Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
File: c8417d8d-dd59-4c9c-9131-401f49361e96.roa (raw, json)
Hash identifier: tMG2Cj7BUJzAr16TJ3lCZFkZqnKK6y948IzjIfvewoc=
Subject key identifier: 2C:97:33:DD:55:6E:DA:45:B7:EC:2D:87:B2:85:01:D4:A9:23:29:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2CF0B2D9A387550E951442AE9C02CED1B0A6654B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
Signing time: Fri 26 Apr 2024 00:00:00 +0000
ROA not before: Fri 26 Apr 2024 00:00:00 +0000
ROA not after: Fri 31 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:f0:b2:d9:a3:87:55:0e:95:14:42:ae:9c:02:ce:d1:b0:a6:65:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 26 00:00:00 2024 GMT
Not After : May 31 23:59:59 2024 GMT
Subject: serialNumber=a1dcf604e7455877b655dc1d9fc4d588c1628e5f76e9a0500fb6ed3bfd2e0073, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1e:f8:31:0d:57:ef:e0:5e:f6:04:a8:5b:e8:
7d:38:d1:a0:0a:0a:a1:20:b3:95:c8:3e:fd:4b:84:
71:d4:e8:a2:6d:72:36:4f:9d:f2:2e:e0:03:6c:59:
8c:78:d6:cc:1f:a9:0e:c9:cf:88:b1:49:eb:b2:05:
d1:18:74:04:8e:68:d0:21:9f:e4:a4:4c:da:5a:77:
58:fd:d2:2b:9f:d1:b9:9f:31:f4:0f:05:4b:2f:02:
90:ef:ad:9f:21:e2:59:f0:e3:7d:15:4b:bb:06:2a:
ef:52:7f:d7:34:7b:10:e7:91:7d:b9:bc:ef:4e:52:
1a:22:6a:f2:0e:90:a7:a1:fc:bc:b6:97:3e:e7:0c:
35:0a:72:cc:f8:5d:83:cb:d9:9b:00:e1:16:b2:7c:
16:2c:8a:99:8a:ab:2a:2f:03:9f:91:c1:9a:88:f8:
ba:c9:3c:61:32:72:7d:f8:33:fd:ca:52:82:ba:25:
fc:ca:a6:28:13:8e:d2:b7:fc:9b:a0:25:d1:57:ed:
4d:a1:a3:8e:96:3b:be:8d:03:b3:d5:98:0e:9d:4c:
76:1e:0b:3b:0a:cb:ab:6b:2a:10:70:47:df:6d:98:
2a:c0:c3:69:84:9f:f7:5d:34:a7:8f:d6:15:71:74:
43:13:dd:54:c5:b8:ba:52:d1:f2:55:ef:b8:14:39:
b8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:97:33:DD:55:6E:DA:45:B7:EC:2D:87:B2:85:01:D4:A9:23:29:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
94:db:ef:3c:92:31:f7:cb:9e:20:d6:a4:48:8f:5e:9f:a7:ce:
33:78:b9:90:a7:d1:7f:3d:c2:b3:94:b6:48:83:32:b7:83:1b:
57:0c:2e:b0:ca:e9:17:86:c9:50:65:3c:56:01:a3:ff:21:75:
3e:d8:03:cc:3e:41:bb:a2:71:47:a4:a1:3d:10:2d:18:d2:e3:
3c:7b:fe:99:33:74:5d:2a:d1:2b:d9:d1:64:aa:d3:d0:c9:1a:
69:c6:3b:9f:d5:2a:61:3f:8b:e1:04:c3:de:56:19:41:fa:b0:
44:cc:09:44:ba:cc:e1:31:6c:12:6d:18:c9:81:17:74:a6:d6:
d3:28:3b:d5:2c:c6:dc:90:3b:68:ab:7f:c5:76:4f:4a:f0:32:
0c:bc:25:81:42:2b:f9:d4:01:05:01:fd:de:4e:91:97:16:3d:
b0:c1:4c:38:83:38:8b:8a:df:33:04:8f:f6:4d:c0:c1:60:0e:
8e:2e:5a:56:ee:a2:98:74:e6:2a:8c:28:16:df:16:7f:19:4f:
de:7c:04:9d:cc:d3:8c:b0:65:d6:c9:72:f8:b9:0c:c6:c6:78:
41:ab:58:af:63:40:28:d2:5f:a3:48:b4:4d:3b:ad:1d:f0:18:
c3:c2:2a:72:8c:b5:e9:f3:b8:44:2d:a7:1e:ec:0f:ed:01:df:
10:fd:79:d6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULPCy2aOHVQ6VFEKunALO0bCmZUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjYwMDAwMDBaFw0yNDA1MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGExZGNmNjA0ZTc0NTU4NzdiNjU1ZGMxZDlmYzRkNTg4YzE2MjhlNWY3NmU5
YTA1MDBmYjZlZDNiZmQyZTAwNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANge+DENV+/gXvYEqFvofTjRoAoKoSCzlcg+/UuEcdToom1yNk+d8i7gA2xZ
jHjWzB+pDsnPiLFJ67IF0Rh0BI5o0CGf5KRM2lp3WP3SK5/RuZ8x9A8FSy8CkO+t
nyHiWfDjfRVLuwYq71J/1zR7EOeRfbm8705SGiJq8g6Qp6H8vLaXPucMNQpyzPhd
g8vZmwDhFrJ8FiyKmYqrKi8Dn5HBmoj4usk8YTJyffgz/cpSgrol/MqmKBOO0rf8
m6Al0VftTaGjjpY7vo0Ds9WYDp1Mdh4LOwrLq2sqEHBH322YKsDDaYSf9100p4/W
FXF0QxPdVMW4ulLR8lXvuBQ5uC0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQslzPd
VW7aRbfsLYeyhQHUqSMpjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yzg0MTdkOGQtZGQ1OS00YzljLTkxMzEtNDAxZjQ5MzYxZTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAlNvvPJIx98ueINakSI9en6fOM3i5kKfRfz3Cs5S2
SIMyt4MbVwwusMrpF4bJUGU8VgGj/yF1PtgDzD5Bu6JxR6ShPRAtGNLjPHv+mTN0
XSrRK9nRZKrT0MkaacY7n9UqYT+L4QTD3lYZQfqwRMwJRLrM4TFsEm0YyYEXdKbW
0yg71SzG3JA7aKt/xXZPSvAyDLwlgUIr+dQBBQH93k6RlxY9sMFMOIM4i4rfMwSP
9k3AwWAOji5aVu6imHTmKowoFt8WfxlP3nwEnczTjLBl1sly+LkMxsZ4QatYr2NA
KNJfo0i0TTutHfAYw8Iqcoy16fO4RC2nHuwP7QHfEP151g==
-----END CERTIFICATE-----
Generated at Sun May 5 22:37:14 2024 by rpki-client on console-ams.rpki-client.org