3e:df:e3:2c:8a:3c:b0:
c5:15:0b:b5:5d:25:b2:f6:7b:28:df:eb:46:ee:d6:
b2:f5:95:ab:32:74:7f:f6:e5:73:5c:0f:ab:db:7c:
dc:0d:52:ec:89:83:90:16:05:43:10:53:bd:33:98:
c2:97:37:88:2f:41:98:c9:bd:47:74:94:47:01:d1:
50:7d:6b:ae:83:7e:c8:39:00:72:8a:d0:eb:c3:34:
1a:c7:48:cb:82:b6:58:26:2e:d2:60:9e:f4:90:39:
56:90:4e:94:20:b3:98:68:65:c0:b0:c2:53:7b:63:
1f:08:5f:06:e8:0b:3f:57:79:b4:8f:09:26:1e:98:
4f:ac:b7:32:ba:8f:73:75:f3:2e:87:82:f7:9f:c2:
65:38:d5:be:32:e6:3a:6e:a7:27:ec:dc:81:d0:88:
01:01:32:1f:22:be:a6:43:1d:b6:b8:09:30:b6:fc:
f8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9F:3A:68:DC:E4:68:63:29:97:9C:3F:EB:79:ED:F9:F5:86:B9:83
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
d6:ed:cb:72:8c:32:69:0d:24:8e:2c:13:4f:f9:bd:bb:8f:94:
26:27:ec:7c:bc:83:76:c7:6e:6c:f2:a5:ec:cb:04:fb:6a:7f:
38:45:35:45:89:55:44:f9:07:37:bc:e5:7f:2f:09:9f:db:9f:
ea:06:41:91:05:c7:7b:8a:44:50:84:3f:7a:36:bb:6d:ff:a0:
82:65:92:63:4c:df:27:74:c5:a4:ca:62:99:09:3b:48:33:a9:
22:d7:34:4b:83:30:67:8c:1d:e5:4f:9e:fd:42:1c:89:d2:89:
b1:c4:21:39:4f:5b:a8:44:ef:c8:63:b4:6c:70:3b:bc:03:61:
62:ed:3b:00:39:ea:a1:49:5f:dc:a8:75:ad:64:56:00:33:c5:
f2:ec:34:68:16:fe:b8:0a:49:d4:33:e3:0d:e0:9b:8e:2e:78:
51:c7:95:dc:06:eb:a9:4e:92:01:28:81:e7:77:40:c9:36:85:
21:8b:be:26:66:88:ad:9d:7b:e2:51:a5:dd:13:93:1d:95:61:
c9:f7:3f:ba:15:af:3e:30:71:d5:fb:e8:a3:41:c5:8c:f7:00:
36:f3:f2:04:d2:55:8f:4a:c2:09:55:91:99:ce:b2:93:53:ff:
51:51:88:d6:bf:10:af:5f:01:bd:27:69:72:b5:ba:67:45:9e:
93:bb:1d:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU6QwtQktULJ7XXfGXsFz03lfaZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMzhjN2U2MzQ1OWFlZTAzNDE4NmU2M2QxNTdjM2M1NzZiZjY1YWE1YTQy
MTQwODlhZTkxNTc4OTBmZWZiOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSFGqXZLQZgkjwC7NnBtjomObirLHLIl4CCPu7rj5SDo32YMIJtIGQVQSaC
LRyY0UW+B5VIhFAE+iycrhmOBe/c/rKb+j0x0HAzAYN7kkzTcuM+3+MsijywxRUL
tV0lsvZ7KN/rRu7WsvWVqzJ0f/blc1wPq9t83A1S7ImDkBYFQxBTvTOYwpc3iC9B
mMm9R3SURwHRUH1rroN+yDkAcorQ68M0GsdIy4K2WCYu0mCe9JA5VpBOlCCzmGhl
wLDCU3tjHwhfBugLP1d5tI8JJh6YT6y3MrqPc3XzLoeC95/CZTjVvjLmOm6nJ+zc
gdCIAQEyHyK+pkMdtrgJMLb8+D0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQqnzpo
3ORoYymXnD/ree359Ya5gzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEA1u3LcowyaQ0kjiwTT/m9u4+UJifsfLyDdsdubPKl
7MsE+2p/OEU1RYlVRPkHN7zlfy8Jn9uf6gZBkQXHe4pEUIQ/eja7bf+ggmWSY0zf
J3TFpMpimQk7SDOpItc0S4MwZ4wd5U+e/UIcidKJscQhOU9bqETvyGO0bHA7vANh
Yu07ADnqoUlf3Kh1rWRWADPF8uw0aBb+uApJ1DPjDeCbji54UceV3AbrqU6SASiB
53dAyTaFIYu+JmaIrZ174lGl3ROTHZVhyfc/uhWvPjBx1fvoo0HFjPcANvPyBNJV
j0rCCVWRmc6yk1P/UVGI1r8Qr18BvSdpcrW6Z0Wek7sdFw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org