Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: 5NteLl1VmGrRi+EH/q/IlLN7imC5uRr/xIsZlHUPt9o=
Subject key identifier: 63:B2:AF:A0:60:E2:E2:D9:40:D3:C6:91:EF:67:8F:93:86:88:BD:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65AB02257B0666E3D4A4C2A2692FD61CC0C684B5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 18:36:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ab:02:25:7b:06:66:e3:d4:a4:c2:a2:69:2f:d6:1c:c0:c6:84:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=5c45157402130135ef5ab61fe2d605a6cc466a4032d94d6e8674d85917ba45bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:21:86:08:af:81:ae:e4:9d:8a:77:72:a3:
1e:af:11:eb:64:00:d5:3d:a8:83:8b:2e:ba:89:06:
2a:6f:fd:94:84:3c:0b:cd:92:67:62:27:2f:79:c1:
96:b4:84:b8:48:cb:ff:fa:17:a2:4b:cd:0c:ba:66:
8c:15:88:46:c5:c4:81:1b:2b:f4:a4:82:82:9f:b9:
fe:57:a3:5d:7d:70:d1:48:dd:e9:eb:fe:ff:a8:4d:
ef:95:38:1c:e8:d1:55:82:7b:05:e3:e6:29:1f:55:
ef:b4:f7:c2:33:7e:eb:3c:fd:48:20:99:29:03:7d:
5a:92:f0:3b:20:54:ea:da:e0:8f:8c:36:64:a2:43:
ba:b8:6a:2b:e5:31:0f:51:8a:42:61:17:07:ad:bc:
d8:15:34:a3:99:d8:9a:ff:45:81:09:a8:7f:43:8c:
ff:50:8f:e2:cf:e5:f1:4c:8e:48:46:bb:68:ce:ba:
e0:92:41:a4:6b:05:8f:be:94:38:d5:9b:5d:b9:75:
b5:54:8c:2a:9b:e3:53:d7:df:1b:71:f0:98:98:f0:
74:d8:6c:42:fa:7f:81:44:49:22:bb:41:7f:ad:35:
bc:80:cf:8c:06:64:79:b0:de:60:48:dc:84:b9:a3:
d6:39:3f:47:ea:bb:ed:94:8e:21:cd:61:7a:93:45:
46:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B2:AF:A0:60:E2:E2:D9:40:D3:C6:91:EF:67:8F:93:86:88:BD:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:ac:cf:b9:11:83:2e:2e:49:39:60:bc:52:d0:11:e6:1e:e4:
1b:37:f7:62:5a:52:b2:38:43:38:f2:b5:1a:9c:ce:5a:96:6e:
bd:ec:26:59:1f:1e:ff:4f:22:4f:1e:ec:5d:3f:b1:40:74:04:
3a:11:6b:c0:84:9c:cd:10:3a:22:09:f1:c1:89:b7:18:06:a7:
d9:9e:f8:a7:16:40:6e:c3:f4:6f:b6:bc:ab:76:ea:4e:27:4e:
ab:43:58:01:40:a5:07:b3:0e:3c:1f:b8:3c:f5:31:d5:ec:c0:
f8:ac:e2:0d:ed:7f:35:a3:6d:96:c8:4f:13:83:f8:12:1c:db:
41:70:a1:1a:47:e4:7a:3e:0f:56:a2:24:87:4b:3c:25:00:2a:
98:6b:16:53:5d:03:13:f5:04:97:ca:25:cb:d7:bf:f9:57:ef:
8f:09:f6:06:2a:12:d1:d6:33:79:a9:4d:5b:07:d0:a7:b2:92:
20:3b:5e:6e:38:11:db:42:74:1a:8d:df:02:ff:b6:54:a0:89:
93:52:87:5d:2e:b6:72:b0:87:66:72:ea:7c:ea:01:ee:54:e7:
4a:25:ad:d3:31:e2:c4:a6:a1:4d:a3:01:cd:d9:2d:e7:3e:33:
da:7a:2d:c4:d1:1f:fe:1f:cd:eb:74:2d:ee:be:40:22:d9:5a:
a8:a4:32:85
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZasCJXsGZuPUpMKiaS/WHMDGhLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNDUxNTc0MDIxMzAxMzVlZjVhYjYxZmUyZDYwNWE2Y2M0NjZhNDAzMmQ5
NGQ2ZTg2NzRkODU5MTdiYTQ1YmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXBIYYIr4Gu5J2Kd3KjHq8R62QA1T2og4suuokGKm/9lIQ8C82SZ2InL3nB
lrSEuEjL//oXokvNDLpmjBWIRsXEgRsr9KSCgp+5/lejXX1w0Ujd6ev+/6hN75U4
HOjRVYJ7BePmKR9V77T3wjN+6zz9SCCZKQN9WpLwOyBU6trgj4w2ZKJDurhqK+Ux
D1GKQmEXB6282BU0o5nYmv9FgQmof0OM/1CP4s/l8UyOSEa7aM664JJBpGsFj76U
ONWbXbl1tVSMKpvjU9ffG3HwmJjwdNhsQvp/gURJIrtBf601vIDPjAZkebDeYEjc
hLmj1jk/R+q77ZSOIc1hepNFRtECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRjsq+g
YOLi2UDTxpHvZ4+Thoi98DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAb6zPuRGDLi5JOWC8UtAR5h7kGzf3YlpSsjhDOPK1
GpzOWpZuvewmWR8e/08iTx7sXT+xQHQEOhFrwISczRA6IgnxwYm3GAan2Z74pxZA
bsP0b7a8q3bqTidOq0NYAUClB7MOPB+4PPUx1ezA+KziDe1/NaNtlshPE4P4Ehzb
QXChGkfkej4PVqIkh0s8JQAqmGsWU10DE/UEl8oly9e/+Vfvjwn2BioS0dYzealN
WwfQp7KSIDtebjgR20J0Go3fAv+2VKCJk1KHXS62crCHZnLqfOoB7lTnSiWt0zHi
xKahTaMBzdkt5z4z2notxNEf/h/N63Qt7r5AItlaqKQyhQ==
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:40:29 2024 by rpki-client on console-fra.rpki-client.org