Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: YUOR/vWVd25+iSuqD8kf0l+qYCbNpHojIzCN6mE4cQQ=
Subject key identifier: 93:EF:55:7E:94:AA:D7:23:77:20:49:B3:A4:3E:0E:C4:CE:F0:60:E6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27A262DAB5A531A0BFDD7D307477B4B1B95D8037
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:a2:62:da:b5:a5:31:a0:bf:dd:7d:30:74:77:b4:b1:b9:5d:80:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=4bd5c395b2e4631aebae3a3d7be14bcc4dfe002c6bcbb10fb07c0d9f3651b9a5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cc:e9:aa:49:46:60:9c:0d:1e:5d:c2:88:a5:
76:41:f5:6d:53:5d:a2:f5:d6:62:cd:74:14:6a:60:
b9:34:e6:ff:65:34:f2:2b:cb:bb:42:25:38:82:c5:
c2:92:ca:8e:68:8e:e2:70:60:db:2c:9d:a3:1f:94:
5a:36:0a:b2:81:fa:ab:52:49:6c:65:d7:7b:c6:77:
57:de:01:6e:8f:f9:65:95:f7:3d:44:71:71:48:6a:
c2:59:c9:3b:e7:79:ce:c2:ed:1e:42:de:9f:bc:e0:
a8:d5:e0:31:bf:0e:8c:74:35:0e:ae:0c:d4:19:4c:
e2:a2:07:4f:24:32:56:6c:1d:3d:db:37:63:57:dd:
2e:4c:c1:c1:62:1f:04:dd:6d:6d:a8:76:97:9d:1a:
4b:f3:33:31:56:1a:8c:19:97:53:4e:06:5f:a4:4b:
4a:94:ac:da:c8:df:33:de:80:1b:3c:78:eb:30:a9:
1c:ae:95:47:78:de:41:ff:3a:30:1c:ae:d0:ef:50:
68:09:73:57:ed:17:6f:5e:78:2c:e5:3c:1b:3e:0b:
98:ba:0f:0d:46:26:40:b6:88:56:76:14:44:e4:ca:
a5:a8:4b:4a:8d:a4:6b:ab:70:8f:6f:c4:dd:50:05:
bb:51:e6:d6:ae:c5:2b:04:07:22:32:c6:71:f6:d0:
7d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:EF:55:7E:94:AA:D7:23:77:20:49:B3:A4:3E:0E:C4:CE:F0:60:E6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:b0:3b:e2:65:78:ce:ab:7f:a1:01:b6:f8:e9:a1:c4:12:3a:
ad:00:0d:88:e8:eb:b4:42:22:c7:05:33:71:45:20:ee:86:e3:
1e:54:2b:1b:d4:bc:9a:05:fc:24:a1:c2:2c:1f:2c:0f:1c:4c:
1e:a1:ec:aa:f9:30:c3:c4:2b:83:4a:29:f4:18:ef:2b:8f:86:
e5:97:be:24:75:20:ab:ea:0a:4b:d3:6d:10:8f:94:cd:fe:e6:
e1:65:b7:32:e5:cb:d1:41:61:ff:ea:b0:95:a2:7b:bf:e5:96:
f3:c4:34:d1:90:5f:da:32:66:89:fb:60:99:a6:05:60:f9:e7:
ab:44:75:50:71:6c:f0:c0:01:ca:dd:4b:bb:5c:29:b0:a9:d4:
85:d6:12:28:47:32:31:24:3d:78:1b:56:43:e5:ce:f7:bf:43:
0c:68:53:aa:c9:a1:69:79:8e:66:7f:90:03:5b:06:06:32:22:
af:ec:7c:4d:4e:87:6d:8f:3a:90:4c:d1:23:03:57:eb:fc:af:
af:32:aa:b0:c1:f5:c5:3a:bd:74:9a:47:9d:19:c0:95:fe:f6:
9b:7a:d1:b2:9c:97:9b:65:83:7d:3e:1a:91:b7:a6:0c:1e:50:
b0:93:41:49:af:d8:9a:3b:dd:50:01:9d:11:a7:a7:38:ab:3b:
25:c9:df:44
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJ6Ji2rWlMaC/3X0wdHe0sbldgDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiZDVjMzk1YjJlNDYzMWFlYmFlM2EzZDdiZTE0YmNjNGRmZTAwMmM2YmNi
YjEwZmIwN2MwZDlmMzY1MWI5YTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3M6apJRmCcDR5dwoildkH1bVNdovXWYs10FGpguTTm/2U08ivLu0IlOILF
wpLKjmiO4nBg2yydox+UWjYKsoH6q1JJbGXXe8Z3V94Bbo/5ZZX3PURxcUhqwlnJ
O+d5zsLtHkLen7zgqNXgMb8OjHQ1Dq4M1BlM4qIHTyQyVmwdPds3Y1fdLkzBwWIf
BN1tbah2l50aS/MzMVYajBmXU04GX6RLSpSs2sjfM96AGzx46zCpHK6VR3jeQf86
MByu0O9QaAlzV+0Xb154LOU8Gz4LmLoPDUYmQLaIVnYUROTKpahLSo2ka6twj2/E
3VAFu1Hm1q7FKwQHIjLGcfbQfSUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBST71V+
lKrXI3cgSbOkPg7EzvBg5jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEATLA74mV4zqt/oQG2+OmhxBI6rQANiOjrtEIixwUz
cUUg7objHlQrG9S8mgX8JKHCLB8sDxxMHqHsqvkww8Qrg0op9BjvK4+G5Ze+JHUg
q+oKS9NtEI+Uzf7m4WW3MuXL0UFh/+qwlaJ7v+WW88Q00ZBf2jJmiftgmaYFYPnn
q0R1UHFs8MAByt1Lu1wpsKnUhdYSKEcyMSQ9eBtWQ+XO979DDGhTqsmhaXmOZn+Q
A1sGBjIir+x8TU6HbY86kEzRIwNX6/yvrzKqsMH1xTq9dJpHnRnAlf72m3rRspyX
m2WDfT4akbemDB5QsJNBSa/YmjvdUAGdEaenOKs7JcnfRA==
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:22 2024 by rpki-client on console-fra.rpki-client.org