Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
File: c3f70d8a-f35a-4409-8c26-390948a7b181.roa (raw, json)
Hash identifier: gtc0hn0LrKNQzico+IMxlaES+fhVtBQ6qYP1bg5etY4=
Subject key identifier: 76:C6:FB:AC:E7:BF:EA:30:C4:59:33:AD:9A:4E:45:CC:C6:7C:68:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C08B8B22C127B1B4842DD0BB48894D28587AEE1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:08:b8:b2:2c:12:7b:1b:48:42:dd:0b:b4:88:94:d2:85:87:ae:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=df7afe2ac06e42bf5b873daaa6752f52f6bf504fae1f2dc0ce4d2e2b3e908f1a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ec:74:68:d5:7a:5f:05:27:2c:f8:d0:db:dd:
12:4a:42:02:6a:8a:e4:69:16:ba:8c:2b:5d:bb:ac:
90:da:65:b7:9b:9e:e6:1b:c8:75:7d:3d:db:45:59:
66:b4:2f:67:6f:99:69:fe:c9:b1:16:c9:06:34:af:
1b:6e:b5:5c:a9:89:dd:25:8c:0d:94:40:1c:2b:28:
4f:bb:1d:49:27:eb:e3:8f:f6:eb:92:0a:bc:aa:51:
99:bb:92:b6:bb:30:b7:42:6c:2d:d0:0e:5b:13:33:
4b:75:f9:1e:9f:ef:ec:02:6d:09:a8:88:6b:d3:8c:
77:b4:a5:74:3a:d7:67:40:54:94:91:fb:54:ec:35:
8a:c1:ef:14:73:7e:ad:ee:d0:c0:04:d0:e7:5f:6c:
03:c7:5c:58:f8:e9:0f:c0:10:df:34:d7:4b:dc:4d:
6e:7a:66:00:2d:78:a8:68:eb:25:91:23:07:8c:28:
0a:21:f1:56:e3:de:13:d0:3a:36:dd:4a:c2:76:b2:
f8:50:20:da:96:1c:be:d4:fb:65:96:69:a7:1c:07:
e4:1c:a0:03:56:cf:d4:c9:49:ba:2e:fe:2e:cf:fd:
6f:d3:cc:2a:35:f3:4a:19:e4:6d:7b:87:1b:42:00:
7f:c5:e5:49:7d:f1:df:47:bb:b9:bb:79:a0:04:cf:
1b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C6:FB:AC:E7:BF:EA:30:C4:59:33:AD:9A:4E:45:CC:C6:7C:68:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3f70d8a-f35a-4409-8c26-390948a7b181.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:7d:eb:79:7b:24:32:ec:fe:25:a8:15:6e:7b:2a:52:b7:71:
e3:ab:ad:40:77:50:7d:3b:13:4b:e6:46:d6:8a:f4:aa:1b:1b:
5e:36:9b:55:52:1f:1d:78:91:17:df:7c:bf:b9:9b:e6:90:59:
3d:bb:58:58:33:25:19:18:80:d6:de:ed:98:34:2c:3f:30:65:
27:51:27:22:66:9f:f0:f6:e4:c3:96:07:95:3f:ca:f6:c5:76:
fa:00:31:30:a7:66:fb:dc:3a:83:71:e8:e6:12:dd:26:07:35:
ee:a4:0d:2f:06:fa:05:e6:16:b8:c7:fa:39:2b:d5:6d:c6:37:
42:8a:80:aa:6b:df:de:7b:b7:ee:86:52:e4:d4:59:a4:e3:e9:
3f:4d:d6:04:e9:19:10:0e:21:68:70:ac:35:6e:41:b8:97:37:
11:57:b8:d6:67:19:be:b2:ea:0a:41:79:eb:13:ac:ce:42:01:
27:a7:80:65:1e:19:1d:15:77:6a:63:be:db:a7:d3:6d:3c:23:
3a:c9:16:e1:0a:2c:f8:0e:46:6d:4f:1c:ec:cd:c0:27:95:93:
ce:2e:e8:b9:23:33:de:db:b1:82:19:a1:db:fe:8c:8f:5e:e9:
ee:42:7b:f7:bb:af:fc:d9:be:40:0e:4e:d8:6f:09:38:35:ac:
0e:3a:5a:db
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTAi4siwSextIQt0LtIiU0oWHruEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmN2FmZTJhYzA2ZTQyYmY1Yjg3M2RhYWE2NzUyZjUyZjZiZjUwNGZhZTFm
MmRjMGNlNGQyZTJiM2U5MDhmMWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzsdGjVel8FJyz40NvdEkpCAmqK5GkWuowrXbuskNplt5ue5hvIdX0920VZ
ZrQvZ2+Zaf7JsRbJBjSvG261XKmJ3SWMDZRAHCsoT7sdSSfr44/265IKvKpRmbuS
trswt0JsLdAOWxMzS3X5Hp/v7AJtCaiIa9OMd7SldDrXZ0BUlJH7VOw1isHvFHN+
re7QwATQ519sA8dcWPjpD8AQ3zTXS9xNbnpmAC14qGjrJZEjB4woCiHxVuPeE9A6
Nt1Kwnay+FAg2pYcvtT7ZZZppxwH5BygA1bP1MlJui7+Ls/9b9PMKjXzShnkbXuH
G0IAf8XlSX3x30e7ubt5oATPG90CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR2xvus
57/qMMRZM62aTkXMxnxo6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzNmNzBkOGEtZjM1YS00NDA5LThjMjYtMzkwOTQ4YTdiMTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAqn3reXskMuz+JagVbnsqUrdx46utQHdQfTsTS+ZG
1or0qhsbXjabVVIfHXiRF998v7mb5pBZPbtYWDMlGRiA1t7tmDQsPzBlJ1EnImaf
8Pbkw5YHlT/K9sV2+gAxMKdm+9w6g3Ho5hLdJgc17qQNLwb6BeYWuMf6OSvVbcY3
QoqAqmvf3nu37oZS5NRZpOPpP03WBOkZEA4haHCsNW5BuJc3EVe41mcZvrLqCkF5
6xOszkIBJ6eAZR4ZHRV3amO+26fTbTwjOskW4Qos+A5GbU8c7M3AJ5WTzi7ouSMz
3tuxghmh2/6Mj17p7kJ797uv/Nm+QA5O2G8JODWsDjpa2w==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:07 2024 by rpki-client on console-fra.rpki-client.org