Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
File: f60b4750-e7e3-4460-ba65-978713bb9e2a.roa (raw, json)
Hash identifier: 1p0yWKmXOaS7L7qv9ToHjSwrCpM9Xo6ooxDr1SsyHo0=
Subject key identifier: 9E:10:BB:69:08:9F:EF:E4:F7:6E:EB:02:80:90:DB:6F:75:D9:FC:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78B55C34137DB9117FEBE63AECD6A5CD088A5CAC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b5:5c:34:13:7d:b9:11:7f:eb:e6:3a:ec:d6:a5:cd:08:8a:5c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=e9b06beddcafaf4c32904a7551bf420a572c6e115d9a14fb1192371d5a3da603, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:73:08:48:4e:f4:19:de:68:b2:ae:4d:9e:16:
1f:29:0d:39:6f:d3:1b:ff:13:1b:80:de:0c:99:33:
b1:37:32:18:d4:1e:cf:f7:8d:25:d1:2c:21:51:39:
a0:7f:2b:37:b0:a9:dd:80:71:49:cb:62:c0:53:8b:
67:9d:10:4b:40:ca:20:25:e2:6e:b1:8e:46:38:af:
f8:41:d7:45:43:99:72:f4:e8:af:7d:32:da:b5:df:
cc:20:63:e6:b4:71:cd:7b:b5:0d:7b:cf:0c:fe:6f:
9e:20:14:38:20:bc:24:aa:7f:24:c5:9c:86:02:06:
79:cd:53:8e:f8:4f:98:96:94:50:4e:28:cd:a3:d2:
50:ec:57:2e:41:5d:17:73:f1:31:73:6c:74:d7:fc:
aa:a0:92:80:ab:db:35:97:ba:9b:7a:5c:bd:ee:ba:
fd:98:d3:d5:4e:86:66:e0:d7:a9:6c:f0:1a:b1:e7:
85:11:9a:71:a1:75:30:cc:2e:82:67:46:f2:39:53:
56:f3:25:a3:0f:5a:d6:36:5b:23:d7:45:79:ad:e3:
98:e9:03:a5:e6:7e:8b:1b:59:83:df:2f:f6:e2:2d:
5c:d8:e3:e7:e4:b5:bf:59:8f:4d:98:1e:9b:01:1d:
20:47:81:3d:d6:64:96:0c:02:30:db:92:cf:cd:84:
e4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:10:BB:69:08:9F:EF:E4:F7:6E:EB:02:80:90:DB:6F:75:D9:FC:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f60b4750-e7e3-4460-ba65-978713bb9e2a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/24
Signature Algorithm: sha256WithRSAEncryption
63:da:e7:cb:3b:ee:8c:0c:e1:7b:77:59:8b:18:fa:5b:66:5a:
89:e9:5c:31:af:51:c7:c3:fb:00:2e:fe:2e:43:c7:d7:92:e5:
c1:c9:9b:78:03:f1:73:18:ed:10:cd:39:b2:47:82:76:13:e3:
9a:af:a9:58:b7:34:03:3c:54:47:88:50:54:38:f7:4a:8c:56:
ce:85:34:0a:14:e4:4a:7a:de:c4:93:3d:f4:76:30:2d:18:a7:
ea:cc:13:91:75:87:60:49:64:c8:d7:b2:41:44:28:2e:f5:b4:
1f:41:7e:91:bb:f1:ae:74:bd:04:b5:66:da:61:ab:c9:cd:f2:
06:12:57:5a:d1:b1:81:24:8e:43:58:b5:7c:29:88:05:1c:83:
7e:7f:dd:19:25:13:6f:02:86:f3:b5:a8:19:02:bc:81:40:57:
e4:86:f8:d2:1b:58:9b:1a:3a:47:84:a7:58:c8:d1:8d:3d:aa:
c9:8f:ce:c5:99:55:42:71:b5:27:2b:6b:b2:c9:68:94:ea:74:
33:f9:78:cf:be:84:cf:4d:69:b8:71:a7:52:94:d3:ae:b5:27:
2b:a0:05:3b:d0:2c:fa:2c:3a:49:9e:c8:9e:20:51:69:81:b1:
99:86:a0:ee:fd:74:35:4e:e5:9a:da:0f:dd:66:9f:76:a1:16:
59:dd:86:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeLVcNBN9uRF/6+Y67NalzQiKXKwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5YjA2YmVkZGNhZmFmNGMzMjkwNGE3NTUxYmY0MjBhNTcyYzZlMTE1ZDlh
MTRmYjExOTIzNzFkNWEzZGE2MDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNzCEhO9BneaLKuTZ4WHykNOW/TG/8TG4DeDJkzsTcyGNQez/eNJdEsIVE5
oH8rN7Cp3YBxSctiwFOLZ50QS0DKICXibrGORjiv+EHXRUOZcvTor30y2rXfzCBj
5rRxzXu1DXvPDP5vniAUOCC8JKp/JMWchgIGec1TjvhPmJaUUE4ozaPSUOxXLkFd
F3PxMXNsdNf8qqCSgKvbNZe6m3pcve66/ZjT1U6GZuDXqWzwGrHnhRGacaF1MMwu
gmdG8jlTVvMlow9a1jZbI9dFea3jmOkDpeZ+ixtZg98v9uItXNjj5+S1v1mPTZge
mwEdIEeBPdZklgwCMNuSz82E5CUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSeELtp
CJ/v5Pdu6wKAkNtvddn8CjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjYwYjQ3NTAtZTdlMy00NDYwLWJhNjUtOTc4NzEzYmI5ZTJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAY9rnyzvujAzhe3dZixj6W2ZaielcMa9Rx8P7AC7+
LkPH15LlwcmbeAPxcxjtEM05skeCdhPjmq+pWLc0AzxUR4hQVDj3SoxWzoU0ChTk
SnrexJM99HYwLRin6swTkXWHYElkyNeyQUQoLvW0H0F+kbvxrnS9BLVm2mGryc3y
BhJXWtGxgSSOQ1i1fCmIBRyDfn/dGSUTbwKG87WoGQK8gUBX5Ib40htYmxo6R4Sn
WMjRjT2qyY/OxZlVQnG1JytrsslolOp0M/l4z76Ez01puHGnUpTTrrUnK6AFO9As
+iw6SZ7IniBRaYGxmYag7v10NU7lmtoP3WafdqEWWd2Guw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org