Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: DrHhAC6TiH38KT9NNPjB/CD3pX9+AdZUPx0gq8mZHt0=
Subject key identifier: 1F:C6:54:3A:CC:6E:C4:BF:AC:BC:58:B0:33:BF:90:51:CB:95:70:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52322A5F11295817ABDF2FD5394B9DE1F4091EAE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:32:2a:5f:11:29:58:17:ab:df:2f:d5:39:4b:9d:e1:f4:09:1e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=2e82861b699de03663d11846428d87b34a17c50bc3dc9372c88060d3b2f88d5b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b6:b0:a2:9b:fe:bb:f8:44:4c:82:5f:1e:9b:
ef:bc:54:98:66:8e:3e:17:30:90:5a:ff:ac:98:67:
14:27:8a:3e:e0:a0:22:17:c6:eb:11:f6:f9:7e:94:
81:8d:a0:61:97:cb:d1:6a:aa:50:74:4f:97:f2:41:
52:6f:6f:46:34:a8:47:4e:99:3b:54:b1:08:bc:71:
5c:9a:6c:31:71:5a:61:c7:dc:6f:ca:c9:34:04:48:
71:49:40:db:e4:0c:2d:ea:20:7d:30:4e:4e:67:0a:
30:a1:c3:9a:8d:10:a4:4d:9b:25:9b:a5:14:c8:7c:
82:54:d6:01:95:16:8f:13:2e:e3:3b:9d:38:52:b5:
5c:63:93:ef:17:d4:bf:11:71:ee:cd:4d:6c:47:89:
49:9d:92:35:f6:37:1e:33:02:ae:59:9b:a9:f9:63:
12:4d:4e:ff:ca:cc:11:4d:1c:8c:c2:5e:73:cb:00:
e3:ad:e8:cd:41:79:0d:6c:c7:50:2a:d2:a3:86:53:
4c:1f:01:d4:3c:ba:fc:09:9e:e5:6a:03:90:db:71:
e3:f7:25:9d:72:1d:ef:d2:70:5c:76:f2:3c:45:f8:
60:1f:ea:fa:93:a2:a9:6c:4d:c4:91:8e:25:e9:9f:
22:0a:a6:ae:4b:71:97:6d:45:02:ba:fd:95:aa:66:
e7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C6:54:3A:CC:6E:C4:BF:AC:BC:58:B0:33:BF:90:51:CB:95:70:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:25:e1:21:96:7e:3a:71:0f:b5:59:37:4e:8e:fd:13:37:a6:
f6:ba:7a:ba:0e:e4:79:22:6c:43:36:87:ef:36:f8:09:7f:15:
ff:b6:d9:8f:c8:4b:0e:ae:7a:c8:49:b6:5e:b4:97:ca:a3:4c:
bf:e1:1e:04:6b:6b:5b:96:73:cb:ed:ff:64:82:a5:d8:e8:c9:
1b:26:79:28:3b:66:c5:c8:1a:72:e8:53:3e:a2:57:51:60:19:
ff:77:92:a8:fa:3d:ae:f2:c1:6f:04:99:51:4f:07:8b:9a:8b:
8b:f8:aa:fc:0a:20:09:c7:b9:97:c1:d4:03:87:c9:2c:ce:ac:
71:0e:58:2f:f9:21:57:b4:31:11:77:b6:be:14:a6:56:fe:08:
3d:9f:db:78:7d:30:b7:00:d6:00:ab:a4:e1:70:24:ea:93:3d:
2a:1b:2b:64:1f:f5:07:d8:b2:7f:99:20:de:94:9c:78:9b:11:
2a:0e:3a:40:e3:41:a4:54:29:3c:c5:93:bb:98:e2:15:67:ab:
07:96:b1:fe:5a:bd:70:1c:9f:f7:7b:35:e2:9e:81:ec:9d:b4:
8c:42:be:4c:60:5e:ca:2f:a3:22:00:4a:75:84:ac:7f:0f:a9:
63:52:05:0a:39:42:6d:73:49:fa:c8:f1:ee:cc:33:bb:c3:92:
42:af:b6:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUjIqXxEpWBer3y/VOUud4fQJHq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlODI4NjFiNjk5ZGUwMzY2M2QxMTg0NjQyOGQ4N2IzNGExN2M1MGJjM2Rj
OTM3MmM4ODA2MGQzYjJmODhkNWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK62sKKb/rv4REyCXx6b77xUmGaOPhcwkFr/rJhnFCeKPuCgIhfG6xH2+X6U
gY2gYZfL0WqqUHRPl/JBUm9vRjSoR06ZO1SxCLxxXJpsMXFaYcfcb8rJNARIcUlA
2+QMLeogfTBOTmcKMKHDmo0QpE2bJZulFMh8glTWAZUWjxMu4zudOFK1XGOT7xfU
vxFx7s1NbEeJSZ2SNfY3HjMCrlmbqfljEk1O/8rMEU0cjMJec8sA463ozUF5DWzH
UCrSo4ZTTB8B1Dy6/Ame5WoDkNtx4/clnXId79JwXHbyPEX4YB/q+pOiqWxNxJGO
JemfIgqmrktxl21FArr9lapm528CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQfxlQ6
zG7Ev6y8WLAzv5BRy5Vw+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAsiXhIZZ+OnEPtVk3To79Ezem9rp6ug7keSJsQzaH
7zb4CX8V/7bZj8hLDq56yEm2XrSXyqNMv+EeBGtrW5Zzy+3/ZIKl2OjJGyZ5KDtm
xcgacuhTPqJXUWAZ/3eSqPo9rvLBbwSZUU8Hi5qLi/iq/AogCce5l8HUA4fJLM6s
cQ5YL/khV7QxEXe2vhSmVv4IPZ/beH0wtwDWAKuk4XAk6pM9KhsrZB/1B9iyf5kg
3pSceJsRKg46QONBpFQpPMWTu5jiFWerB5ax/lq9cByf93s14p6B7J20jEK+TGBe
yi+jIgBKdYSsfw+pY1IFCjlCbXNJ+sjx7swzu8OSQq+2PQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org