Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: Xr600ymbyOG2SALQMOFSaSLIqFOgdDHy3Q2s527sLak=
Subject key identifier: FD:3F:26:FF:CB:34:D5:BD:07:36:BF:83:9B:DB:15:94:36:0E:60:E5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1902D870F35E1494FDE14C179150DC60187882AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Tue 28 May 2024 00:00:00 +0000
ROA not before: Tue 28 May 2024 00:00:00 +0000
ROA not after: Tue 02 Jul 2024 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:02:d8:70:f3:5e:14:94:fd:e1:4c:17:91:50:dc:60:18:78:82:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 28 00:00:00 2024 GMT
Not After : Jul 2 23:59:59 2024 GMT
Subject: serialNumber=af280e89efeb8dd24d858cb6c9cdd148e1491bda1fc116688a466e0eab821cb1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c0:d8:bd:1d:21:22:91:b8:f3:72:ec:6e:05:
e9:8e:4d:9a:77:f5:2c:a2:81:5e:67:ad:2a:ef:e0:
c3:19:81:88:7e:c8:95:a9:25:c0:b9:60:e5:2d:99:
93:cb:32:13:c4:ee:59:f0:b9:ee:2e:13:6d:98:8a:
97:90:d3:e3:9f:61:d1:22:94:f3:ca:3b:06:b8:16:
8a:5e:09:4d:c5:c0:27:37:10:a5:0f:80:48:d3:90:
4c:4e:d2:ff:9c:47:b7:b1:ea:08:16:d1:e7:5b:37:
ab:1e:ad:7b:ac:04:6a:49:7a:61:bc:c9:e9:7e:c0:
a4:68:06:df:82:97:1b:1f:72:3f:b9:48:82:fb:26:
2d:fa:1c:e6:f6:74:0c:9b:1b:df:5f:9a:b0:80:64:
6b:27:2b:9f:79:b0:46:d2:8d:af:fa:1f:4d:41:aa:
2f:81:d1:83:79:17:c8:c9:a2:94:58:d4:25:f2:29:
ca:34:0f:32:8a:0d:95:7c:ab:d7:44:f1:05:70:4f:
88:fe:ec:e4:ec:30:5e:fe:b4:59:59:cd:51:bd:98:
ce:05:ac:fd:65:2b:5d:c3:a2:36:0e:40:6e:c0:05:
f7:54:b1:b9:2e:18:73:5f:3b:9d:a7:9c:b0:51:44:
66:fe:c3:04:97:5f:f7:13:3b:27:da:04:ff:6c:71:
90:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3F:26:FF:CB:34:D5:BD:07:36:BF:83:9B:DB:15:94:36:0E:60:E5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
00:be:80:5c:82:86:87:d6:93:5c:e4:62:c0:09:a1:7c:0c:0a:
c7:00:fd:44:be:c3:ad:e6:cd:87:ab:f7:b7:16:fa:80:b6:db:
8d:e5:c1:5f:4c:11:dc:2f:12:83:29:2c:b1:d7:ff:23:37:0e:
9a:59:66:48:19:ae:b8:ee:01:4f:8b:4f:c1:73:2a:ea:3b:94:
37:1b:fc:ca:e2:d3:7f:1d:d2:cf:76:a3:fb:2c:06:a2:c0:9f:
04:4c:b3:2d:6b:f6:c4:c7:2b:98:b1:88:0c:48:91:40:5e:ec:
1b:45:fc:3c:7f:2c:5a:c1:7c:b8:46:59:82:54:6a:d0:19:f7:
6a:76:18:e4:4c:0d:fa:cb:22:aa:be:e2:42:c6:b5:ce:e1:60:
77:1b:d2:44:ff:83:4b:df:39:43:8f:f6:d5:0b:a2:d5:e3:2e:
80:f5:15:c3:b7:a0:cc:72:42:19:a6:c3:97:f0:a8:9f:01:df:
cd:01:59:a5:4e:e6:83:00:85:9b:60:e7:28:80:b1:47:1f:5d:
0a:ee:e2:05:58:76:a4:3b:5d:86:26:0d:11:97:7d:16:be:6f:
ae:14:ab:fb:cf:35:2b:61:ce:b5:8d:c9:b1:5d:ff:21:86:42:
5e:a2:7c:65:49:91:b8:57:40:80:4e:49:ac:15:b3:a2:b0:c4:
d3:d9:c2:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGQLYcPNeFJT94UwXkVDcYBh4gq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA1MjgwMDAwMDBaFw0yNDA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMjgwZTg5ZWZlYjhkZDI0ZDg1OGNiNmM5Y2RkMTQ4ZTE0OTFiZGExZmMx
MTY2ODhhNDY2ZTBlYWI4MjFjYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXA2L0dISKRuPNy7G4F6Y5Nmnf1LKKBXmetKu/gwxmBiH7IlaklwLlg5S2Z
k8syE8TuWfC57i4TbZiKl5DT459h0SKU88o7BrgWil4JTcXAJzcQpQ+ASNOQTE7S
/5xHt7HqCBbR51s3qx6te6wEakl6YbzJ6X7ApGgG34KXGx9yP7lIgvsmLfoc5vZ0
DJsb31+asIBkaycrn3mwRtKNr/ofTUGqL4HRg3kXyMmilFjUJfIpyjQPMooNlXyr
10TxBXBPiP7s5OwwXv60WVnNUb2YzgWs/WUrXcOiNg5AbsAF91SxuS4Yc187naec
sFFEZv7DBJdf9xM7J9oE/2xxkNsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT9Pyb/
yzTVvQc2v4Ob2xWUNg5g5TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAAL6AXIKGh9aTXORiwAmhfAwKxwD9RL7DrebNh6v3
txb6gLbbjeXBX0wR3C8Sgykssdf/IzcOmllmSBmuuO4BT4tPwXMq6juUNxv8yuLT
fx3Sz3aj+ywGosCfBEyzLWv2xMcrmLGIDEiRQF7sG0X8PH8sWsF8uEZZglRq0Bn3
anYY5EwN+ssiqr7iQsa1zuFgdxvSRP+DS985Q4/21Qui1eMugPUVw7egzHJCGabD
l/ConwHfzQFZpU7mgwCFm2DnKICxRx9dCu7iBVh2pDtdhiYNEZd9Fr5vrhSr+881
K2HOtY3JsV3/IYZCXqJ8ZUmRuFdAgE5JrBWzorDE09nCYA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:40 2024 by rpki-client on console-ams.rpki-client.org