Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: WsDLDmN9EDOJCJ3/DShY4HjJtYtVvpbu2N+1UQGEqg4=
Subject key identifier: BB:78:DB:BC:EF:86:D2:77:9D:9D:AA:4E:1D:3A:EF:93:3A:A9:D9:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B56FCB42A4B02FAE93DCF9811C8590652783DD8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:56:fc:b4:2a:4b:02:fa:e9:3d:cf:98:11:c8:59:06:52:78:3d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=51e85282d5c3fcf3b25699958706a059d9224645154473db647006a233e51de1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:77:4f:0f:e0:28:be:f7:06:a8:35:89:98:88:
24:26:b3:3e:a5:ed:fa:b7:c1:20:12:b0:64:dc:94:
f1:84:28:14:cb:b0:77:eb:24:6c:7f:2d:c1:9f:75:
5c:17:22:33:ca:ca:a9:21:19:b5:6d:88:b5:d5:3b:
f2:16:d4:64:40:2a:ad:f6:d5:40:7c:bc:2e:58:34:
20:52:63:7f:bf:81:62:f3:5f:9c:9b:bd:f4:08:92:
30:96:03:9e:39:14:cb:07:4d:74:a2:44:9f:08:ab:
12:d5:b9:27:4e:77:8a:fa:0f:0e:8e:74:ff:85:5d:
3b:d9:4d:59:70:8d:41:dd:47:48:2a:6e:ed:a7:13:
7f:c3:d1:0f:81:7f:02:b2:7a:a1:a1:a6:de:06:c9:
53:b3:a6:ca:c3:d0:27:bd:3f:3d:1e:e3:76:11:39:
36:4f:0c:eb:d9:d1:4d:64:9d:ba:a6:5c:72:39:c1:
5f:9d:be:36:3a:b1:4a:1d:b5:bb:72:a1:df:91:96:
8f:41:6d:81:c2:54:dd:97:fd:b4:50:89:a6:5c:fd:
14:cb:15:c8:4e:71:6f:d9:51:05:95:c9:0d:00:13:
6a:2b:6e:36:c2:be:91:03:e4:48:74:8a:d1:80:57:
c1:1c:39:19:42:a4:43:de:d1:f6:98:da:ea:e8:fa:
0f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:78:DB:BC:EF:86:D2:77:9D:9D:AA:4E:1D:3A:EF:93:3A:A9:D9:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:53:ba:34:83:41:66:44:08:ab:ec:49:e8:d1:4d:2c:cb:d1:
24:f5:72:79:59:3f:d7:59:69:22:3d:9e:ad:02:79:69:e4:bd:
85:7b:e8:34:d8:cd:44:a1:97:d5:c5:9b:e3:07:44:7a:59:6c:
04:aa:e7:75:b1:14:48:8a:23:e6:e9:b5:fd:02:50:44:88:95:
1e:f3:01:39:56:db:ee:a4:7a:75:bb:8d:60:ea:61:8a:0a:62:
ac:f7:e6:3f:46:09:94:19:d9:98:2e:7d:f3:ba:de:81:e2:30:
73:67:b3:9c:5a:34:c1:ef:6a:60:8f:28:9c:4c:9f:b6:69:df:
43:73:b7:5b:e7:ce:0a:de:7d:20:3c:7a:e6:b7:af:a3:27:5d:
86:b4:c8:61:4b:a6:83:83:66:a6:77:0b:90:27:7f:92:66:7c:
e7:1d:4e:ee:84:29:d6:bc:82:03:c3:ef:63:27:dd:97:a4:27:
fa:4a:cd:ff:f6:76:63:1f:32:24:2f:35:5d:f2:35:6a:cd:49:
85:4c:17:79:ee:99:ce:30:fc:8c:4b:5e:6b:be:48:d2:b9:b2:
22:49:94:3d:0c:d9:29:3f:24:51:fd:4b:24:25:89:46:c3:94:
8f:b5:dd:ff:99:0b:fd:76:28:a1:1e:a9:01:fa:7f:76:96:f1:
29:8b:1f:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK1b8tCpLAvrpPc+YEchZBlJ4PdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxZTg1MjgyZDVjM2ZjZjNiMjU2OTk5NTg3MDZhMDU5ZDkyMjQ2NDUxNTQ0
NzNkYjY0NzAwNmEyMzNlNTFkZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANl3Tw/gKL73Bqg1iZiIJCazPqXt+rfBIBKwZNyU8YQoFMuwd+skbH8twZ91
XBciM8rKqSEZtW2ItdU78hbUZEAqrfbVQHy8Llg0IFJjf7+BYvNfnJu99AiSMJYD
njkUywdNdKJEnwirEtW5J053ivoPDo50/4VdO9lNWXCNQd1HSCpu7acTf8PRD4F/
ArJ6oaGm3gbJU7OmysPQJ70/PR7jdhE5Nk8M69nRTWSduqZccjnBX52+NjqxSh21
u3Kh35GWj0FtgcJU3Zf9tFCJplz9FMsVyE5xb9lRBZXJDQATaituNsK+kQPkSHSK
0YBXwRw5GUKkQ97R9pja6uj6D0cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7eNu8
74bSd52dqk4dOu+TOqnZDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQBiU7o0g0FmRAir7Eno0U0sy9Ek9XJ5WT/XWWkiPZ6t
Anlp5L2Fe+g02M1EoZfVxZvjB0R6WWwEqud1sRRIiiPm6bX9AlBEiJUe8wE5Vtvu
pHp1u41g6mGKCmKs9+Y/RgmUGdmYLn3zut6B4jBzZ7OcWjTB72pgjyicTJ+2ad9D
c7db584K3n0gPHrmt6+jJ12GtMhhS6aDg2amdwuQJ3+SZnznHU7uhCnWvIIDw+9j
J92XpCf6Ss3/9nZjHzIkLzVd8jVqzUmFTBd57pnOMPyMS15rvkjSubIiSZQ9DNkp
PyRR/UskJYlGw5SPtd3/mQv9diihHqkB+n92lvEpix93
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org