Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
File: 80ccbd73-b51e-4203-8083-8baaa848e6c9.roa (raw, json)
Hash identifier: er4Wm6S20nCUEbOIBzqCPjSoudcCQcGg+DrTWbiyxnk=
Subject key identifier: 07:25:83:53:C4:9F:9C:5C:F1:84:F5:1B:E6:8D:0D:DF:93:F7:65:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07885A56779E5A0DF349E9C2871B871DA3902FC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
Signing time: Mon 08 Apr 2024 00:00:00 +0000
ROA not before: Mon 08 Apr 2024 00:00:00 +0000
ROA not after: Mon 13 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:88:5a:56:77:9e:5a:0d:f3:49:e9:c2:87:1b:87:1d:a3:90:2f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 8 00:00:00 2024 GMT
Not After : May 13 23:59:59 2024 GMT
Subject: serialNumber=a40be3099bc693bb4d456050562000212052fd58aecb25a73ef3dd4a3892abef, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ae:73:8a:68:a7:61:af:81:81:e2:ec:58:65:
6d:bf:36:65:95:ae:87:73:95:99:1c:a0:d8:f0:d8:
4a:4a:1d:42:f9:eb:ae:74:c6:17:53:90:e5:92:78:
d4:e4:f1:d8:f6:ae:a8:a4:16:35:f9:7a:e1:0a:7d:
bd:ca:78:fe:75:f1:95:21:79:56:d9:f6:3c:f4:ab:
23:ed:db:ff:dc:98:4f:0c:ff:74:21:89:5c:b7:70:
b3:10:6f:2d:fe:2e:36:6c:7b:c7:db:b5:be:52:28:
b8:4f:dd:34:f5:48:3d:ee:ea:c5:21:51:9f:8d:e2:
6c:6a:91:26:14:fc:8b:c4:d6:d4:44:b6:4b:37:ad:
b5:9a:b4:16:ca:b3:6f:05:64:30:19:0b:4c:5d:38:
2e:8e:bb:48:51:bf:68:cd:8d:22:41:e2:d3:a9:7e:
f6:dc:60:ba:0f:40:31:4a:51:06:91:e0:db:67:49:
d6:fa:74:72:a8:4c:24:3a:ec:88:92:85:52:25:88:
61:ce:96:47:65:1d:d0:e8:b0:59:ff:40:0c:56:16:
2e:86:16:f9:00:8d:b1:f4:f9:6a:64:28:02:fb:33:
3f:bd:48:78:9b:fa:7a:9d:41:29:ea:ab:0d:c6:9b:
01:34:01:fa:8e:e5:d2:0a:37:40:69:83:3d:3a:e1:
a4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:25:83:53:C4:9F:9C:5C:F1:84:F5:1B:E6:8D:0D:DF:93:F7:65:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:63:fc:0a:55:2c:06:5f:75:85:42:31:b9:fb:8c:5c:fc:91:
f5:cd:cf:d0:0c:2c:76:11:4e:45:4e:2a:cb:ca:f6:14:44:9f:
3d:0b:bd:9d:9f:8b:b4:29:2c:7a:f9:4e:f9:d4:54:67:fb:15:
90:e6:9e:e8:ef:51:5a:91:2f:69:97:a1:71:35:ef:20:a0:60:
37:8a:e2:a3:80:1e:03:d1:fa:95:23:c9:f0:f9:79:1c:3b:af:
76:1b:8e:e7:ea:52:50:1a:a2:93:e8:db:c9:92:8b:5d:a0:b2:
49:20:ad:62:58:00:e0:16:33:29:b7:f7:af:a9:26:88:62:e9:
f2:c9:cd:44:0b:8a:1b:ee:f7:d3:ba:d8:1a:15:0b:f5:1c:eb:
95:b8:2c:5e:45:84:4a:99:e2:19:8c:ed:9c:52:5c:ea:7a:2b:
ff:5f:0a:86:65:8d:b1:f5:57:94:dd:b6:f4:a1:c0:68:a9:a6:
fd:ea:0a:8c:e4:be:71:a5:a9:e9:55:e8:19:5f:bb:dd:a8:92:
f7:8e:3c:fe:40:3b:a4:49:f1:88:40:8c:9d:f2:21:b6:62:78:
40:da:95:5a:62:85:10:a9:bd:07:1e:1d:ea:d0:89:c9:88:ea:
14:00:70:29:99:c4:13:c7:d7:40:b2:14:0e:10:f7:c3:7e:1a:
76:20:4b:01
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUB4haVneeWg3zSenChxuHHaOQL8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDgwMDAwMDBaFw0yNDA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0MGJlMzA5OWJjNjkzYmI0ZDQ1NjA1MDU2MjAwMDIxMjA1MmZkNThhZWNi
MjVhNzNlZjNkZDRhMzg5MmFiZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOuc4pop2GvgYHi7Fhlbb82ZZWuh3OVmRyg2PDYSkodQvnrrnTGF1OQ5ZJ4
1OTx2PauqKQWNfl64Qp9vcp4/nXxlSF5Vtn2PPSrI+3b/9yYTwz/dCGJXLdwsxBv
Lf4uNmx7x9u1vlIouE/dNPVIPe7qxSFRn43ibGqRJhT8i8TW1ES2SzettZq0Fsqz
bwVkMBkLTF04Lo67SFG/aM2NIkHi06l+9txgug9AMUpRBpHg22dJ1vp0cqhMJDrs
iJKFUiWIYc6WR2Ud0OiwWf9ADFYWLoYW+QCNsfT5amQoAvszP71IeJv6ep1BKeqr
DcabATQB+o7l0go3QGmDPTrhpLMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQHJYNT
xJ+cXPGE9RvmjQ3fk/dlEDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBjY2JkNzMtYjUxZS00MjAzLTgwODMtOGJhYWE4NDhlNmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAbGP8ClUsBl91hUIxufuMXPyR9c3P0AwsdhFORU4q
y8r2FESfPQu9nZ+LtCksevlO+dRUZ/sVkOae6O9RWpEvaZehcTXvIKBgN4rio4Ae
A9H6lSPJ8Pl5HDuvdhuO5+pSUBqik+jbyZKLXaCySSCtYlgA4BYzKbf3r6kmiGLp
8snNRAuKG+7307rYGhUL9RzrlbgsXkWESpniGYztnFJc6nor/18KhmWNsfVXlN22
9KHAaKmm/eoKjOS+caWp6VXoGV+73aiS9448/kA7pEnxiECMnfIhtmJ4QNqVWmKF
EKm9Bx4d6tCJyYjqFABwKZnEE8fXQLIUDhD3w34adiBLAQ==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:25 2024 by rpki-client on console-fra.rpki-client.org