Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa
File: 07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa (raw, json)
Hash identifier: ++LrBS8+imlKkFIaRHpKpbok+T2QW7kd4KWkYb08T5Q=
Subject key identifier: BD:DB:D4:B5:06:13:65:DC:E4:B5:FB:00:01:B4:46:F8:8A:82:1E:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D8DA910CD7E1E38F573DCED8C5C453CC48C6936
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:8d:a9:10:cd:7e:1e:38:f5:73:dc:ed:8c:5c:45:3c:c4:8c:69:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=2ab3317a95394856dddc9e30039fa4e7ae57b10ad9cb45f5358726210b5688b6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:75:8f:7a:04:05:99:b3:bd:13:9d:4b:c7:26:
00:6b:2e:5f:5f:c0:1b:07:3d:e1:86:e9:58:fd:4d:
80:ec:16:38:d9:a0:13:24:3e:12:54:39:7f:04:33:
3e:21:ee:38:08:81:93:04:47:8e:67:d1:a9:b5:d3:
75:51:e9:65:9f:6f:68:7a:b0:91:d3:1a:f5:7e:c3:
88:ea:be:49:cb:01:64:36:8e:6f:33:b1:d5:57:15:
1b:fc:3d:a8:57:e7:9c:b5:3f:ed:f4:c8:39:b0:67:
4c:c2:e5:3b:b8:55:1c:f7:f2:a4:aa:ed:0e:ce:97:
fb:d6:bb:72:45:3e:bb:c5:03:94:49:25:9c:36:99:
02:67:5a:97:1d:8c:ee:df:f2:a5:60:40:6c:6d:b6:
08:ee:a3:4a:5f:9a:31:3a:14:f2:ef:0c:8d:d9:16:
0e:0f:a0:43:10:04:c1:f4:82:32:35:9f:13:09:9d:
92:07:37:7a:c2:58:59:97:41:50:8e:ed:96:f8:c0:
f0:87:52:00:c2:a1:24:8e:f3:ae:f2:56:fb:f8:65:
d3:bd:ff:0a:19:47:50:82:ed:28:d4:15:79:74:50:
63:fa:35:69:f6:03:79:c0:38:07:4d:a4:47:25:f4:
25:0a:4a:cc:78:e9:e2:c7:81:9a:09:4d:d5:9c:8e:
69:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DB:D4:B5:06:13:65:DC:E4:B5:FB:00:01:B4:46:F8:8A:82:1E:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07e20ea8-04d8-4c12-aaeb-4221b7c30928.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
06:48:01:26:74:e5:de:d1:fb:c9:c9:55:9d:d3:10:ac:b8:9b:
45:e0:76:7d:87:fe:9f:0a:ae:d9:57:8b:0e:68:b3:b2:8c:54:
34:33:42:93:db:1f:c5:a2:c1:4f:04:a6:29:ab:b1:44:c4:62:
51:bc:9e:22:52:c0:e3:87:b5:bf:5d:33:20:f2:85:00:0d:cd:
66:af:63:89:ad:46:fe:73:06:8d:26:37:44:bc:06:fa:56:2f:
40:1f:4f:64:57:f6:fd:ec:13:b7:73:30:1f:db:4b:96:ea:18:
02:56:d9:03:97:6e:93:a6:d4:08:6a:f8:0d:3b:9e:87:83:47:
a5:c7:49:47:b4:b2:93:7e:8b:c5:f6:2b:4e:4e:a0:23:e9:f2:
1e:1c:fc:88:30:af:40:5f:64:2b:bc:cc:e2:ff:80:f1:cb:15:
ac:b7:d6:f1:09:ff:36:38:ea:77:42:00:88:c2:0b:4b:80:38:
ca:bb:36:96:2f:99:c6:25:c4:a4:84:fe:0a:2b:da:cd:95:3e:
0a:d2:b1:0b:12:74:0e:a2:0f:42:1f:a3:9a:90:4d:3d:2f:9d:
08:22:85:1b:fa:b1:77:51:a5:4e:8f:92:31:32:31:84:77:33:
c9:ae:5b:b9:99:49:8d:c8:f2:bd:90:c2:df:b5:76:29:44:6e:
14:3a:bb:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXY2pEM1+Hjj1c9ztjFxFPMSMaTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhYjMzMTdhOTUzOTQ4NTZkZGRjOWUzMDAzOWZhNGU3YWU1N2IxMGFkOWNi
NDVmNTM1ODcyNjIxMGI1Njg4YjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANd1j3oEBZmzvROdS8cmAGsuX1/AGwc94YbpWP1NgOwWONmgEyQ+ElQ5fwQz
PiHuOAiBkwRHjmfRqbXTdVHpZZ9vaHqwkdMa9X7DiOq+ScsBZDaObzOx1VcVG/w9
qFfnnLU/7fTIObBnTMLlO7hVHPfypKrtDs6X+9a7ckU+u8UDlEklnDaZAmdalx2M
7t/ypWBAbG22CO6jSl+aMToU8u8MjdkWDg+gQxAEwfSCMjWfEwmdkgc3esJYWZdB
UI7tlvjA8IdSAMKhJI7zrvJW+/hl073/ChlHUILtKNQVeXRQY/o1afYDecA4B02k
RyX0JQpKzHjp4seBmglN1ZyOaaECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS929S1
BhNl3OS1+wABtEb4ioIe3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDdlMjBlYTgtMDRkOC00YzEyLWFhZWItNDIyMWI3YzMwOTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEABkgBJnTl3tH7yclVndMQrLibReB2fYf+nwqu2VeL
DmizsoxUNDNCk9sfxaLBTwSmKauxRMRiUbyeIlLA44e1v10zIPKFAA3NZq9jia1G
/nMGjSY3RLwG+lYvQB9PZFf2/ewTt3MwH9tLluoYAlbZA5duk6bUCGr4DTueh4NH
pcdJR7Syk36LxfYrTk6gI+nyHhz8iDCvQF9kK7zM4v+A8csVrLfW8Qn/Njjqd0IA
iMILS4A4yrs2li+ZxiXEpIT+CivazZU+CtKxCxJ0DqIPQh+jmpBNPS+dCCKFG/qx
d1GlTo+SMTIxhHczya5buZlJjcjyvZDC37V2KURuFDq7Lg==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:14 2024 by rpki-client on console-ams.rpki-client.org