Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20426a66-cc0b-4361-a28d-5e89317a3160.roa
File: 20426a66-cc0b-4361-a28d-5e89317a3160.roa (raw, json)
Hash identifier: /ztXhE290ZxM94IZOs6QPUBTLcyBuRHsE8tUnIqMWP4=
Subject key identifier: 88:74:DF:BA:6F:99:2F:7D:96:A4:DA:2E:7D:C9:D6:0A:4A:A3:BB:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 048FE60B6DD4638A40BF1BF0F23BD097FF743A1B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20426a66-cc0b-4361-a28d-5e89317a3160.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:8f:e6:0b:6d:d4:63:8a:40:bf:1b:f0:f2:3b:d0:97:ff:74:3a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=2bb705d5019b92f26f0123444382f5aac4998eaaa384de1198ca4e8b65c953c0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8c:67:f9:e5:09:84:ef:9e:e6:bd:d4:77:ed:
fc:7d:40:68:6c:de:31:55:eb:df:66:2a:12:ca:32:
44:45:d1:aa:35:56:5c:5f:ef:0c:45:41:00:14:b0:
93:22:43:49:b4:a4:b1:c7:d7:06:18:00:16:4a:eb:
ea:b5:c8:72:01:d0:0d:c4:a4:d6:d0:6a:70:ba:cd:
73:b6:c3:b9:2f:6b:a7:44:6f:2b:5b:6e:d2:6d:f0:
0f:9d:6a:40:3d:e1:d5:51:d8:84:76:24:29:6e:bd:
c8:94:43:1b:60:51:6f:2a:13:d2:a0:2a:95:60:d7:
ab:77:c5:90:dd:b6:46:d3:a8:1e:63:7b:0d:bf:a2:
d7:e7:e6:f7:54:b5:b9:2a:6d:5c:5b:d4:9d:7e:d6:
9d:78:33:0b:24:7c:6e:50:b9:6e:9d:33:16:69:c4:
90:9f:4e:58:cc:1a:fb:03:9a:cc:7b:20:0d:13:62:
f1:cc:1c:6f:fe:0e:7c:5b:35:dc:d0:9f:40:2d:b6:
23:86:8a:56:31:39:f3:c0:47:d7:f0:81:06:b2:dc:
81:2f:a1:1a:6a:31:17:71:88:8b:ce:a9:9b:61:a3:
c5:2d:fa:e7:58:70:a3:ff:7d:45:b4:c3:ed:15:72:
aa:9e:dc:90:c9:32:6e:bd:cd:96:37:10:07:6d:3b:
95:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:74:DF:BA:6F:99:2F:7D:96:A4:DA:2E:7D:C9:D6:0A:4A:A3:BB:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/20426a66-cc0b-4361-a28d-5e89317a3160.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c9:73:a5:18:78:de:52:18:45:3b:0e:a1:e1:35:66:86:94:cb:
61:b1:18:4e:05:4b:d3:55:3c:bb:e9:3f:9a:7d:64:c7:e4:c2:
32:04:dc:46:b6:f1:c4:f0:88:6f:db:ca:f2:28:e7:a6:74:f1:
81:35:81:7e:24:d1:88:e6:8b:2d:3d:5b:cc:56:3b:84:90:9b:
be:d7:25:f7:97:a0:5e:5a:38:b7:fd:06:c4:ab:60:b9:f1:49:
35:a3:d2:4f:31:21:c8:c9:45:2f:82:38:b1:a6:10:dc:ef:2e:
d1:c1:d4:64:8c:f3:b8:81:a9:91:5a:02:64:f9:0c:b8:49:4a:
62:89:f4:fa:78:0d:54:c1:6a:c2:50:b5:4c:99:98:3f:d4:37:
0b:3d:c1:15:4c:9a:58:e0:cb:e3:a5:ab:b4:19:db:b5:23:32:
fd:70:32:e0:95:52:5e:44:b2:f5:fd:07:9e:91:ae:37:8b:8a:
12:03:e1:55:c0:e4:91:f7:04:ea:fb:68:5d:84:8e:53:52:e7:
eb:6e:ad:f2:02:b3:b6:7f:83:34:0e:4e:86:a1:ef:d6:1b:b5:
f8:9d:eb:ae:29:e7:b1:38:9c:0c:82:c9:c1:c1:b0:58:f7:85:
6f:ce:00:e7:8f:ce:4d:da:d2:fc:bd:76:d5:f6:26:e7:aa:1a:
ca:bf:a9:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBI/mC23UY4pAvxvw8jvQl/90OhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiYjcwNWQ1MDE5YjkyZjI2ZjAxMjM0NDQzODJmNWFhYzQ5OThlYWFhMzg0
ZGUxMTk4Y2E0ZThiNjVjOTUzYzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqMZ/nlCYTvnua91Hft/H1AaGzeMVXr32YqEsoyREXRqjVWXF/vDEVBABSw
kyJDSbSkscfXBhgAFkrr6rXIcgHQDcSk1tBqcLrNc7bDuS9rp0RvK1tu0m3wD51q
QD3h1VHYhHYkKW69yJRDG2BRbyoT0qAqlWDXq3fFkN22RtOoHmN7Db+i1+fm91S1
uSptXFvUnX7WnXgzCyR8blC5bp0zFmnEkJ9OWMwa+wOazHsgDRNi8cwcb/4OfFs1
3NCfQC22I4aKVjE588BH1/CBBrLcgS+hGmoxF3GIi86pm2GjxS3651hwo/99RbTD
7RVyqp7ckMkybr3NljcQB207lUMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSIdN+6
b5kvfZak2i59ydYKSqO7fzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA0MjZhNjYtY2MwYi00MzYxLWEyOGQtNWU4OTMxN2EzMTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAyXOlGHjeUhhFOw6h4TVmhpTLYbEYTgVL01U8u+k/
mn1kx+TCMgTcRrbxxPCIb9vK8ijnpnTxgTWBfiTRiOaLLT1bzFY7hJCbvtcl95eg
Xlo4t/0GxKtgufFJNaPSTzEhyMlFL4I4saYQ3O8u0cHUZIzzuIGpkVoCZPkMuElK
Yon0+ngNVMFqwlC1TJmYP9Q3Cz3BFUyaWODL46WrtBnbtSMy/XAy4JVSXkSy9f0H
npGuN4uKEgPhVcDkkfcE6vtoXYSOU1Ln626t8gKztn+DNA5OhqHv1hu1+J3rrinn
sTicDILJwcGwWPeFb84A54/OTdrS/L121fYm56oayr+p5Q==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org