Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: 6k0W501r0+Owoi3pi14Hk3TjRQGLD08VcGWdwtJ4J18=
Subject key identifier: 91:1B:F4:4F:2A:2A:62:6A:58:52:00:52:25:9E:7B:F8:45:92:0B:28
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6EC2D2EA4E47EF5C1131190538A015D8C47D5EA6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:c2:d2:ea:4e:47:ef:5c:11:31:19:05:38:a0:15:d8:c4:7d:5e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=315354c8b50e31b63c520f857b12ba39b3a9baa08428dc70d80cd395b6a4525e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a4:96:b8:59:1f:16:1c:2d:d0:55:a9:ab:9c:
23:31:b4:a2:47:76:3d:44:5f:92:ee:f8:76:99:0b:
7d:cf:9e:f4:60:60:51:6e:ae:2c:bb:f5:29:4b:84:
29:0e:4f:ec:75:59:fb:0f:21:06:48:2a:c7:b9:49:
7b:2c:92:24:83:a2:f5:a8:07:39:15:6e:27:6b:04:
ab:61:21:a7:f5:e9:e4:d1:44:21:3c:0f:d3:a6:7a:
5c:69:6f:27:9a:e3:93:6e:01:7f:4f:d9:59:8b:c0:
e8:dd:fe:eb:05:d8:ce:47:bf:65:0a:16:98:b2:16:
12:82:3a:a3:43:5d:05:0d:55:5d:cf:8c:0b:8d:80:
fb:6f:f7:bb:49:3f:12:5f:2b:5c:c5:b3:f9:7b:ca:
88:ba:f1:85:bc:a0:6a:13:88:17:c3:79:54:6a:3f:
bc:20:94:39:57:5e:1c:58:7f:1f:f0:41:05:1b:40:
cc:d5:21:a3:16:a9:b0:a7:33:68:e3:35:e2:c3:f5:
9f:98:0a:7e:bd:a9:d4:da:fb:48:d4:44:73:9d:ff:
94:7e:e3:aa:f3:31:7c:44:10:c5:43:c5:14:1c:f1:
71:e1:e0:f6:cd:73:e1:82:cf:c4:12:6c:eb:dd:f5:
f1:35:5f:55:96:43:36:bc:40:eb:9b:86:b5:4e:a4:
db:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1B:F4:4F:2A:2A:62:6A:58:52:00:52:25:9E:7B:F8:45:92:0B:28
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
75:c1:5b:f8:f9:22:ca:81:57:90:a9:f2:8c:15:73:8d:aa:12:
ab:b6:d8:dd:57:63:c6:4c:85:0b:76:52:53:58:df:c2:95:ed:
88:f7:05:f9:b5:7d:ed:28:ac:11:d1:a8:d3:d7:e7:cc:17:ca:
86:ee:a6:2a:eb:9d:da:ca:74:34:a6:45:75:ef:29:af:67:bf:
76:6f:9c:8e:c3:52:56:7b:f0:a0:02:85:d3:56:14:61:a1:3f:
8f:7d:d5:98:1e:6f:65:44:c0:71:75:2b:92:7e:27:e0:aa:34:
1a:cf:45:d0:e3:88:a3:f1:e2:b9:94:05:66:dc:81:63:44:3c:
ee:50:13:c7:48:ff:be:f6:5c:7e:8b:f9:67:3d:ee:97:5b:d4:
94:35:4a:75:0f:ca:f0:65:74:ed:b2:1c:01:ff:67:15:f4:dc:
f1:a7:e2:c4:8b:fb:5e:28:8c:7d:7c:f8:ea:9b:b0:4f:b9:de:
f4:b1:21:a1:67:b0:b0:0d:09:b4:14:29:b6:44:df:0b:f1:4b:
b0:4a:94:e2:dc:92:e1:9b:ef:13:90:48:4c:68:43:92:02:1c:
8b:eb:1b:86:bd:6c:c2:99:d8:f2:fa:2b:5b:4f:b5:ce:67:33:
17:a6:85:44:ba:5c:41:90:dd:00:cd:de:c2:be:ec:49:ca:39:
2c:8c:74:9d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbsLS6k5H71wRMRkFOKAV2MR9XqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxNTM1NGM4YjUwZTMxYjYzYzUyMGY4NTdiMTJiYTM5YjNhOWJhYTA4NDI4
ZGM3MGQ4MGNkMzk1YjZhNDUyNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyklrhZHxYcLdBVqaucIzG0okd2PURfku74dpkLfc+e9GBgUW6uLLv1KUuE
KQ5P7HVZ+w8hBkgqx7lJeyySJIOi9agHORVuJ2sEq2Ehp/Xp5NFEITwP06Z6XGlv
J5rjk24Bf0/ZWYvA6N3+6wXYzke/ZQoWmLIWEoI6o0NdBQ1VXc+MC42A+2/3u0k/
El8rXMWz+XvKiLrxhbygahOIF8N5VGo/vCCUOVdeHFh/H/BBBRtAzNUhoxapsKcz
aOM14sP1n5gKfr2p1Nr7SNREc53/lH7jqvMxfEQQxUPFFBzxceHg9s1z4YLPxBJs
69318TVfVZZDNrxA65uGtU6k2w0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSRG/RP
KipialhSAFIlnnv4RZILKDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAdcFb+PkiyoFXkKnyjBVzjaoSq7bY3VdjxkyFC3ZS
U1jfwpXtiPcF+bV97SisEdGo09fnzBfKhu6mKuud2sp0NKZFde8pr2e/dm+cjsNS
VnvwoAKF01YUYaE/j33VmB5vZUTAcXUrkn4n4Ko0Gs9F0OOIo/HiuZQFZtyBY0Q8
7lATx0j/vvZcfov5Zz3ul1vUlDVKdQ/K8GV07bIcAf9nFfTc8afixIv7XiiMfXz4
6puwT7ne9LEhoWewsA0JtBQptkTfC/FLsEqU4tyS4ZvvE5BITGhDkgIci+sbhr1s
wpnY8vorW0+1zmczF6aFRLpcQZDdAM3ewr7sSco5LIx0nQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org