Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
File: fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa (raw, json)
Hash identifier: iPsI/yVb4rtpMWFKIm2C/iLlJ2DHkFaliaZNyQAlqXQ=
Subject key identifier: 78:D8:66:9F:81:DB:C8:41:03:B1:BF:83:FD:B6:AE:CA:FC:B8:63:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3FF4873B5CF14A6121BDF4A7A0C5AEA9095EBBF9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f4:87:3b:5c:f1:4a:61:21:bd:f4:a7:a0:c5:ae:a9:09:5e:bb:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=2ce689e1cb60af8bda349b94a6cb788c7ad3fdedd0ec4fc67f8efecbd226aea0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:85:72:bd:2c:e8:c9:18:80:9b:e8:4f:a9:ae:
c0:45:af:00:c8:9f:34:eb:6c:dd:5b:cf:b3:b7:ad:
1a:a3:0c:e2:a0:36:89:a4:c5:2d:55:95:4a:df:fc:
37:9e:2f:4f:41:9d:03:9e:b1:27:00:9d:20:86:06:
f7:7a:13:77:cb:b6:af:36:9d:2a:0e:8e:9a:6d:e1:
31:33:14:b8:b1:48:66:bb:6c:54:8a:34:b5:a6:f9:
9d:b8:ef:57:fb:fe:0d:0a:65:c2:bb:1f:5c:58:09:
5c:c2:d7:2f:a9:54:e8:2c:aa:49:72:8c:06:37:7a:
6b:a0:f5:86:0b:20:6d:9d:e1:96:35:85:e2:0d:a5:
a3:a7:44:0b:2d:9e:52:a0:2d:f6:e8:ce:15:28:29:
90:79:41:60:c6:dc:79:7e:71:3b:c9:33:ea:96:b0:
9c:dc:8a:92:d8:ed:30:e5:5e:48:9f:2f:a1:e2:0c:
24:7a:6b:a1:64:51:17:1c:b6:a5:a1:7f:8d:f7:f1:
36:56:fa:57:84:27:48:6d:4e:41:98:60:ed:ba:49:
71:12:ba:3e:fb:72:c6:1c:99:be:01:ae:5a:e0:05:
78:b6:e3:d0:b4:8e:71:0b:15:ac:4f:bb:f3:66:b6:
76:c9:06:ba:a8:c5:ad:af:51:93:15:ed:af:5e:4f:
ba:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D8:66:9F:81:DB:C8:41:03:B1:BF:83:FD:B6:AE:CA:FC:B8:63:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe96f6e6-74b1-4f69-bb18-2d9aae354d8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e6:29:39:b2:6c:31:95:b6:5f:31:34:23:b5:6b:19:19:07:
64:46:5b:4b:5a:a5:ab:78:cc:ee:de:b6:d9:77:1d:9e:3f:2b:
5f:53:98:4a:60:e0:f4:b1:c8:62:31:69:38:56:cb:ca:64:de:
94:53:6d:b2:4a:82:0f:3d:f9:95:55:06:21:a9:06:da:25:09:
ea:2a:48:7d:0a:69:d8:9d:dd:ba:0d:91:e1:bc:90:11:e0:31:
f1:65:6c:bd:80:ab:24:2b:04:af:39:6c:22:3f:76:38:bc:00:
3e:a9:3d:aa:98:2e:5d:7e:43:32:63:25:9c:03:81:14:05:a6:
91:b5:88:ac:f3:b8:ca:4f:8c:3c:a1:3f:d2:43:d7:ba:93:76:
65:ef:38:42:3a:60:81:a0:d3:8d:2a:6b:2e:86:c9:1b:80:ed:
66:c3:e3:8b:15:a7:5a:e4:c9:f6:9a:4d:9b:83:8a:15:67:61:
bb:7d:d0:d3:fb:11:7f:6b:d8:e6:b4:1f:84:e7:7e:40:8f:44:
b3:6f:66:00:df:26:2c:06:c4:55:e5:5d:cc:f8:ce:c4:c0:4e:
72:aa:e6:38:40:bb:84:dd:28:c5:4a:d5:43:94:d3:fb:e8:b0:
55:a0:a6:92:c4:55:9b:67:f8:50:1d:e9:9c:bd:02:77:86:01:
89:6b:cc:f7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP/SHO1zxSmEhvfSnoMWuqQleu/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZTY4OWUxY2I2MGFmOGJkYTM0OWI5NGE2Y2I3ODhjN2FkM2ZkZWRkMGVj
NGZjNjdmOGVmZWNiZDIyNmFlYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiFcr0s6MkYgJvoT6muwEWvAMifNOts3VvPs7etGqMM4qA2iaTFLVWVSt/8
N54vT0GdA56xJwCdIIYG93oTd8u2rzadKg6Omm3hMTMUuLFIZrtsVIo0tab5nbjv
V/v+DQplwrsfXFgJXMLXL6lU6CyqSXKMBjd6a6D1hgsgbZ3hljWF4g2lo6dECy2e
UqAt9ujOFSgpkHlBYMbceX5xO8kz6pawnNyKktjtMOVeSJ8voeIMJHproWRRFxy2
paF/jffxNlb6V4QnSG1OQZhg7bpJcRK6PvtyxhyZvgGuWuAFeLbj0LSOcQsVrE+7
82a2dskGuqjFra9RkxXtr15PukcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR42Gaf
gdvIQQOxv4P9tq7K/Lhj9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU5NmY2ZTYtNzRiMS00ZjY5LWJiMTgtMmQ5YWFlMzU0ZDhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAOeYpObJsMZW2XzE0I7VrGRkHZEZbS1qlq3jM7t62
2Xcdnj8rX1OYSmDg9LHIYjFpOFbLymTelFNtskqCDz35lVUGIakG2iUJ6ipIfQpp
2J3dug2R4byQEeAx8WVsvYCrJCsErzlsIj92OLwAPqk9qpguXX5DMmMlnAOBFAWm
kbWIrPO4yk+MPKE/0kPXupN2Ze84QjpggaDTjSprLobJG4DtZsPjixWnWuTJ9ppN
m4OKFWdhu33Q0/sRf2vY5rQfhOd+QI9Es29mAN8mLAbEVeVdzPjOxMBOcqrmOEC7
hN0oxUrVQ5TT++iwVaCmksRVm2f4UB3pnL0Cd4YBiWvM9w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org