Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
File: 981b1661-99b8-42c3-8da0-4a3ec14aab72.roa (raw, json)
Hash identifier: hWP1ttrLuuWFLx3Ypu9JCtmMOTI7bRFpv3C6MtdYFM4=
Subject key identifier: 77:09:6F:5B:35:AC:0F:89:5F:8F:E8:E4:42:36:10:8C:DB:97:C6:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E08DD107003FF5944CB57891F6ACCE5A48D3856
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:08:dd:10:70:03:ff:59:44:cb:57:89:1f:6a:cc:e5:a4:8d:38:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=3ff38c604e626cff5f7b46c8d609ba5996df2cda417eb2bd0e8413023c63f19f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:08:39:8e:4e:75:86:c5:aa:b5:67:60:29:8d:
42:07:ef:b1:9a:de:ff:9f:f8:9c:da:97:10:f0:cb:
d9:1f:63:91:b9:53:81:dc:78:35:77:18:ae:25:8d:
0e:bb:e3:b0:19:44:f9:9c:f7:89:e9:00:6a:c1:08:
65:e5:15:b1:25:18:37:85:ce:5a:7c:4d:bd:82:06:
79:53:1b:82:7b:5a:6f:48:46:ff:08:bb:04:8b:53:
9a:3a:55:d4:cf:b3:81:b0:17:e9:9f:6e:04:ba:d7:
e3:b9:47:a8:0c:6a:51:42:08:93:41:d5:ca:b6:17:
2b:0d:52:ab:f8:c9:99:db:90:86:0b:4d:ee:b2:ba:
ed:51:67:cb:eb:0a:b1:a4:c2:89:d7:98:cd:3f:40:
b9:03:ed:0c:35:6b:b5:71:0e:65:67:aa:ec:da:e6:
0b:64:0a:c5:b1:07:ae:e9:62:7f:5a:e6:a0:5e:38:
21:5a:ac:f7:27:7f:0b:e8:7a:06:1f:83:b3:dd:7e:
89:55:2d:97:9c:14:11:21:64:d0:ae:2f:d0:81:be:
57:9f:b1:46:03:72:13:69:8c:2e:1d:c8:c7:7c:1b:
b0:21:91:46:f2:af:ce:0a:66:60:2d:07:7b:ca:1b:
e9:a7:61:42:1d:c3:cb:1b:4a:85:03:bf:b4:7b:98:
6c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:09:6F:5B:35:AC:0F:89:5F:8F:E8:E4:42:36:10:8C:DB:97:C6:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/981b1661-99b8-42c3-8da0-4a3ec14aab72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
24:6e:f2:19:80:6b:37:77:c1:a8:cd:2e:3e:7f:38:0a:30:a7:
e7:0e:2e:2b:23:d7:a0:11:a0:37:ce:25:80:40:14:89:76:51:
16:f7:89:81:e7:98:06:e4:e0:24:23:bd:03:df:76:b4:d9:07:
0d:ec:c3:bd:ef:cb:56:6d:bf:7a:81:92:ab:35:0e:49:2b:6a:
83:07:4d:18:1f:11:94:d2:67:45:a7:8b:98:c5:7e:37:53:a4:
d3:36:a6:01:f8:66:f4:d1:66:9d:0b:e9:44:31:ad:18:5e:7a:
24:5a:f1:42:75:a5:ff:59:e2:2e:9e:68:fa:04:62:65:d5:de:
cc:c9:b8:8c:22:c7:7b:75:da:45:54:c0:60:00:b1:e5:39:8c:
40:45:fe:dc:be:9d:cb:5c:2b:c0:db:0b:34:13:89:d0:ef:31:
74:30:31:ae:7e:33:97:25:4b:99:db:be:56:5d:8c:93:10:61:
b2:72:ce:15:18:cf:a7:bf:c6:76:67:aa:b9:fb:08:b9:6f:ae:
6f:db:3b:81:bd:ee:83:ae:ba:53:e4:75:b0:24:4a:89:84:71:
98:c7:70:df:68:da:8f:e8:78:61:79:a8:b2:7a:ce:a0:eb:03:
df:65:05:a4:c4:79:80:28:fa:6e:c0:61:e3:5e:87:36:cc:fe:
90:bb:f3:07
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULgjdEHAD/1lEy1eJH2rM5aSNOFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmZjM4YzYwNGU2MjZjZmY1ZjdiNDZjOGQ2MDliYTU5OTZkZjJjZGE0MTdl
YjJiZDBlODQxMzAyM2M2M2YxOWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkIOY5OdYbFqrVnYCmNQgfvsZre/5/4nNqXEPDL2R9jkblTgdx4NXcYriWN
DrvjsBlE+Zz3iekAasEIZeUVsSUYN4XOWnxNvYIGeVMbgntab0hG/wi7BItTmjpV
1M+zgbAX6Z9uBLrX47lHqAxqUUIIk0HVyrYXKw1Sq/jJmduQhgtN7rK67VFny+sK
saTCideYzT9AuQPtDDVrtXEOZWeq7NrmC2QKxbEHrulif1rmoF44IVqs9yd/C+h6
Bh+Ds91+iVUtl5wUESFk0K4v0IG+V5+xRgNyE2mMLh3Ix3wbsCGRRvKvzgpmYC0H
e8ob6adhQh3DyxtKhQO/tHuYbAsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR3CW9b
NawPiV+P6ORCNhCM25fGYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTgxYjE2NjEtOTliOC00MmMzLThkYTAtNGEzZWMxNGFhYjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAJG7yGYBrN3fBqM0uPn84CjCn5w4uKyPXoBGgN84l
gEAUiXZRFveJgeeYBuTgJCO9A992tNkHDezDve/LVm2/eoGSqzUOSStqgwdNGB8R
lNJnRaeLmMV+N1Ok0zamAfhm9NFmnQvpRDGtGF56JFrxQnWl/1niLp5o+gRiZdXe
zMm4jCLHe3XaRVTAYACx5TmMQEX+3L6dy1wrwNsLNBOJ0O8xdDAxrn4zlyVLmdu+
Vl2MkxBhsnLOFRjPp7/GdmequfsIuW+ub9s7gb3ug666U+R1sCRKiYRxmMdw32ja
j+h4YXmosnrOoOsD32UFpMR5gCj6bsBh416HNsz+kLvzBw==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:16 2024 by rpki-client on console.sobornost.net