Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
File: 2150330d-575d-4841-9216-26672be29637.roa (raw, json)
Hash identifier: qLTqYUCx1xru+yaksq8Lmp+OnK5FMYNqAcxM+/f9O4s=
Subject key identifier: C8:52:BF:0A:C7:B3:A6:EA:3A:1B:24:DF:84:2F:81:16:91:26:F8:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71823736FE1B4E46E6798D376B2EB684610F1EB5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:82:37:36:fe:1b:4e:46:e6:79:8d:37:6b:2e:b6:84:61:0f:1e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=43b6a57282f4905a3297f8e45f8634c0b8bcbd2eec2c4ce9c3b39fd22a3ce3ff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:75:f9:8b:dd:0a:ec:e2:2c:26:f1:a0:b2:23:
62:40:20:fc:ac:d7:f0:91:9e:d3:8c:bf:7f:fc:2a:
e8:7b:ee:7b:77:60:86:d6:ef:15:00:08:14:ec:1b:
b0:4b:53:15:22:4e:a7:67:c0:f3:26:c4:63:4c:34:
e4:cf:2e:38:0d:6c:ef:65:ce:19:a5:7c:36:f6:ea:
c0:4a:ae:ea:0a:14:25:93:ee:ca:ec:59:35:64:88:
a1:5f:00:62:fe:54:c1:3e:fe:b3:9b:4c:95:ff:26:
d1:53:e0:d2:06:c1:87:ba:a5:39:e6:2d:c7:b7:1d:
f4:aa:ff:43:fc:5d:98:16:dc:c4:40:1d:eb:75:ec:
66:10:68:6a:9b:25:36:10:27:d7:52:90:f9:2e:95:
97:86:38:4f:7b:55:44:93:bb:45:c8:5b:d5:4c:02:
11:07:4a:a7:fd:da:c6:60:11:bf:82:3a:0d:37:b9:
b1:d2:62:b3:54:02:9f:80:d4:3d:da:96:79:af:ed:
6d:5d:03:2d:96:8a:14:74:ac:ea:bf:b5:37:85:8a:
26:f8:02:19:4a:79:ea:b8:59:e3:dd:6c:cb:31:32:
8c:97:1b:b7:37:b8:56:43:87:37:5a:4f:79:2f:c9:
16:fd:86:ec:b3:07:47:2d:9f:06:9b:3b:51:2a:78:
fb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:52:BF:0A:C7:B3:A6:EA:3A:1B:24:DF:84:2F:81:16:91:26:F8:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2150330d-575d-4841-9216-26672be29637.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
43:ae:da:39:37:4b:f2:26:80:3b:8e:40:cd:57:66:62:a8:76:
cf:0f:d5:6c:a6:71:79:7c:2d:e0:67:22:31:0c:d8:ee:10:7e:
74:c3:10:d7:b9:cb:48:ae:ab:2a:40:5a:25:5c:c7:5c:9d:03:
36:68:ff:42:4c:55:d1:c8:90:19:98:0e:16:f9:8d:ae:2e:02:
c4:ab:33:b9:dd:23:86:03:a1:2f:a0:24:ca:0c:0d:ca:b4:52:
01:f7:3b:09:6a:56:2f:ea:57:dd:33:80:39:2e:18:b8:bd:b9:
6b:2d:f9:e7:74:5d:8d:08:72:e3:fb:67:6f:e0:f7:41:d5:60:
b2:f9:60:81:33:ff:b3:44:0a:3d:48:8b:af:19:d9:c4:c4:3b:
aa:be:25:94:5e:a2:92:6c:49:38:c3:c9:9e:ec:8a:6b:87:c9:
c0:05:5d:bd:cc:dd:69:be:be:45:c0:5b:0e:3b:5a:72:1f:4c:
55:0d:2d:41:8b:fa:f4:28:6a:ef:64:ef:8b:e7:73:fe:a5:48:
d4:da:3f:d0:64:04:32:81:c5:63:78:7d:7d:cf:88:cc:a5:c3:
7b:ce:f8:60:2f:4c:34:d9:98:3e:4c:ee:85:83:89:2a:02:75:
e9:3e:5c:a8:f6:a0:a2:91:c9:b7:e4:ab:df:8f:03:25:99:a0:
8b:81:46:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcYI3Nv4bTkbmeY03ay62hGEPHrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzYjZhNTcyODJmNDkwNWEzMjk3ZjhlNDVmODYzNGMwYjhiY2JkMmVlYzJj
NGNlOWMzYjM5ZmQyMmEzY2UzZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl1+YvdCuziLCbxoLIjYkAg/KzX8JGe04y/f/wq6Hvue3dghtbvFQAIFOwb
sEtTFSJOp2fA8ybEY0w05M8uOA1s72XOGaV8NvbqwEqu6goUJZPuyuxZNWSIoV8A
Yv5UwT7+s5tMlf8m0VPg0gbBh7qlOeYtx7cd9Kr/Q/xdmBbcxEAd63XsZhBoapsl
NhAn11KQ+S6Vl4Y4T3tVRJO7Rchb1UwCEQdKp/3axmARv4I6DTe5sdJis1QCn4DU
PdqWea/tbV0DLZaKFHSs6r+1N4WKJvgCGUp56rhZ491syzEyjJcbtze4VkOHN1pP
eS/JFv2G7LMHRy2fBps7USp4+4kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTIUr8K
x7Om6jobJN+EL4EWkSb4qjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjE1MDMzMGQtNTc1ZC00ODQxLTkyMTYtMjY2NzJiZTI5NjM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ67aOTdL8iaAO45AzVdmYqh2zw/VbKZxeXwt4Gci
MQzY7hB+dMMQ17nLSK6rKkBaJVzHXJ0DNmj/QkxV0ciQGZgOFvmNri4CxKszud0j
hgOhL6AkygwNyrRSAfc7CWpWL+pX3TOAOS4YuL25ay3553RdjQhy4/tnb+D3QdVg
svlggTP/s0QKPUiLrxnZxMQ7qr4llF6ikmxJOMPJnuyKa4fJwAVdvczdab6+RcBb
Djtach9MVQ0tQYv69Chq72Tvi+dz/qVI1No/0GQEMoHFY3h9fc+IzKXDe874YC9M
NNmYPkzuhYOJKgJ16T5cqPagopHJt+Sr348DJZmgi4FG5Q==
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:30 2024 by rpki-client on console-fra.rpki-client.org