Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
File: e1a46896-dfc0-4be1-91be-62fd0626c291.roa (raw, json)
Hash identifier: 6lwhR5CEWCT/7+EOh7WrCIMUGWCPnwCkmsugcwsJwG4=
Subject key identifier: 18:82:97:57:28:4C:ED:47:AC:94:6F:FD:5B:46:D8:0A:95:E2:4A:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2DF7879203950EEB71CC6931A550A65E16736E7C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f7:87:92:03:95:0e:eb:71:cc:69:31:a5:50:a6:5e:16:73:6e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=58606a39bb2b33f8db0cce66cf23fc607f0fcf45c5dbb24b35f38db2772075e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:da:4f:48:ca:e8:45:ea:80:8a:a3:b2:eb:ad:
c9:f6:34:4c:ef:d9:01:56:41:34:4a:80:4f:1c:b7:
52:79:23:64:c0:14:c4:a3:c9:4f:cc:f4:b3:2f:3e:
c5:08:b4:ab:5d:3a:1c:86:cb:f4:b7:c9:94:e8:db:
f0:a1:20:34:2d:e2:6d:50:ac:d6:df:9a:63:47:75:
72:ca:32:75:cc:1b:6a:9c:f6:46:74:db:09:d4:01:
c9:1e:e8:2e:50:5a:0a:dd:71:cf:77:fa:64:19:7d:
5a:f4:ac:d0:96:2b:c2:02:2d:6d:5c:bc:52:0c:46:
79:7d:73:6c:38:2b:9d:63:a7:2c:91:59:55:45:8b:
0f:34:d3:b3:74:bf:c4:c2:fa:65:68:4d:20:b1:b1:
49:75:0d:41:30:ea:3c:39:4e:03:00:46:ea:ec:d8:
48:c5:97:70:07:60:fa:eb:0e:bf:33:4b:4f:13:44:
dd:6b:30:21:55:37:e8:18:ea:d4:76:48:cc:c8:99:
aa:c4:90:88:da:b2:7d:99:db:29:37:e2:e1:ab:a2:
e4:12:89:dd:3c:27:1e:2e:4b:a2:a6:05:8c:3a:e7:
41:61:bd:da:b9:1a:b1:ca:29:ca:da:c8:28:36:e9:
55:14:d7:99:97:9d:f7:17:90:a5:17:50:c6:c0:fe:
27:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:82:97:57:28:4C:ED:47:AC:94:6F:FD:5B:46:D8:0A:95:E2:4A:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1a46896-dfc0-4be1-91be-62fd0626c291.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d3:17:34:db:68:56:51:62:31:3e:da:38:8a:64:23:41:74:ef:
d7:b3:d2:75:15:9f:c4:77:6e:ca:2a:75:60:0f:06:cf:77:72:
18:a1:d2:39:a2:45:19:a2:51:33:3a:b8:a0:69:dd:88:4d:e7:
fd:8b:c9:64:58:6b:1f:5e:9d:b8:51:2c:36:e2:bd:ac:a4:bd:
46:95:86:62:6b:ab:de:97:cf:98:5f:69:1c:d6:3f:bc:71:ef:
8f:39:86:1b:41:f5:44:ec:57:37:02:97:67:6d:31:c7:f6:21:
61:5a:dc:a6:25:6a:57:e3:3a:0d:de:ff:98:df:c0:36:2f:ce:
90:a9:ea:07:43:85:0a:3e:e7:fc:98:d5:7c:40:37:fb:67:48:
51:16:bf:47:16:b0:50:04:13:4e:b6:3b:c4:a6:cf:22:4a:bc:
b8:c9:a7:96:0f:e4:d6:8d:3c:92:00:e7:3d:52:5a:12:86:87:
6c:0c:75:b9:47:07:30:64:29:a2:12:25:7d:65:f5:ed:0a:09:
11:34:52:f3:75:cc:ad:d6:8d:5c:20:de:8e:cc:54:75:d1:7a:
09:03:89:a6:e4:89:6d:9b:f6:7c:20:87:b1:24:6b:08:bd:c4:
13:14:a5:fb:fd:fa:df:0a:bd:04:59:34:1e:9a:4c:e0:26:e6:
1a:d2:20:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULfeHkgOVDutxzGkxpVCmXhZzbnwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NjA2YTM5YmIyYjMzZjhkYjBjY2U2NmNmMjNmYzYwN2YwZmNmNDVjNWRi
YjI0YjM1ZjM4ZGIyNzcyMDc1ZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJLaT0jK6EXqgIqjsuutyfY0TO/ZAVZBNEqATxy3UnkjZMAUxKPJT8z0sy8+
xQi0q106HIbL9LfJlOjb8KEgNC3ibVCs1t+aY0d1csoydcwbapz2RnTbCdQByR7o
LlBaCt1xz3f6ZBl9WvSs0JYrwgItbVy8UgxGeX1zbDgrnWOnLJFZVUWLDzTTs3S/
xML6ZWhNILGxSXUNQTDqPDlOAwBG6uzYSMWXcAdg+usOvzNLTxNE3WswIVU36Bjq
1HZIzMiZqsSQiNqyfZnbKTfi4aui5BKJ3TwnHi5LoqYFjDrnQWG92rkascopytrI
KDbpVRTXmZed9xeQpRdQxsD+J28CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYgpdX
KEztR6yUb/1bRtgKleJKhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFhNDY4OTYtZGZjMC00YmUxLTkxYmUtNjJmZDA2MjZjMjkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQDTFzTbaFZRYjE+2jiKZCNBdO/Xs9J1FZ/Ed27KKnVg
DwbPd3IYodI5okUZolEzOrigad2ITef9i8lkWGsfXp24USw24r2spL1GlYZia6ve
l8+YX2kc1j+8ce+POYYbQfVE7Fc3ApdnbTHH9iFhWtymJWpX4zoN3v+Y38A2L86Q
qeoHQ4UKPuf8mNV8QDf7Z0hRFr9HFrBQBBNOtjvEps8iSry4yaeWD+TWjTySAOc9
UloShodsDHW5RwcwZCmiEiV9ZfXtCgkRNFLzdcyt1o1cIN6OzFR10XoJA4mm5Ilt
m/Z8IIexJGsIvcQTFKX7/frfCr0EWTQemkzgJuYa0iBL
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org