Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: 9bs+sVCpWjcZ7sblvkvHvNLHRnLpG8T3REXe6loTAwo=
Subject key identifier: 36:41:C9:EA:A9:21:C8:E8:51:30:21:B9:98:5E:29:2B:36:AD:2D:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7C5C3FC4565FE220F30F27693EEB88C40EA59D31
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:5c:3f:c4:56:5f:e2:20:f3:0f:27:69:3e:eb:88:c4:0e:a5:9d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=12cf31af5438dc8e0647894c2ce56fcbfad8b088d9524e306f69ef1f09160e72, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:e3:a6:55:e7:19:e1:02:5c:4d:f9:96:50:
d3:1b:41:a4:09:da:67:1e:ec:50:62:35:ba:ac:8c:
1f:ce:f8:cd:cd:2f:4d:81:ec:b8:d2:7a:90:53:75:
14:bb:50:fc:86:15:f0:07:54:4c:6a:2f:47:44:4d:
bd:4a:1c:f8:3e:e5:ca:e5:8e:4f:ba:51:c6:90:cd:
9a:9c:d9:bf:3e:e0:5f:e8:62:4e:aa:16:74:8b:98:
9f:72:d3:3f:24:92:c7:38:43:a3:a1:f9:3d:59:fc:
fc:48:ca:6d:07:2f:9b:ea:e7:ef:fc:f5:8c:ef:c4:
16:92:7e:07:2a:cc:82:ac:fa:3d:2a:27:5f:ea:0e:
3b:2e:bf:a9:b8:8e:97:44:5e:4b:ea:97:ad:12:9c:
12:89:22:01:f5:c1:06:da:39:3b:df:96:88:9a:a5:
7c:43:9e:45:33:dc:c4:6a:d8:d8:56:75:f2:67:41:
57:f0:89:e2:72:28:12:2d:5f:68:db:5f:cb:70:c8:
f1:64:4f:b8:4e:d7:10:d8:d4:84:ca:e3:c3:55:34:
f1:0d:91:38:9c:38:66:71:74:be:e7:90:34:d5:1d:
e9:33:d6:d5:52:43:3a:1f:cc:18:af:dd:92:26:44:
e8:62:cb:8b:44:61:51:df:87:0d:ca:a6:2f:47:a3:
ef:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:41:C9:EA:A9:21:C8:E8:51:30:21:B9:98:5E:29:2B:36:AD:2D:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:e3:96:1a:83:d5:f2:34:1a:69:37:32:cc:6a:6d:8a:1a:79:
30:f9:78:58:ac:63:c4:de:26:fa:d6:eb:fc:ef:32:92:2d:fc:
1e:b6:b0:95:29:26:4a:89:e9:a5:17:01:af:3e:1b:0c:13:3c:
50:16:b7:65:c0:8f:92:bf:e1:20:8c:0d:57:92:7b:f3:92:3c:
36:c8:88:c4:42:f3:c3:b9:7e:17:3e:b1:6c:b9:6f:e6:ae:a5:
cb:84:57:6c:ee:b0:b6:d7:4a:9d:d8:e0:c6:8f:1d:c6:12:54:
fe:ae:57:9a:20:f8:ee:33:c9:0a:9e:b2:d5:d2:8e:62:41:cc:
0b:36:e8:5a:72:6b:f6:9e:38:f8:ef:ad:45:83:1c:5d:7e:b6:
45:28:9b:75:d4:36:5b:df:5a:3e:ae:9c:2b:66:79:38:34:19:
8c:98:b6:61:d6:e7:46:b4:28:10:81:0b:15:88:87:ac:ce:b7:
e9:9e:21:1f:f1:78:74:59:1b:e1:3f:db:8c:b5:8a:25:1a:f7:
aa:ec:2b:ed:a2:95:26:7e:8a:40:bd:a2:66:32:62:29:15:92:
0b:c9:61:07:74:f7:a9:43:5d:6b:0b:7f:68:9d:58:32:13:23:
3c:71:42:db:ec:d9:e7:32:15:78:86:e6:7b:56:8d:20:a6:e8:
bb:90:78:b0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfFw/xFZf4iDzDydpPuuIxA6lnTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyY2YzMWFmNTQzOGRjOGUwNjQ3ODk0YzJjZTU2ZmNiZmFkOGIwODhkOTUy
NGUzMDZmNjllZjFmMDkxNjBlNzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVu46ZV5xnhAlxN+ZZQ0xtBpAnaZx7sUGI1uqyMH874zc0vTYHsuNJ6kFN1
FLtQ/IYV8AdUTGovR0RNvUoc+D7lyuWOT7pRxpDNmpzZvz7gX+hiTqoWdIuYn3LT
PySSxzhDo6H5PVn8/EjKbQcvm+rn7/z1jO/EFpJ+ByrMgqz6PSonX+oOOy6/qbiO
l0ReS+qXrRKcEokiAfXBBto5O9+WiJqlfEOeRTPcxGrY2FZ18mdBV/CJ4nIoEi1f
aNtfy3DI8WRPuE7XENjUhMrjw1U08Q2ROJw4ZnF0vueQNNUd6TPW1VJDOh/MGK/d
kiZE6GLLi0RhUd+HDcqmL0ej78kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2Qcnq
qSHI6FEwIbmYXikrNq0tMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQA145Yag9XyNBppNzLMam2KGnkw+XhYrGPE3ib61uv8
7zKSLfwetrCVKSZKiemlFwGvPhsMEzxQFrdlwI+Sv+EgjA1Xknvzkjw2yIjEQvPD
uX4XPrFsuW/mrqXLhFds7rC210qd2ODGjx3GElT+rleaIPjuM8kKnrLV0o5iQcwL
Nuhacmv2njj4761FgxxdfrZFKJt11DZb31o+rpwrZnk4NBmMmLZh1udGtCgQgQsV
iIeszrfpniEf8Xh0WRvhP9uMtYolGveq7CvtopUmfopAvaJmMmIpFZILyWEHdPep
Q11rC39onVgyEyM8cULb7NnnMhV4huZ7Vo0gpui7kHiw
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org