Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a273d8f1-d41a-494f-91c3-0ac75410919e.roa
File: a273d8f1-d41a-494f-91c3-0ac75410919e.roa (raw, json)
Hash identifier: VgpKmVuCzLiAJ2dIrmuZ29Nn6Fi0awulB3IuwvVzLF4=
Subject key identifier: 52:28:6C:5E:6B:40:41:BB:B6:B8:84:44:36:82:D2:37:05:63:14:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64A9A06443029EC1BF65A4682A5C7EE0072B7C75
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a273d8f1-d41a-494f-91c3-0ac75410919e.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:a9:a0:64:43:02:9e:c1:bf:65:a4:68:2a:5c:7e:e0:07:2b:7c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=a35f4d69c97b6ba1b0e2717012488af87a7d5ca0080ac569c62bec3d9607438b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bb:52:28:11:b9:9f:f9:4c:6c:4e:ff:e5:82:
22:af:e5:2f:65:04:13:ea:22:06:e1:b2:16:62:2f:
43:44:f0:0c:bf:d6:13:24:17:19:4d:7d:a6:84:2f:
f7:43:02:99:7e:f8:2d:4b:d0:6e:2f:d9:8a:69:1e:
a2:c9:ce:fa:81:b8:b3:db:b3:ec:4c:b3:27:d4:91:
0d:fe:6b:d9:b3:1a:0c:01:1a:5b:7c:64:e4:76:44:
c6:58:fd:3a:4b:63:c4:bd:f1:4f:95:57:da:04:6d:
9b:94:17:e5:86:c3:5a:96:1f:38:8e:a3:88:8a:dd:
04:b4:4c:a5:a3:25:a7:cf:5f:8b:d5:82:54:76:ee:
72:7a:d6:3f:9f:5f:d0:99:0f:7e:2d:12:11:c7:dd:
70:e3:f8:05:c3:c4:9a:86:29:ab:4c:8e:89:c4:cd:
46:ec:03:f5:fc:98:d9:ad:46:0d:1e:96:0e:f8:38:
c9:f4:2f:71:6c:6f:dc:7b:07:99:f2:47:8e:5d:52:
73:16:1e:ba:83:bd:d1:7d:f0:f7:1e:cc:b3:f7:ac:
e1:31:a1:81:4f:8a:e8:f4:94:40:f2:09:6d:b3:5d:
ab:36:8b:ae:57:15:fe:c1:67:3c:e0:70:c9:ca:f7:
c4:57:1f:6b:13:93:23:73:ef:15:89:0e:1f:4f:e1:
6f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:28:6C:5E:6B:40:41:BB:B6:B8:84:44:36:82:D2:37:05:63:14:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a273d8f1-d41a-494f-91c3-0ac75410919e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
6e:85:aa:80:c2:95:37:5d:67:23:9a:60:f0:1e:a8:03:34:9f:
57:a8:c3:53:80:88:e0:9b:16:15:58:3c:a6:65:af:25:47:1c:
57:dc:2b:b6:2f:74:dc:79:9a:8a:c0:ac:a7:c5:a8:7f:9a:84:
13:ef:96:98:42:56:5f:ab:a3:a3:03:85:6a:42:4c:19:8e:cd:
d8:af:0d:aa:94:8e:ad:5d:4e:76:77:90:db:dd:3e:91:42:6f:
94:f2:c7:00:bb:42:ee:5d:52:3d:c7:e0:d4:e9:b4:2c:12:5f:
07:79:b5:46:4f:db:c0:c9:8f:10:c8:fb:52:e8:21:4e:7b:28:
be:66:2a:a8:88:50:a2:f3:8d:f6:a2:29:18:2e:cd:0c:6d:64:
2d:25:db:b3:cd:53:1f:5a:a4:70:5a:da:65:28:df:1f:ba:6e:
b1:91:8b:c8:e0:37:e3:8f:64:ac:ad:1d:34:fc:df:5f:8f:de:
0f:66:35:80:39:64:ae:f7:f4:31:2d:9d:71:e7:ee:cd:de:1c:
ea:16:9e:3d:9b:53:72:19:f9:4f:b0:22:35:22:7b:63:5b:a8:
ba:9a:cc:41:82:8b:a5:65:27:73:7b:81:b5:30:5b:7f:c2:ea:
ab:ef:21:32:14:b5:9a:f1:54:0d:26:d9:55:49:75:8f:a6:9a:
bd:da:5e:48
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZKmgZEMCnsG/ZaRoKlx+4AcrfHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzNWY0ZDY5Yzk3YjZiYTFiMGUyNzE3MDEyNDg4YWY4N2E3ZDVjYTAwODBh
YzU2OWM2MmJlYzNkOTYwNzQzOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJO7UigRuZ/5TGxO/+WCIq/lL2UEE+oiBuGyFmIvQ0TwDL/WEyQXGU19poQv
90MCmX74LUvQbi/ZimkeosnO+oG4s9uz7EyzJ9SRDf5r2bMaDAEaW3xk5HZExlj9
OktjxL3xT5VX2gRtm5QX5YbDWpYfOI6jiIrdBLRMpaMlp89fi9WCVHbucnrWP59f
0JkPfi0SEcfdcOP4BcPEmoYpq0yOicTNRuwD9fyY2a1GDR6WDvg4yfQvcWxv3HsH
mfJHjl1ScxYeuoO90X3w9x7Ms/es4TGhgU+K6PSUQPIJbbNdqzaLrlcV/sFnPOBw
ycr3xFcfaxOTI3PvFYkOH0/hb00CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRSKGxe
a0BBu7a4hEQ2gtI3BWMUpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTI3M2Q4ZjEtZDQxYS00OTRmLTkxYzMtMGFjNzU0MTA5MTllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAboWqgMKVN11nI5pg8B6oAzSfV6jDU4CI4JsWFVg8
pmWvJUccV9wrti903HmaisCsp8Wof5qEE++WmEJWX6ujowOFakJMGY7N2K8NqpSO
rV1OdneQ290+kUJvlPLHALtC7l1SPcfg1Om0LBJfB3m1Rk/bwMmPEMj7UughTnso
vmYqqIhQovON9qIpGC7NDG1kLSXbs81TH1qkcFraZSjfH7pusZGLyOA3449krK0d
NPzfX4/eD2Y1gDlkrvf0MS2dcefuzd4c6haePZtTchn5T7AiNSJ7Y1uouprMQYKL
pWUnc3uBtTBbf8Lqq+8hMhS1mvFUDSbZVUl1j6aavdpeSA==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:13 2024 by rpki-client on console-ams.rpki-client.org