Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa
File: 248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa (raw, json)
Hash identifier: KOJlskveAG+wfz4QVlir9oygWw1CqOcTPvTMrISY5lg=
Subject key identifier: E5:AD:FF:69:C0:96:09:8D:25:40:04:03:96:61:F6:17:94:CC:E0:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D8D2FFA5D97C0D8A36ADA8F6B52BADAF86EDFE0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Apr 2024 19:21:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:8d:2f:fa:5d:97:c0:d8:a3:6a:da:8f:6b:52:ba:da:f8:6e:df:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=8e89139e3337e1bbb9ca0a67b8b0b28aba03c27a9b40a92198cefb4dfea9b432, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:45:3e:2f:f6:39:fd:75:92:d5:5b:d1:dc:32:
8c:01:71:04:45:bf:63:c8:2f:9e:99:cf:67:2d:c5:
e7:45:35:58:fd:2c:ae:e3:7f:77:1d:80:e9:74:eb:
26:db:49:db:d4:2e:d9:49:11:90:7a:d4:9a:8a:8e:
c1:d4:55:bb:b7:bd:a0:8d:14:52:ee:0f:e4:cb:ef:
ac:49:d9:3b:54:be:7e:d3:8f:ab:64:8e:39:59:e1:
dc:bf:f9:d1:de:99:f1:e7:4e:bf:53:f0:34:8f:cc:
6f:0d:50:5b:ef:38:26:2e:8e:05:a8:fd:fb:a6:0c:
6f:ce:4e:f2:f4:d1:b5:8e:b8:7f:52:32:64:44:21:
e0:1b:ef:ad:86:a3:e2:aa:51:5f:d4:95:8f:b6:3c:
07:1b:12:81:51:00:ee:92:79:16:ac:bc:d1:19:fc:
6b:1e:9c:ff:c9:0a:1f:6f:d6:5f:77:38:f3:b8:fd:
5e:b2:b8:0b:ae:c1:67:ae:ab:b1:9b:31:f9:c4:62:
9d:1e:e7:d3:57:ca:59:86:2b:96:1f:a4:a7:82:66:
dd:4d:1b:a2:eb:78:8c:7c:76:a3:82:18:d2:5b:1f:
bd:c5:aa:9f:c6:70:0b:bf:39:91:ab:12:b9:02:ca:
6b:40:a3:b5:0d:47:0c:0c:35:84:68:93:ed:23:f8:
50:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AD:FF:69:C0:96:09:8D:25:40:04:03:96:61:F6:17:94:CC:E0:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/248ab1a8-8e19-4ad4-a29a-d5b8971a2792.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d5:b9:00:e4:ee:95:cc:2a:81:a8:0e:95:fb:48:22:ae:8c:8d:
b7:98:24:0d:c6:bf:ff:8a:c9:31:aa:bf:c0:9e:b5:1a:81:0b:
6d:66:e7:7d:e4:7e:f3:bc:92:e7:2d:4a:f4:4f:d3:ac:c8:2f:
14:47:c8:c2:2c:35:e9:18:5c:05:6c:ea:5f:c4:31:1a:52:fc:
d0:2a:23:3e:ec:8a:5b:aa:9d:28:80:2d:41:c5:02:fe:23:31:
9d:fd:10:c4:87:67:6a:ef:d6:e8:f0:9c:78:e2:48:01:7c:38:
e2:47:e1:e1:a1:50:86:f0:81:22:70:14:16:6b:ad:6e:7b:9b:
20:c3:d7:f4:e6:09:f0:93:89:4a:08:ce:ef:3a:be:53:d8:a9:
ed:1d:89:cb:9c:f4:0c:5d:ff:1e:e9:54:71:97:1a:c7:75:3d:
c6:ca:df:04:51:f4:a9:c6:83:ba:ee:af:34:b1:ee:e2:5b:6c:
b5:67:58:7e:8d:38:6e:48:ae:53:71:03:01:41:7c:81:c8:13:
f7:21:1c:35:af:22:b4:8f:a1:f1:b0:90:1f:82:cc:69:e5:75:
68:3a:a5:5d:70:0e:a5:da:e6:4f:2a:28:4e:34:43:3a:75:af:
fb:3e:54:b2:05:b4:de:44:3a:31:c2:71:3e:59:7a:0a:5f:3f:
a9:0a:db:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHY0v+l2XwNijatqPa1K62vhu3+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlODkxMzllMzMzN2UxYmJiOWNhMGE2N2I4YjBiMjhhYmEwM2MyN2E5YjQw
YTkyMTk4Y2VmYjRkZmVhOWI0MzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNFPi/2Of11ktVb0dwyjAFxBEW/Y8gvnpnPZy3F50U1WP0sruN/dx2A6XTr
JttJ29Qu2UkRkHrUmoqOwdRVu7e9oI0UUu4P5MvvrEnZO1S+ftOPq2SOOVnh3L/5
0d6Z8edOv1PwNI/Mbw1QW+84Ji6OBaj9+6YMb85O8vTRtY64f1IyZEQh4BvvrYaj
4qpRX9SVj7Y8BxsSgVEA7pJ5Fqy80Rn8ax6c/8kKH2/WX3c487j9XrK4C67BZ66r
sZsx+cRinR7n01fKWYYrlh+kp4Jm3U0bout4jHx2o4IY0lsfvcWqn8ZwC785kasS
uQLKa0CjtQ1HDAw1hGiT7SP4UOMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTlrf9p
wJYJjSVABAOWYfYXlMzgwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjQ4YWIxYTgtOGUxOS00YWQ0LWEyOWEtZDViODk3MWEyNzkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQDVuQDk7pXMKoGoDpX7SCKujI23mCQNxr//iskxqr/A
nrUagQttZud95H7zvJLnLUr0T9OsyC8UR8jCLDXpGFwFbOpfxDEaUvzQKiM+7Ipb
qp0ogC1BxQL+IzGd/RDEh2dq79bo8Jx44kgBfDjiR+HhoVCG8IEicBQWa61ue5sg
w9f05gnwk4lKCM7vOr5T2KntHYnLnPQMXf8e6VRxlxrHdT3Gyt8EUfSpxoO67q80
se7iW2y1Z1h+jThuSK5TcQMBQXyByBP3IRw1ryK0j6HxsJAfgsxp5XVoOqVdcA6l
2uZPKihONEM6da/7PlSyBbTeRDoxwnE+WXoKXz+pCttM
-----END CERTIFICATE-----
Generated at Tue Apr 16 01:21:45 2024 by rpki-client on console-ams.rpki-client.org