Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
File: f4d4070b-fb20-4536-8c71-53420a83e347.roa (raw, json)
Hash identifier: 9VUiQ9sDqrN19/9gUdv1Ly5InqksVUB5BW869Uc2IIk=
Subject key identifier: 4E:40:8E:F6:30:43:7C:65:B1:63:AA:15:92:B6:98:77:2C:D9:18:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D3EAB7B9FBFEC0DA33E32677CB6919C1A458753
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3e:ab:7b:9f:bf:ec:0d:a3:3e:32:67:7c:b6:91:9c:1a:45:87:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=29182bec4e450ef101b08bf602799f942aeb078bf86f80192e02341b386811f8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:92:05:43:1e:7a:be:17:66:ce:c9:43:2f:e3:
f0:3d:dd:3f:6f:a9:13:6c:03:56:fc:37:7a:d5:fc:
f8:9c:e4:f2:2e:0c:6e:8c:aa:c1:f4:fd:c6:d0:1a:
8d:4e:0f:4a:7d:b6:7e:b9:ea:75:85:44:ee:69:e5:
3a:a3:da:72:f0:32:e0:72:9f:c2:57:a8:dc:19:4b:
6e:66:dc:81:22:d4:a3:83:07:8d:d9:f0:d8:5a:bb:
e8:ea:c8:e9:9b:3d:78:3c:78:46:ae:96:d0:7f:6e:
0b:51:d5:f5:29:93:7f:75:50:1f:03:a1:a6:92:15:
b1:bf:6a:bf:6a:39:d6:a5:7f:9e:b4:98:78:ae:e3:
de:95:53:6c:da:1f:e3:41:db:ab:2d:59:0d:c6:d6:
8e:16:2b:22:f4:da:4f:de:d9:b9:28:a3:41:63:08:
fc:3b:c1:0b:15:6b:b8:ce:61:1e:5f:6b:33:52:09:
7f:cd:81:72:df:a5:6f:6d:6f:2e:68:e4:8d:61:f6:
f5:70:25:16:ad:de:80:2a:60:ea:0f:f7:7b:80:82:
17:89:75:90:28:eb:cd:17:4c:3c:e2:39:46:2e:df:
4a:27:83:fb:2a:b5:5b:20:5e:ca:d5:e4:63:0d:55:
d2:b6:cd:e3:b1:bd:f5:6e:f8:ea:0c:03:fa:4a:5c:
e5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:40:8E:F6:30:43:7C:65:B1:63:AA:15:92:B6:98:77:2C:D9:18:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f4d4070b-fb20-4536-8c71-53420a83e347.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:ae:33:5a:68:2c:32:e2:c4:68:b1:fe:90:50:9e:bd:6e:d2:
65:b2:f9:70:70:78:40:95:2f:dd:3b:4d:74:38:cc:3a:60:41:
7e:f7:cb:ad:86:3b:f9:2d:a4:6c:54:28:e7:22:42:8f:9a:e2:
e1:3c:4f:be:38:5e:28:d4:ec:d6:df:72:c7:aa:28:f8:6f:e2:
ea:7c:e3:ea:fc:bb:a8:e9:e4:15:92:8d:f9:f1:98:b9:6b:1a:
29:3f:fe:47:da:fb:0f:ed:c9:7b:c0:e9:2e:33:ed:35:87:bd:
5d:58:b8:c9:41:f2:fa:21:bd:d4:4f:f8:bf:e0:0e:22:ad:5b:
e0:b7:a3:90:98:4f:0a:f0:0d:b8:68:05:a8:c4:84:19:75:bf:
6f:fe:f4:cb:9b:b9:94:9f:d6:d1:3f:07:7a:7b:60:b0:b8:20:
ef:ef:60:85:db:7f:4a:d0:a3:d5:44:72:e9:e1:35:f0:3b:cf:
e3:ff:85:ce:38:25:b5:46:b1:b1:0a:32:3d:cd:9b:9c:23:16:
47:42:5f:7f:3b:7b:bd:bb:f9:c4:1f:ea:8c:4d:16:d7:70:9a:
e8:88:e9:d6:65:a3:6a:13:f6:79:e0:4f:36:6f:4b:28:43:b6:
f7:65:21:a0:3d:5f:9f:fd:e6:73:fd:a3:0d:a5:42:fc:80:69:
57:64:80:44
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHT6re5+/7A2jPjJnfLaRnBpFh1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MTgyYmVjNGU0NTBlZjEwMWIwOGJmNjAyNzk5Zjk0MmFlYjA3OGJmODZm
ODAxOTJlMDIzNDFiMzg2ODExZjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6SBUMeer4XZs7JQy/j8D3dP2+pE2wDVvw3etX8+Jzk8i4MboyqwfT9xtAa
jU4PSn22frnqdYVE7mnlOqPacvAy4HKfwleo3BlLbmbcgSLUo4MHjdnw2Fq76OrI
6Zs9eDx4Rq6W0H9uC1HV9SmTf3VQHwOhppIVsb9qv2o51qV/nrSYeK7j3pVTbNof
40Hbqy1ZDcbWjhYrIvTaT97ZuSijQWMI/DvBCxVruM5hHl9rM1IJf82Bct+lb21v
LmjkjWH29XAlFq3egCpg6g/3e4CCF4l1kCjrzRdMPOI5Ri7fSieD+yq1WyBeytXk
Yw1V0rbN47G99W746gwD+kpc5QMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROQI72
MEN8ZbFjqhWStph3LNkY8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjRkNDA3MGItZmIyMC00NTM2LThjNzEtNTM0MjBhODNlMzQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQCFrjNaaCwy4sRosf6QUJ69btJlsvlwcHhAlS/dO010
OMw6YEF+98uthjv5LaRsVCjnIkKPmuLhPE++OF4o1OzW33LHqij4b+LqfOPq/Luo
6eQVko358Zi5axopP/5H2vsP7cl7wOkuM+01h71dWLjJQfL6Ib3UT/i/4A4irVvg
t6OQmE8K8A24aAWoxIQZdb9v/vTLm7mUn9bRPwd6e2CwuCDv72CF239K0KPVRHLp
4TXwO8/j/4XOOCW1RrGxCjI9zZucIxZHQl9/O3u9u/nEH+qMTRbXcJroiOnWZaNq
E/Z54E82b0soQ7b3ZSGgPV+f/eZz/aMNpUL8gGlXZIBE
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org