Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
File: ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa (raw, json)
Hash identifier: fMZnf9N5qfehVWgPRCAR6rJ9pXBgIeQAbn5NdF/xeA0=
Subject key identifier: AE:2F:A8:73:28:01:37:0F:C0:93:D1:67:18:FB:D4:16:AE:3F:96:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55577E0AE9B397F34C8F118E6ACBC5BC63500B37
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:57:7e:0a:e9:b3:97:f3:4c:8f:11:8e:6a:cb:c5:bc:63:50:0b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=43a7a9875721e39194bf64a0e4b1bc1f586f955205c9d5e6c3c38fe25ae6ddb8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:06:ef:11:1b:0f:bd:a0:6e:b4:8e:88:68:
a4:b5:b7:ac:ff:65:0b:2a:47:09:73:b2:c2:bb:4b:
d5:a8:56:19:62:1c:63:79:9d:c3:20:94:89:72:cc:
5f:24:e0:41:6e:93:bf:3e:1f:29:74:c7:02:91:d4:
b3:28:30:1d:af:76:26:11:6a:c9:51:40:db:39:02:
68:56:84:52:80:fa:39:ca:90:e3:4a:1c:9d:7a:30:
91:01:94:59:03:f1:ac:fd:be:95:90:63:bd:33:54:
37:53:50:7f:b6:a3:eb:ba:2b:fb:c7:98:7e:d7:cb:
5a:f9:ee:a6:30:c5:25:82:e9:ae:fa:be:23:e5:fd:
7a:32:2c:cd:9e:03:10:45:e6:72:a2:61:36:83:d2:
0c:30:b2:89:da:2b:52:3c:4e:74:f1:86:c8:af:9e:
34:13:a2:a8:0c:46:bb:81:ab:8a:5a:51:98:5c:c3:
de:3a:50:e4:62:b8:d8:92:20:2d:95:fa:f3:71:b4:
f3:69:3f:bd:57:fe:8f:e5:c8:4c:c0:90:33:fc:bd:
df:fd:c6:df:19:de:af:a9:f6:e2:00:5f:f9:64:ad:
83:86:38:3c:90:a9:34:51:1b:87:8b:06:6e:58:7b:
1d:64:50:5a:bc:43:19:4e:9f:b5:1a:03:92:bf:31:
22:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2F:A8:73:28:01:37:0F:C0:93:D1:67:18:FB:D4:16:AE:3F:96:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef1a032c-6b4a-4f4b-ac0e-89624058b38e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:30:cc:fb:b6:ec:b1:35:2d:35:ed:0b:51:ea:fa:1e:62:75:
b3:c6:79:d0:31:75:64:ec:15:0e:35:e3:bb:0d:3a:0a:20:08:
63:8b:f6:08:d9:71:14:7c:c1:97:5a:d6:f3:ad:de:81:4b:ae:
41:78:3a:82:17:c5:36:39:c3:de:93:1c:0e:cf:08:de:4b:51:
f1:20:27:50:78:f4:1c:96:50:b6:30:bf:46:00:39:5a:ac:b7:
a5:b9:cd:14:fc:09:98:b2:d3:89:cb:84:30:d6:3b:e2:9c:39:
a9:78:c0:79:77:39:a2:78:40:d7:06:02:e1:3a:c7:f1:45:0d:
3b:3b:f6:d4:83:55:b3:29:1b:27:6a:63:7a:0b:aa:95:f0:1a:
19:0c:2d:39:e6:1f:c1:0f:e5:ae:be:58:bc:fc:a2:1e:0c:da:
d0:f2:cd:ea:82:a7:78:18:33:3c:af:5b:51:ad:d6:fc:bc:4d:
91:9b:b7:bc:db:75:47:2b:a1:92:20:41:6a:f1:d7:4b:c6:f5:
af:2f:bb:ec:c8:fe:1e:fe:21:d3:0f:d9:c2:37:58:27:aa:d2:
af:bf:4d:c7:ca:62:cc:86:6a:db:51:2e:2a:b5:d8:2f:7e:af:
21:55:d5:47:ea:18:f7:30:7b:04:59:98:bc:ae:05:66:56:23:
a8:dc:dc:2c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVVd+Cumzl/NMjxGOasvFvGNQCzcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzYTdhOTg3NTcyMWUzOTE5NGJmNjRhMGU0YjFiYzFmNTg2Zjk1NTIwNWM5
ZDVlNmMzYzM4ZmUyNWFlNmRkYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKayBu8RGw+9oG60johopLW3rP9lCypHCXOywrtL1ahWGWIcY3mdwyCUiXLM
XyTgQW6Tvz4fKXTHApHUsygwHa92JhFqyVFA2zkCaFaEUoD6OcqQ40ocnXowkQGU
WQPxrP2+lZBjvTNUN1NQf7aj67or+8eYftfLWvnupjDFJYLprvq+I+X9ejIszZ4D
EEXmcqJhNoPSDDCyidorUjxOdPGGyK+eNBOiqAxGu4GrilpRmFzD3jpQ5GK42JIg
LZX683G082k/vVf+j+XITMCQM/y93/3G3xner6n24gBf+WStg4Y4PJCpNFEbh4sG
blh7HWRQWrxDGU6ftRoDkr8xIlkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSuL6hz
KAE3D8CT0WcY+9QWrj+WdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYxYTAzMmMtNmI0YS00ZjRiLWFjMGUtODk2MjQwNThiMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQAiMMz7tuyxNS017QtR6voeYnWzxnnQMXVk7BUONeO7
DToKIAhji/YI2XEUfMGXWtbzrd6BS65BeDqCF8U2OcPekxwOzwjeS1HxICdQePQc
llC2ML9GADlarLeluc0U/AmYstOJy4Qw1jvinDmpeMB5dzmieEDXBgLhOsfxRQ07
O/bUg1WzKRsnamN6C6qV8BoZDC055h/BD+Wuvli8/KIeDNrQ8s3qgqd4GDM8r1tR
rdb8vE2Rm7e823VHK6GSIEFq8ddLxvWvL7vsyP4e/iHTD9nCN1gnqtKvv03HymLM
hmrbUS4qtdgvfq8hVdVH6hj3MHsEWZi8rgVmViOo3Nws
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org