Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
File: 4291e769-5d4c-4010-818f-64c1716d6e54.roa (raw, json)
Hash identifier: yDLbh/dk9wPgrgceZN3MbMsC0bODsEavewRAc3fIgKE=
Subject key identifier: F1:1B:B8:89:F1:02:E4:04:70:66:48:EB:40:EA:9C:88:07:70:42:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0848AC20A4BF538591A852931C8D683B61E4B13F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:48:ac:20:a4:bf:53:85:91:a8:52:93:1c:8d:68:3b:61:e4:b1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=396f79c2fe38189bd2f7050e54f0bb8754902edd334247d4d686b8f52edfffd2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8e:07:da:f4:ac:81:10:77:87:ed:5a:80:f9:
80:35:fe:17:b3:4a:9c:02:d2:1b:6c:61:0b:74:f3:
6d:80:f1:b1:d7:9d:7d:2a:07:f6:8b:c0:a4:3d:9f:
3d:3c:c6:ab:ef:62:1b:95:7d:31:59:d1:47:c9:02:
19:aa:17:ab:d5:66:6d:ac:fd:82:6c:df:ab:9f:f4:
3f:cf:75:e2:dd:63:e1:9e:14:64:22:d5:bc:c2:30:
47:17:3a:36:12:bf:5d:40:f6:13:89:13:af:c0:07:
4e:0a:1c:94:9e:d7:30:76:0f:9e:6c:9e:f5:4f:4d:
20:65:18:db:63:95:12:5b:e3:b0:95:65:ad:13:ae:
96:3e:87:8e:c8:ff:5a:e0:5c:d2:7d:90:89:c2:0e:
03:01:92:20:69:06:01:1b:e0:7f:f2:31:0c:a0:57:
21:2a:6c:f5:33:89:1e:a9:e2:fd:55:67:5b:fb:ff:
2b:e3:71:fa:f5:5f:13:9e:24:7e:f4:ca:31:ef:34:
77:65:82:1d:d2:3b:6d:44:ac:92:b0:5c:2b:2f:37:
7d:54:6b:df:c1:03:a0:ae:e8:c7:31:db:1b:f3:68:
3d:f3:31:50:43:ae:03:67:fd:19:ac:f3:f5:fb:bd:
44:1a:3f:17:f7:fc:14:20:36:98:91:27:60:ec:89:
01:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1B:B8:89:F1:02:E4:04:70:66:48:EB:40:EA:9C:88:07:70:42:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4291e769-5d4c-4010-818f-64c1716d6e54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:68:df:89:eb:42:d8:a8:4b:8d:56:a5:86:dd:a4:f5:f4:27:
89:b0:ce:40:3d:d2:73:00:c4:48:72:74:15:ec:7f:63:b5:48:
da:93:25:95:eb:e0:bc:14:d4:1c:c6:ed:ea:77:6d:ae:cd:16:
df:a2:f5:c7:27:b5:4b:8f:dd:02:1c:3d:8a:bc:b4:78:a9:31:
84:12:d3:0c:a5:26:67:21:b2:e5:90:1b:f1:9c:42:3c:18:cd:
72:62:bc:cd:9c:51:58:79:ef:e0:40:8c:d0:4a:6c:c6:b1:66:
1c:bc:40:65:9b:a0:f2:7e:83:34:f8:ed:ca:05:a8:2f:79:28:
6f:ea:85:e1:55:a1:ea:b9:ba:cc:7e:2c:ff:bd:82:aa:30:d1:
b5:0d:6a:ce:23:02:9d:51:40:93:a3:32:c5:44:c1:72:8f:ac:
17:aa:21:04:f7:b6:bd:b4:d3:3d:1c:2b:3c:50:44:df:60:3e:
84:31:ca:fa:b3:21:a6:05:98:70:50:ad:46:87:fc:83:6b:24:
40:95:77:71:89:71:0a:0a:b4:d6:d6:51:16:11:11:93:ea:ea:
18:46:a8:cc:7c:75:17:8c:6c:76:23:33:9a:fc:9e:13:5b:20:
4f:a5:c9:d8:61:96:01:df:d2:e4:51:d0:19:06:bd:25:4e:61:
17:bb:48:89
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCEisIKS/U4WRqFKTHI1oO2HksT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5NmY3OWMyZmUzODE4OWJkMmY3MDUwZTU0ZjBiYjg3NTQ5MDJlZGQzMzQy
NDdkNGQ2ODZiOGY1MmVkZmZmZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmOB9r0rIEQd4ftWoD5gDX+F7NKnALSG2xhC3TzbYDxsdedfSoH9ovApD2f
PTzGq+9iG5V9MVnRR8kCGaoXq9Vmbaz9gmzfq5/0P8914t1j4Z4UZCLVvMIwRxc6
NhK/XUD2E4kTr8AHTgoclJ7XMHYPnmye9U9NIGUY22OVElvjsJVlrROulj6Hjsj/
WuBc0n2QicIOAwGSIGkGARvgf/IxDKBXISps9TOJHqni/VVnW/v/K+Nx+vVfE54k
fvTKMe80d2WCHdI7bUSskrBcKy83fVRr38EDoK7oxzHbG/NoPfMxUEOuA2f9Gazz
9fu9RBo/F/f8FCA2mJEnYOyJAW0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTxG7iJ
8QLkBHBmSOtA6pyIB3BCkDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDI5MWU3NjktNWQ0Yy00MDEwLTgxOGYtNjRjMTcxNmQ2ZTU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfGjfietC2KhLjValht2k9fQnibDOQD3ScwDESHJ0
Fex/Y7VI2pMllevgvBTUHMbt6ndtrs0W36L1xye1S4/dAhw9iry0eKkxhBLTDKUm
ZyGy5ZAb8ZxCPBjNcmK8zZxRWHnv4ECM0EpsxrFmHLxAZZug8n6DNPjtygWoL3ko
b+qF4VWh6rm6zH4s/72CqjDRtQ1qziMCnVFAk6MyxUTBco+sF6ohBPe2vbTTPRwr
PFBE32A+hDHK+rMhpgWYcFCtRof8g2skQJV3cYlxCgq01tZRFhERk+rqGEaozHx1
F4xsdiMzmvyeE1sgT6XJ2GGWAd/S5FHQGQa9JU5hF7tIiQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:15 2024 by rpki-client on console.sobornost.net