Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
File: 80ccbd73-b51e-4203-8083-8baaa848e6c9.roa (raw, json)
Hash identifier: HWxIZzv9X4PjEwykK9AagsyWyYIGuUUPKH0rJnkuetk=
Subject key identifier: A2:44:21:2C:7D:C4:EC:C9:A9:C7:44:65:D6:E0:DC:FD:B3:C8:35:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 684524BCB0163D540186B22AAB9B55C0B5BB36BF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
Signing time: Tue 28 May 2024 00:00:00 +0000
ROA not before: Tue 28 May 2024 00:00:00 +0000
ROA not after: Tue 02 Jul 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:45:24:bc:b0:16:3d:54:01:86:b2:2a:ab:9b:55:c0:b5:bb:36:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 28 00:00:00 2024 GMT
Not After : Jul 2 23:59:59 2024 GMT
Subject: serialNumber=5341e1bb0ecd7092e7be7a10b60ed1e085ec6290f088fafbe3243c2598791805, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:16:e3:c4:8b:32:6a:a9:b3:ab:66:fb:47:9b:
48:f2:49:ba:b3:ab:5d:3a:64:90:01:e4:62:a7:14:
fe:40:1d:7b:72:28:d6:00:bb:b3:8a:a1:c1:ca:ea:
a3:c5:0c:ab:63:ca:3b:6d:5f:3d:27:1d:cb:4d:0f:
7e:58:2c:28:ff:7a:c8:0b:8e:7b:96:4e:63:14:03:
e2:b6:7f:d5:a5:6f:86:4e:8a:fc:4c:d5:34:7a:a1:
8e:57:3b:2c:51:e3:60:48:31:e0:51:4c:55:db:c9:
fd:ca:fb:92:4c:56:80:21:30:7e:15:bf:40:f2:d8:
2a:c5:f8:e4:2c:3d:c7:64:97:9c:48:2e:7d:4b:83:
f8:25:11:5a:e8:b5:45:52:27:ce:33:da:f9:74:f4:
de:44:2d:91:21:86:4a:c1:28:c9:24:8d:db:05:ec:
76:d9:a0:8a:1f:ca:a1:6f:ba:50:ad:5b:25:39:89:
fb:19:9f:07:a3:fc:6d:14:70:41:98:de:d0:29:52:
2d:a0:4b:4d:f3:14:f3:ec:65:e5:11:e9:b2:21:0b:
34:5a:2b:42:8c:cb:0e:c6:e8:47:b4:ca:b2:88:33:
a2:7b:14:e1:c3:58:99:63:49:13:e8:57:ef:a4:ae:
ab:88:6e:43:ba:63:99:37:06:61:b6:a4:19:43:c9:
f9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:44:21:2C:7D:C4:EC:C9:A9:C7:44:65:D6:E0:DC:FD:B3:C8:35:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
13:fa:83:bd:f9:79:85:bc:2d:ff:f2:e9:54:f9:8a:bd:47:d7:
7d:67:d1:4f:98:71:0d:dd:1a:0a:2a:71:80:51:ab:98:46:58:
fc:93:8b:fb:a5:f5:01:3f:d6:dd:e8:51:90:0a:45:b1:f9:b4:
be:d4:40:4d:66:ff:29:21:70:08:02:b3:9c:bd:b7:5f:db:3d:
cf:28:97:00:1a:0e:25:f2:6e:6a:70:54:9d:0d:0f:ea:cf:91:
e3:8e:51:9d:4e:03:ab:25:8e:5c:74:b9:a6:86:bc:a1:61:a6:
97:53:c3:18:7a:e5:ee:0c:c0:98:6e:07:76:ad:65:26:b9:05:
8c:bf:36:3e:f5:94:3c:b1:39:ba:c1:c2:6a:45:75:f9:f9:d3:
50:7f:d7:85:2a:e1:de:3f:cc:98:ea:fc:e8:b9:81:df:56:65:
a1:55:98:e7:58:54:9b:86:c0:51:98:9f:3b:6b:e2:5d:fe:0f:
20:88:16:d2:7b:ac:5a:ce:27:0f:8c:e2:a9:4f:4e:40:7a:3c:
76:a8:8f:0e:80:58:f6:6f:78:8b:64:b3:3c:6f:8c:6d:51:f8:
96:33:7b:96:74:44:fe:ce:8f:62:7c:2b:d7:c2:93:b2:14:27:
08:db:b2:8b:86:a7:ec:2a:c0:c7:71:4c:d8:a7:27:b4:6c:fd:
ce:14:7f:82
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaEUkvLAWPVQBhrIqq5tVwLW7Nr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjgwMDAwMDBaFw0yNDA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNDFlMWJiMGVjZDcwOTJlN2JlN2ExMGI2MGVkMWUwODVlYzYyOTBmMDg4
ZmFmYmUzMjQzYzI1OTg3OTE4MDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ8W48SLMmqps6tm+0ebSPJJurOrXTpkkAHkYqcU/kAde3Io1gC7s4qhwcrq
o8UMq2PKO21fPScdy00PflgsKP96yAuOe5ZOYxQD4rZ/1aVvhk6K/EzVNHqhjlc7
LFHjYEgx4FFMVdvJ/cr7kkxWgCEwfhW/QPLYKsX45Cw9x2SXnEgufUuD+CURWui1
RVInzjPa+XT03kQtkSGGSsEoySSN2wXsdtmgih/KoW+6UK1bJTmJ+xmfB6P8bRRw
QZje0ClSLaBLTfMU8+xl5RHpsiELNForQozLDsboR7TKsogzonsU4cNYmWNJE+hX
76Suq4huQ7pjmTcGYbakGUPJ+YMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSiRCEs
fcTsyanHRGXW4Nz9s8g1ljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBjY2JkNzMtYjUxZS00MjAzLTgwODMtOGJhYWE4NDhlNmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAE/qDvfl5hbwt//LpVPmKvUfXfWfRT5hxDd0aCipx
gFGrmEZY/JOL+6X1AT/W3ehRkApFsfm0vtRATWb/KSFwCAKznL23X9s9zyiXABoO
JfJuanBUnQ0P6s+R445RnU4DqyWOXHS5poa8oWGml1PDGHrl7gzAmG4Hdq1lJrkF
jL82PvWUPLE5usHCakV1+fnTUH/XhSrh3j/MmOr86LmB31ZloVWY51hUm4bAUZif
O2viXf4PIIgW0nusWs4nD4ziqU9OQHo8dqiPDoBY9m94i2SzPG+MbVH4ljN7lnRE
/s6PYnwr18KTshQnCNuyi4an7CrAx3FM2KcntGz9zhR/gg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:42 2024 by rpki-client on console-fra.rpki-client.org