Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: +q2dfcLZ/FvJIAk3vNjxqX6dAr4BYTfB9J3mPf47j0E=
Subject key identifier: 8F:21:97:7B:92:35:02:E7:62:81:27:3C:0D:22:4B:A4:3F:7A:E0:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 342A4833324F8252E35049489DF12772CC69659F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:2a:48:33:32:4f:82:52:e3:50:49:48:9d:f1:27:72:cc:69:65:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=33faa3107bca7f580c21a338aa48d01f20d774bf6259c83c130f0ac083d0dbaa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:97:e4:a4:26:2c:cc:a6:82:a0:26:c9:d1:d5:
39:bf:63:90:9d:79:74:8a:fb:37:8d:6d:77:6a:06:
92:72:76:7c:7b:29:16:e4:14:0b:10:b5:fc:c0:ed:
43:e5:a8:0b:0b:91:9e:c4:58:21:02:e3:58:a5:7f:
dd:44:6b:c7:7b:7e:15:d7:b6:63:e4:dc:44:ef:41:
79:91:db:59:63:f5:35:d0:ab:90:ed:ce:43:83:ec:
b0:4c:09:bc:93:28:a6:62:62:a8:06:48:f3:06:7a:
d0:89:38:1d:46:e7:93:ab:e3:97:81:d9:31:a9:72:
6a:da:d1:65:41:a4:9e:cd:10:b5:cc:83:2b:68:c5:
16:ea:0f:e9:00:78:65:eb:48:27:92:1a:01:32:a5:
65:dd:b0:0a:3b:5f:f6:8e:1d:0c:9b:8c:d4:91:1f:
35:9e:62:ab:ac:03:90:dc:86:32:da:84:4b:4c:8c:
c9:7c:46:b2:63:5a:a3:f1:e7:ef:5e:cf:8a:5b:56:
74:fc:16:45:c2:1b:18:9e:5d:a0:3b:52:06:c1:df:
bc:39:13:74:39:99:12:91:e3:42:0e:8c:45:1d:f9:
07:32:3f:72:32:1a:93:58:f5:ff:c2:3d:d4:bc:f1:
2b:de:01:ba:f5:98:eb:07:15:68:76:8e:55:77:33:
64:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:21:97:7B:92:35:02:E7:62:81:27:3C:0D:22:4B:A4:3F:7A:E0:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:9c:a6:de:e9:e8:24:69:9b:f1:7d:8d:05:dc:e7:be:08:cb:
3f:1a:9d:95:58:7c:aa:fe:e9:f2:28:37:3b:39:97:ed:87:56:
a5:80:56:f6:39:a8:94:3b:9c:f2:2a:13:06:bc:f5:3b:9b:28:
cd:b6:47:e8:da:7f:1f:23:11:50:42:49:10:01:0e:bf:2a:13:
58:25:5e:3d:5e:a5:8b:8f:9c:6e:d3:59:6f:4e:b5:b5:d5:7e:
c3:c5:6c:c3:5c:22:20:5f:bb:6f:fc:90:61:7b:d7:c6:9d:27:
0c:c3:d6:b3:6e:bf:6b:a5:2e:47:09:ef:71:f1:82:e5:64:ec:
63:f2:8e:e9:4c:d8:5e:b3:de:4f:8f:ce:5c:1b:5b:68:0c:52:
bc:bb:98:ee:49:4f:50:a5:f4:38:0c:9d:14:a2:88:d7:09:67:
b7:c4:bd:31:b3:ee:b8:4a:c4:92:a8:74:a6:86:e7:24:1c:7d:
8e:06:4d:92:a1:1b:6b:d7:29:da:e7:b8:ea:14:60:70:f7:b0:
89:b3:1b:be:59:42:72:ca:28:f6:d1:c6:b3:99:d3:bb:c6:92:
2f:4d:8d:43:ea:5e:b7:90:43:9b:83:a0:96:22:56:12:3b:d9:
bf:d4:d4:35:1a:f1:79:56:e4:57:60:ff:ed:71:d2:8d:e8:2a:
fd:de:60:91
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNCpIMzJPglLjUElInfEncsxpZZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZmFhMzEwN2JjYTdmNTgwYzIxYTMzOGFhNDhkMDFmMjBkNzc0YmY2MjU5
YzgzYzEzMGYwYWMwODNkMGRiYWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOmX5KQmLMymgqAmydHVOb9jkJ15dIr7N41td2oGknJ2fHspFuQUCxC1/MDt
Q+WoCwuRnsRYIQLjWKV/3URrx3t+Fde2Y+TcRO9BeZHbWWP1NdCrkO3OQ4PssEwJ
vJMopmJiqAZI8wZ60Ik4HUbnk6vjl4HZMalyatrRZUGkns0QtcyDK2jFFuoP6QB4
ZetIJ5IaATKlZd2wCjtf9o4dDJuM1JEfNZ5iq6wDkNyGMtqES0yMyXxGsmNao/Hn
717PiltWdPwWRcIbGJ5doDtSBsHfvDkTdDmZEpHjQg6MRR35BzI/cjIak1j1/8I9
1LzxK94BuvWY6wcVaHaOVXczZLsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSPIZd7
kjUC52KBJzwNIkukP3rgijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAnZym3unoJGmb8X2NBdznvgjLPxqdlVh8qv7p8ig3
OzmX7YdWpYBW9jmolDuc8ioTBrz1O5sozbZH6Np/HyMRUEJJEAEOvyoTWCVePV6l
i4+cbtNZb061tdV+w8Vsw1wiIF+7b/yQYXvXxp0nDMPWs26/a6UuRwnvcfGC5WTs
Y/KO6UzYXrPeT4/OXBtbaAxSvLuY7klPUKX0OAydFKKI1wlnt8S9MbPuuErEkqh0
pobnJBx9jgZNkqEba9cp2ue46hRgcPewibMbvllCcsoo9tHGs5nTu8aSL02NQ+pe
t5BDm4OgliJWEjvZv9TUNRrxeVbkV2D/7XHSjegq/d5gkQ==
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org