Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: uXOgWO+jlDLVCwF0hwAtmpl+KFdJ4gTp9GECeQWgBL4=
Subject key identifier: 78:3C:57:AF:68:65:2A:84:6A:67:DD:92:74:99:4E:DE:31:B8:68:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A97C581FFC64A8F440D8344E38A2BB45C5FFB84
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:97:c5:81:ff:c6:4a:8f:44:0d:83:44:e3:8a:2b:b4:5c:5f:fb:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=4a055ab6050ee2484634e931b9fc8c34c1e862aef42f665ae8789a8ab46f96af, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5b:b3:d4:36:91:82:eb:ec:6c:bc:3d:13:5b:
3f:18:ca:2a:17:0e:aa:67:0e:1c:fb:34:0d:b1:fb:
03:d0:4e:00:b2:73:87:2d:5f:ed:f9:5c:84:c0:e0:
20:6e:46:ba:ef:78:09:d2:34:27:6b:73:82:3c:06:
d2:ff:41:14:48:e8:dd:c0:12:9c:e3:a0:5d:7f:b9:
c0:83:08:f7:55:c5:11:1d:92:62:4d:ff:b1:69:0c:
90:14:28:9d:f3:91:d8:ad:a1:03:83:b2:90:9a:6d:
2e:d3:13:1f:0a:73:30:a7:df:4b:3c:a6:2c:36:5c:
c1:69:f3:28:d7:9c:e2:21:31:dd:2c:3c:d2:00:12:
c3:12:f8:ba:35:33:64:1c:70:86:4d:6c:1e:f3:3e:
01:c7:76:26:64:9b:74:1e:64:52:e5:57:40:bd:26:
15:3f:da:24:d3:cc:26:3f:9d:49:67:cd:05:c9:bb:
97:ff:67:1f:33:52:c8:51:51:d0:43:cb:01:ce:fe:
b2:7a:01:6c:7e:28:98:cb:3d:2d:d6:cb:2c:c4:fb:
90:f8:cb:f1:96:03:f8:db:58:e7:7a:ae:ba:d9:88:
e6:1d:18:c8:1b:3d:27:57:50:f7:ad:21:97:68:6e:
19:de:13:cd:58:e4:9b:b9:44:7f:25:fc:06:ba:17:
18:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3C:57:AF:68:65:2A:84:6A:67:DD:92:74:99:4E:DE:31:B8:68:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:cc:21:59:a4:be:b1:08:ed:1e:f1:3f:38:68:66:ca:e0:8b:
48:1e:4c:ff:6b:0f:3c:50:c2:7d:9b:90:9a:47:85:98:fb:83:
5a:aa:4a:9e:6e:34:7a:e5:02:bc:be:71:f9:fb:d3:03:b5:2f:
90:7c:68:bd:c7:7a:8f:ce:db:1c:bd:ba:95:2b:e3:dc:19:9a:
e6:57:2c:f6:b8:e1:58:c7:02:e9:c4:ad:fc:a1:74:ee:88:4c:
54:48:0a:d0:b2:da:ed:99:b1:aa:df:8d:49:99:43:3b:4f:88:
5b:bd:3c:82:c9:41:fd:8a:7c:fc:80:26:aa:e8:53:a6:c7:6e:
47:0c:9c:c5:3b:77:e2:01:5c:03:65:03:ce:1d:5d:37:26:d2:
d1:5f:77:29:97:57:a3:75:2e:b5:fb:fd:8d:2d:bb:6e:00:03:
fe:73:a7:7b:36:97:1f:76:ab:45:40:19:22:00:74:c4:d6:e5:
ae:be:e5:59:73:eb:62:fc:5e:50:15:9d:e1:de:fd:35:ae:09:
f5:de:73:33:34:71:62:5d:91:f9:ea:3f:0b:e6:94:44:18:d5:
19:6a:bd:c9:2c:79:ec:b5:2d:6f:3d:1f:ec:34:9a:f0:71:53:
74:d7:04:1d:50:2e:82:87:88:1c:fb:fc:94:cc:83:70:3c:be:
42:55:75:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOpfFgf/GSo9EDYNE44ortFxf+4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMDU1YWI2MDUwZWUyNDg0NjM0ZTkzMWI5ZmM4YzM0YzFlODYyYWVmNDJm
NjY1YWU4Nzg5YThhYjQ2Zjk2YWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOJbs9Q2kYLr7Gy8PRNbPxjKKhcOqmcOHPs0DbH7A9BOALJzhy1f7flchMDg
IG5Guu94CdI0J2tzgjwG0v9BFEjo3cASnOOgXX+5wIMI91XFER2SYk3/sWkMkBQo
nfOR2K2hA4OykJptLtMTHwpzMKffSzymLDZcwWnzKNec4iEx3Sw80gASwxL4ujUz
ZBxwhk1sHvM+Acd2JmSbdB5kUuVXQL0mFT/aJNPMJj+dSWfNBcm7l/9nHzNSyFFR
0EPLAc7+snoBbH4omMs9LdbLLMT7kPjL8ZYD+NtY53quutmI5h0YyBs9J1dQ960h
l2huGd4TzVjkm7lEfyX8BroXGCUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR4PFev
aGUqhGpn3ZJ0mU7eMbho7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAoswhWaS+sQjtHvE/OGhmyuCLSB5M/2sPPFDCfZuQ
mkeFmPuDWqpKnm40euUCvL5x+fvTA7UvkHxovcd6j87bHL26lSvj3Bma5lcs9rjh
WMcC6cSt/KF07ohMVEgK0LLa7Zmxqt+NSZlDO0+IW708gslB/Yp8/IAmquhTpsdu
RwycxTt34gFcA2UDzh1dNybS0V93KZdXo3Uutfv9jS27bgAD/nOnezaXH3arRUAZ
IgB0xNblrr7lWXPrYvxeUBWd4d79Na4J9d5zMzRxYl2R+eo/C+aURBjVGWq9ySx5
7LUtbz0f7DSa8HFTdNcEHVAugoeIHPv8lMyDcDy+QlV1vA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:08 2024 by rpki-client on console-fra.rpki-client.org