Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: Y4yr51ZQjfdDvFQCPDnB54a5/ShAcj/ZOoMsUeajZac=
Subject key identifier: 41:6A:6C:1D:C5:BA:07:FD:33:42:84:78:A7:E4:35:9D:33:6C:AA:B9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5501B7408169BC85DD3D3DBDD47403529F2FD45F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:01:b7:40:81:69:bc:85:dd:3d:3d:bd:d4:74:03:52:9f:2f:d4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=5c8ef5942bb2f657a4b13eae7f4db427704f0ae381503799c25581a33fbb38e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:53:c4:fe:a2:4d:3b:d8:da:a6:e1:6d:49:f9:
a8:9d:5b:3b:a3:5a:92:2c:9c:1c:fd:41:fb:65:41:
d3:0f:9a:99:e2:de:34:f3:13:83:8a:a1:22:49:62:
bb:c1:49:62:2c:9a:09:e4:2c:e0:7a:51:fc:f1:42:
ba:44:9d:dd:4b:86:4b:88:80:b2:3e:9f:81:ef:35:
53:0c:f8:1b:11:63:fc:2b:9f:3a:49:0d:70:db:ec:
dc:d6:06:0f:f3:6e:c6:1c:0e:a2:af:8e:12:f3:fe:
eb:14:3b:4d:72:a7:b4:38:de:2a:0b:36:f4:cd:7e:
91:f5:37:ad:2b:0f:7e:bb:3a:24:ee:61:4e:50:8d:
92:de:dd:bd:0f:b0:44:7a:bd:44:a0:4e:da:cc:64:
39:79:94:c0:be:d5:71:5e:3e:13:27:2f:58:70:1a:
a3:42:4d:0e:ec:e6:d7:f2:38:bc:03:a6:76:5f:d3:
fe:5a:61:a8:16:4a:be:3a:9e:24:c2:e2:ad:f9:63:
cc:86:31:7f:4a:d1:b1:98:7b:bc:95:d2:70:db:40:
b8:cd:03:dc:01:78:dc:04:ad:65:92:3d:53:93:9b:
8c:b6:7d:b0:ef:39:ab:bb:98:ec:f9:7a:e4:2b:5c:
c6:7a:cb:7d:b9:59:c5:28:55:a4:75:7b:fa:46:ce:
66:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6A:6C:1D:C5:BA:07:FD:33:42:84:78:A7:E4:35:9D:33:6C:AA:B9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:fa:9f:3a:6b:c9:a8:ed:58:fc:f9:62:1c:2f:ce:02:76:87:
9e:93:d2:9a:86:8d:12:a7:e8:9a:76:41:0e:3d:93:11:42:5f:
a2:db:2e:11:c1:7f:6b:b4:ad:f0:4f:cf:7d:97:52:c3:c4:83:
9f:28:0e:b9:60:b2:ca:f2:08:61:da:8d:b8:00:7a:cb:8a:63:
8e:39:6e:af:05:a2:dd:0a:97:e4:a2:23:26:76:7b:3f:e0:2d:
2b:c7:33:bb:a0:87:93:69:b8:0a:c2:1f:9f:1e:79:17:5e:f6:
29:cd:70:ea:a5:e3:a5:6e:ee:fb:32:84:5a:51:b9:33:09:71:
4c:17:86:94:85:ac:db:f2:b2:cf:69:ac:b1:5e:23:d2:d3:ae:
e0:cb:c2:a8:6a:2a:05:56:87:79:2e:af:7c:f8:b1:05:1c:66:
2a:95:c3:3c:19:6b:c9:b6:8f:7e:f4:bc:df:2b:e5:14:28:be:
5c:73:05:33:db:50:49:f5:37:87:60:03:f6:43:1a:2f:46:c2:
64:c4:05:9b:7f:47:3a:27:9d:bb:71:22:72:59:16:59:be:21:
51:88:08:5f:a6:0f:88:ad:d7:c6:19:ca:18:31:0b:af:1d:cb:
66:b3:3b:39:c5:4a:71:76:39:e7:77:90:ab:09:ed:44:be:30:
cc:d4:ae:b1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVQG3QIFpvIXdPT291HQDUp8v1F8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjOGVmNTk0MmJiMmY2NTdhNGIxM2VhZTdmNGRiNDI3NzA0ZjBhZTM4MTUw
Mzc5OWMyNTU4MWEzM2ZiYjM4ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxTxP6iTTvY2qbhbUn5qJ1bO6NakiycHP1B+2VB0w+ameLeNPMTg4qhIkli
u8FJYiyaCeQs4HpR/PFCukSd3UuGS4iAsj6fge81Uwz4GxFj/CufOkkNcNvs3NYG
D/NuxhwOoq+OEvP+6xQ7TXKntDjeKgs29M1+kfU3rSsPfrs6JO5hTlCNkt7dvQ+w
RHq9RKBO2sxkOXmUwL7VcV4+EycvWHAao0JNDuzm1/I4vAOmdl/T/lphqBZKvjqe
JMLirfljzIYxf0rRsZh7vJXScNtAuM0D3AF43AStZZI9U5ObjLZ9sO85q7uY7Pl6
5CtcxnrLfblZxShVpHV7+kbOZlECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRBamwd
xboH/TNChHin5DWdM2yquTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAw/qfOmvJqO1Y/PliHC/OAnaHnpPSmoaNEqfomnZB
Dj2TEUJfotsuEcF/a7St8E/PfZdSw8SDnygOuWCyyvIIYdqNuAB6y4pjjjlurwWi
3QqX5KIjJnZ7P+AtK8czu6CHk2m4CsIfnx55F172Kc1w6qXjpW7u+zKEWlG5Mwlx
TBeGlIWs2/Kyz2mssV4j0tOu4MvCqGoqBVaHeS6vfPixBRxmKpXDPBlrybaPfvS8
3yvlFCi+XHMFM9tQSfU3h2AD9kMaL0bCZMQFm39HOiedu3EiclkWWb4hUYgIX6YP
iK3XxhnKGDELrx3LZrM7OcVKcXY553eQqwntRL4wzNSusQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org