Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa
File: 7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa (raw, json)
Hash identifier: kXNMnonc6zbfJNllPCCXJejXInTmoFNkfiEnyxcgD5U=
Subject key identifier: BF:5F:A5:97:DF:0B:E5:B4:01:22:E7:72:0C:32:55:58:11:BE:AB:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C4F0511817B4C57B775E2CE7803782A6C04D078
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa
Signing time: Mon 08 Apr 2024 00:00:00 +0000
ROA not before: Mon 08 Apr 2024 00:00:00 +0000
ROA not after: Mon 13 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:4f:05:11:81:7b:4c:57:b7:75:e2:ce:78:03:78:2a:6c:04:d0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 8 00:00:00 2024 GMT
Not After : May 13 23:59:59 2024 GMT
Subject: serialNumber=d012329fd3a5c24326a3f4415a370c197b70670e5471f30400b95eaa772cbc04, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:63:fe:91:35:0c:7d:eb:ad:df:b3:79:b3:3d:
64:f7:57:0d:08:91:3a:08:e3:ba:f7:90:83:cc:22:
78:73:a2:cd:30:47:f0:bb:d5:eb:16:f5:3e:1a:da:
eb:fa:41:c4:f4:ec:ea:f0:4d:cf:d5:63:24:28:19:
8c:14:72:e2:0d:58:1e:fa:a4:c7:0c:c1:d3:e8:e1:
93:bd:98:69:a8:26:99:4c:28:61:4a:bb:50:43:a0:
d8:70:c6:f6:2c:58:85:13:f4:5a:0e:59:bf:98:bc:
7f:d7:09:bd:25:e8:69:2b:82:c6:05:00:9e:0b:ee:
28:8c:b2:e6:a7:de:57:10:19:a4:e1:32:80:7d:28:
08:83:ed:d9:f9:87:64:b6:36:e8:2e:93:e5:3b:c7:
85:3d:b2:62:5a:7f:12:97:20:32:69:90:03:1f:0a:
4d:1a:ec:4f:14:aa:94:c1:45:33:5d:9c:62:95:fe:
6f:8e:3f:da:4f:5f:fb:47:c4:49:20:2e:db:b2:f5:
ed:98:b0:92:dd:06:a1:86:04:6e:7f:5c:51:3d:2c:
f9:90:a2:7d:07:3d:23:2b:ca:be:bb:44:6c:3c:53:
ac:b6:93:c5:8a:0d:d7:7e:e0:d1:86:aa:61:42:49:
e0:33:00:1b:81:02:4a:5e:5b:2f:d4:9f:c8:0b:5d:
49:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5F:A5:97:DF:0B:E5:B4:01:22:E7:72:0C:32:55:58:11:BE:AB:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7400bc89-8ab3-42f2-b8fe-727fbb92dec4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:59:e7:92:aa:d1:26:83:6c:ea:11:72:87:f9:88:03:fe:b4:
59:9e:bd:3a:af:22:17:cd:9a:1a:77:98:18:48:f8:74:56:04:
9d:b3:0d:82:8b:54:60:64:76:99:7c:b6:50:69:c1:0f:dd:17:
15:fe:ed:8a:c1:87:68:c8:9d:42:d5:ae:fa:6e:39:0c:6a:90:
09:26:09:b6:5f:10:d4:90:f3:99:56:57:3c:3f:de:7d:42:5e:
f7:01:26:2e:53:00:17:33:58:4d:06:b6:d6:be:90:ea:ca:ba:
4b:d2:80:8b:a7:31:53:b8:35:c4:79:4b:88:93:d8:91:d1:d0:
4b:d5:24:0f:1f:99:dd:3b:46:ea:97:86:c7:e0:30:9c:4e:2f:
d9:31:bc:6f:68:ef:8d:f7:2d:65:3b:9c:a0:6c:f4:c1:f5:e5:
c9:a4:d2:fc:c1:e2:5a:99:0d:b8:5e:1e:e0:85:f8:1d:a0:c1:
f5:d9:b6:ef:71:ad:d9:40:3b:96:59:57:c3:6f:d1:76:c6:cc:
05:77:6f:6d:1f:7a:dd:b6:cd:3e:48:27:8a:c8:f9:c6:b5:d8:
4c:d5:6c:5b:22:9c:40:e2:44:d2:37:04:2c:9c:f4:34:51:0f:
58:13:f4:0a:0e:94:59:b4:d7:73:1a:0c:17:86:1f:16:94:c2:
70:c6:b6:05
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULE8FEYF7TFe3deLOeAN4KmwE0HgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDgwMDAwMDBaFw0yNDA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwMTIzMjlmZDNhNWMyNDMyNmEzZjQ0MTVhMzcwYzE5N2I3MDY3MGU1NDcx
ZjMwNDAwYjk1ZWFhNzcyY2JjMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRj/pE1DH3rrd+zebM9ZPdXDQiROgjjuveQg8wieHOizTBH8LvV6xb1Phra
6/pBxPTs6vBNz9VjJCgZjBRy4g1YHvqkxwzB0+jhk72YaagmmUwoYUq7UEOg2HDG
9ixYhRP0Wg5Zv5i8f9cJvSXoaSuCxgUAngvuKIyy5qfeVxAZpOEygH0oCIPt2fmH
ZLY26C6T5TvHhT2yYlp/EpcgMmmQAx8KTRrsTxSqlMFFM12cYpX+b44/2k9f+0fE
SSAu27L17Ziwkt0GoYYEbn9cUT0s+ZCifQc9IyvKvrtEbDxTrLaTxYoN137g0Yaq
YUJJ4DMAG4ECSl5bL9SfyAtdSSECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS/X6WX
3wvltAEi53IMMlVYEb6rEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzQwMGJjODktOGFiMy00MmYyLWI4ZmUtNzI3ZmJiOTJkZWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEADlnnkqrRJoNs6hFyh/mIA/60WZ69Oq8iF82aGneY
GEj4dFYEnbMNgotUYGR2mXy2UGnBD90XFf7tisGHaMidQtWu+m45DGqQCSYJtl8Q
1JDzmVZXPD/efUJe9wEmLlMAFzNYTQa21r6Q6sq6S9KAi6cxU7g1xHlLiJPYkdHQ
S9UkDx+Z3TtG6peGx+AwnE4v2TG8b2jvjfctZTucoGz0wfXlyaTS/MHiWpkNuF4e
4IX4HaDB9dm273Gt2UA7lllXw2/RdsbMBXdvbR963bbNPkgnisj5xrXYTNVsWyKc
QOJE0jcELJz0NFEPWBP0Cg6UWbTXcxoMF4YfFpTCcMa2BQ==
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:46:56 2024 by rpki-client on console-fra.rpki-client.org