Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa
File: 07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa (raw, json)
Hash identifier: dPl+5hOHZrrYEcP2H2muL5/h+3V1oHZNbgTJl9iuIqk=
Subject key identifier: F4:6F:BA:B5:2C:7B:F5:49:49:B0:01:37:66:D0:17:C7:76:08:A2:37
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3FD07626B8450D6DDC5BE4E2D90F4DFB19A5038B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:d0:76:26:b8:45:0d:6d:dc:5b:e4:e2:d9:0f:4d:fb:19:a5:03:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=d8eb1ce1dd85b392e195a42d36d76f4d0383160821fa2bfe6572df2466d242bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:89:46:d6:62:40:21:0c:cb:ee:8b:08:bb:aa:
53:57:d5:b4:0f:3d:e8:b5:92:0a:c5:94:27:62:8a:
dc:96:47:46:dc:5c:b6:42:11:d5:4b:7a:c0:71:05:
b0:02:d5:e1:d9:1b:e6:d9:38:73:9d:29:01:03:c0:
00:10:7c:83:05:ed:cf:99:0a:f8:a6:77:df:d9:2d:
81:b9:31:1d:2b:02:04:7e:47:9e:b7:00:92:fd:1c:
a2:ba:12:e4:a5:cf:de:67:f3:91:92:80:48:ae:d6:
d7:77:7c:b0:09:6e:b9:8e:54:63:ee:f0:5a:a1:c3:
8c:7c:b4:43:e0:ec:f1:5c:f9:f6:e1:62:98:b3:79:
bd:82:0d:34:31:95:e6:58:a7:24:f3:bf:96:ab:a0:
54:21:53:9b:a4:e6:b2:67:25:42:17:6e:26:68:f7:
44:19:9b:2e:80:5f:4f:fe:9f:b4:80:f1:9f:f8:a0:
33:26:28:c3:ce:72:9a:e5:5d:8b:0b:1f:22:d8:ce:
30:f6:76:ae:d3:7f:e4:af:38:b4:0c:92:81:76:fb:
ef:d6:2a:36:d9:a9:fe:1e:c6:ce:b6:3f:28:b1:eb:
4d:6f:08:32:40:bc:65:37:b8:7e:bb:14:11:38:27:
3a:34:3c:60:5a:09:ef:f4:20:33:df:d5:7b:ae:04:
7a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6F:BA:B5:2C:7B:F5:49:49:B0:01:37:66:D0:17:C7:76:08:A2:37
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
03:45:d9:1a:bd:a5:79:ed:1b:0d:df:e2:e5:db:80:1b:34:2f:
78:f5:b5:1c:14:32:df:45:d3:e2:96:2b:b6:04:cd:42:33:bc:
0b:9d:59:86:4f:2f:b8:87:fe:ec:11:9b:9b:ab:bc:1d:77:b5:
33:cb:96:36:2b:2e:ba:ff:a2:87:2a:f4:58:a9:34:18:75:c3:
b1:93:d0:95:62:73:0b:d8:f6:be:da:6f:b0:99:c0:80:7c:99:
01:07:70:4f:23:9b:ec:fa:be:71:3b:63:e2:23:56:c9:76:09:
71:a4:57:38:67:e4:ce:c1:29:d3:0d:5b:57:fa:af:90:fd:ac:
78:0c:08:01:0b:94:5f:45:da:26:91:4b:39:54:f0:b2:ff:cb:
9c:82:8b:6a:91:ff:a2:4b:3e:23:82:57:10:d8:7d:d0:1e:05:
0d:57:d0:44:a6:a8:5d:a4:d3:30:7f:f3:fe:dc:8c:ef:d7:25:
d7:37:be:e5:1b:47:c3:49:4b:d2:bb:d4:fd:8f:ca:94:f4:c5:
c4:e1:c8:61:ad:00:e1:a1:e7:e5:be:4e:7e:5a:13:76:ec:2a:
b7:43:50:c2:30:6a:e7:04:69:a7:2c:e9:05:4b:b0:03:cc:93:
8a:70:97:e7:8f:a1:aa:59:b6:83:dd:51:47:83:16:c6:1a:c8:
7b:a0:a1:bc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP9B2JrhFDW3cW+Ti2Q9N+xmlA4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4ZWIxY2UxZGQ4NWIzOTJlMTk1YTQyZDM2ZDc2ZjRkMDM4MzE2MDgyMWZh
MmJmZTY1NzJkZjI0NjZkMjQyYmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaJRtZiQCEMy+6LCLuqU1fVtA896LWSCsWUJ2KK3JZHRtxctkIR1Ut6wHEF
sALV4dkb5tk4c50pAQPAABB8gwXtz5kK+KZ339ktgbkxHSsCBH5HnrcAkv0coroS
5KXP3mfzkZKASK7W13d8sAluuY5UY+7wWqHDjHy0Q+Ds8Vz59uFimLN5vYINNDGV
5linJPO/lqugVCFTm6TmsmclQhduJmj3RBmbLoBfT/6ftIDxn/igMyYow85ymuVd
iwsfItjOMPZ2rtN/5K84tAySgXb779YqNtmp/h7GzrY/KLHrTW8IMkC8ZTe4frsU
ETgnOjQ8YFoJ7/QgM9/Ve64EeqECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT0b7q1
LHv1SUmwATdm0BfHdgiiNzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDdlMjBlYTgtMDRkOC00YzEyLWFhZWItNDIyMWI3YzMwOTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAA0XZGr2lee0bDd/i5duAGzQvePW1HBQy30XT4pYr
tgTNQjO8C51Zhk8vuIf+7BGbm6u8HXe1M8uWNisuuv+ihyr0WKk0GHXDsZPQlWJz
C9j2vtpvsJnAgHyZAQdwTyOb7Pq+cTtj4iNWyXYJcaRXOGfkzsEp0w1bV/qvkP2s
eAwIAQuUX0XaJpFLOVTwsv/LnIKLapH/oks+I4JXENh90B4FDVfQRKaoXaTTMH/z
/tyM79cl1ze+5RtHw0lL0rvU/Y/KlPTFxOHIYa0A4aHn5b5OfloTduwqt0NQwjBq
5wRppyzpBUuwA8yTinCX54+hqlm2g91RR4MWxhrIe6ChvA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:27 2024 by rpki-client on console-ams.rpki-client.org