Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29c1ffc0-3f01-4867-a937-39ae790437d4.roa
File: 29c1ffc0-3f01-4867-a937-39ae790437d4.roa (raw, json)
Hash identifier: YH/GCYQvYk+xxcCs2lqN+X/qFlb26uku7Rp2WL9oo3E=
Subject key identifier: 61:29:55:0B:FF:B1:17:40:F8:F7:AC:57:DB:E4:04:45:DF:98:50:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43EBD12F3EAB2A0D4B7B8231026B833A86203C3D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29c1ffc0-3f01-4867-a937-39ae790437d4.roa
Signing time: Wed 05 Jun 2024 00:00:00 +0000
ROA not before: Wed 05 Jun 2024 00:00:00 +0000
ROA not after: Wed 10 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:eb:d1:2f:3e:ab:2a:0d:4b:7b:82:31:02:6b:83:3a:86:20:3c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 5 00:00:00 2024 GMT
Not After : Jul 10 23:59:59 2024 GMT
Subject: serialNumber=c4e803ecdeb2e21f372551917356c726eb06400155f4845f72db722e96f80166, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f9:02:46:c3:6d:7e:81:9a:c9:63:bf:a1:62:
d1:0f:fb:2a:27:30:6e:23:c1:2f:37:78:d4:bd:09:
74:3f:19:4e:b8:52:76:0c:3a:a6:e6:fe:64:d2:89:
6d:72:58:5c:dc:49:3b:5d:ea:f8:5e:25:c4:5f:47:
ca:a3:06:19:e5:f0:a8:e1:7f:15:c5:0c:17:9a:0a:
02:16:fd:d9:52:e3:af:dc:4c:ee:84:54:76:b5:71:
3d:8f:62:9e:86:7c:6c:24:2f:23:b4:cf:ca:90:3f:
66:03:28:c0:62:1b:e0:7b:d7:e0:05:29:1c:a3:9d:
4d:a2:98:1b:f5:83:c1:c0:2c:20:bc:8e:f4:99:91:
ea:8a:31:24:43:4f:a6:60:f9:18:f4:ad:51:58:f6:
41:64:b0:60:09:d4:2e:d5:c6:af:90:1f:a6:7f:52:
81:77:b4:9e:0e:bd:1a:64:b8:d6:38:45:9d:ef:de:
0d:15:43:c6:10:69:76:26:22:d8:1a:4f:ed:41:62:
1d:84:69:5e:6e:25:13:0f:e0:b8:6c:71:3d:dc:dc:
e2:58:f3:24:a2:39:30:1a:0a:99:b1:12:9d:36:71:
87:ef:e4:94:3f:8d:60:bf:3c:83:24:c2:51:4d:f3:
92:ae:9d:15:7c:aa:c7:e8:3d:35:f4:bc:6b:96:10:
c1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:29:55:0B:FF:B1:17:40:F8:F7:AC:57:DB:E4:04:45:DF:98:50:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/29c1ffc0-3f01-4867-a937-39ae790437d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:10:c3:92:02:fe:d4:72:1a:c7:7b:af:19:90:79:97:c7:9d:
a3:38:5d:3e:ac:dd:dc:71:b1:0c:6e:9e:90:7a:21:6f:44:7a:
c8:3c:e4:c8:63:d9:e2:d4:93:72:b5:74:6e:ef:a2:75:02:a4:
44:a8:d9:2c:9f:b6:f0:15:62:a6:26:8d:07:2e:f4:64:4a:30:
d1:f2:43:d1:66:f7:f4:73:a1:10:8c:43:64:f1:a4:b8:0b:b5:
db:d6:18:c8:51:22:ba:7c:2d:2e:9e:55:12:d5:41:99:0a:ea:
81:52:10:ba:a9:a0:81:d9:d5:c5:1d:27:2e:53:97:56:80:c1:
77:6b:ca:1d:0c:65:16:4c:95:7c:20:46:8d:9f:00:26:f5:36:
66:e5:97:4f:6c:5a:38:26:af:90:03:72:a3:a8:e5:a5:56:65:
97:5f:0a:cd:ae:d1:75:34:07:e8:b7:97:d1:28:4c:a2:90:20:
a3:58:d7:a7:dc:79:62:b6:9a:d3:f8:9b:e2:04:9d:14:1c:82:
31:bf:28:ed:06:2f:8a:75:77:3b:9a:93:0d:82:4e:4c:7a:1e:
f6:bc:93:16:97:31:c1:c9:5a:8c:d3:8d:8b:cd:77:77:de:8e:
7d:a4:42:02:b5:00:26:92:a8:c8:f7:89:20:ea:bd:11:f6:42:
b5:6d:1c:e8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQ+vRLz6rKg1Le4IxAmuDOoYgPD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MDUwMDAwMDBaFw0yNDA3MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZTgwM2VjZGViMmUyMWYzNzI1NTE5MTczNTZjNzI2ZWIwNjQwMDE1NWY0
ODQ1ZjcyZGI3MjJlOTZmODAxNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMX5AkbDbX6Bmsljv6Fi0Q/7KicwbiPBLzd41L0JdD8ZTrhSdgw6pub+ZNKJ
bXJYXNxJO13q+F4lxF9HyqMGGeXwqOF/FcUMF5oKAhb92VLjr9xM7oRUdrVxPY9i
noZ8bCQvI7TPypA/ZgMowGIb4HvX4AUpHKOdTaKYG/WDwcAsILyO9JmR6ooxJENP
pmD5GPStUVj2QWSwYAnULtXGr5Afpn9SgXe0ng69GmS41jhFne/eDRVDxhBpdiYi
2BpP7UFiHYRpXm4lEw/guGxxPdzc4ljzJKI5MBoKmbESnTZxh+/klD+NYL88gyTC
UU3zkq6dFXyqx+g9NfS8a5YQwf8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhKVUL
/7EXQPj3rFfb5ARF35hQmjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjljMWZmYzAtM2YwMS00ODY3LWE5MzctMzlhZTc5MDQzN2Q0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1N28DAN
BgkqhkiG9w0BAQsFAAOCAQEAfBDDkgL+1HIax3uvGZB5l8edozhdPqzd3HGxDG6e
kHohb0R6yDzkyGPZ4tSTcrV0bu+idQKkRKjZLJ+28BVipiaNBy70ZEow0fJD0Wb3
9HOhEIxDZPGkuAu129YYyFEiunwtLp5VEtVBmQrqgVIQuqmggdnVxR0nLlOXVoDB
d2vKHQxlFkyVfCBGjZ8AJvU2ZuWXT2xaOCavkANyo6jlpVZll18Kza7RdTQH6LeX
0ShMopAgo1jXp9x5Yraa0/ib4gSdFByCMb8o7QYvinV3O5qTDYJOTHoe9ryTFpcx
wclajNONi813d96OfaRCArUAJpKoyPeJIOq9EfZCtW0c6A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org