Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
File: 80ccbd73-b51e-4203-8083-8baaa848e6c9.roa (raw, json)
Hash identifier: KEhfonYB6Lo/uY6aqPYYX9YtdDMBSE+d7yywZVxIxBA=
Subject key identifier: 19:47:59:C7:21:61:FB:12:58:25:C3:63:EF:07:ED:61:ED:8C:CC:B2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 74BDA715E2B41882EF923D84D4CBEFB889370770
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:bd:a7:15:e2:b4:18:82:ef:92:3d:84:d4:cb:ef:b8:89:37:07:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=0f990bdb13763f6ba591a05a740cd04a3e296f0265b1e1108a7c793a68406696, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:6c:94:cc:d9:e3:f2:8f:77:7d:b2:b3:c5:
73:a0:dc:ec:84:7a:87:dc:56:ee:61:dc:c2:e3:1f:
b2:f6:82:cf:d9:ae:0c:18:8e:cc:b3:5a:ee:64:f6:
f1:53:a6:a5:1d:3a:16:61:14:c8:16:14:29:ac:29:
a7:a0:64:a9:8f:7b:1c:b7:b9:cf:36:31:95:a2:cd:
49:bf:71:35:a9:9c:16:5b:38:e4:27:20:1f:ce:cb:
5e:06:ca:0a:22:c7:6c:5d:4d:d9:18:66:34:d6:34:
df:68:39:70:ef:53:f2:28:4a:5a:9c:cc:2a:66:dd:
fb:f9:53:f2:45:c3:f0:2f:e4:75:14:8f:e0:08:2e:
ec:37:1f:9d:d5:18:3d:99:ac:86:f5:05:49:de:2a:
d7:e4:ff:2a:35:bd:a7:89:40:73:2e:9c:ce:e4:34:
4e:ab:d8:b0:ca:2c:d5:f6:5a:98:73:0f:72:62:a9:
4d:8c:55:7b:f2:d3:52:74:65:43:10:86:cd:69:e3:
f8:c7:68:64:fb:bc:4f:fe:df:23:ea:10:37:87:a4:
ea:cf:da:a7:e6:e1:9e:7a:47:5c:85:e4:fd:ce:c6:
c2:5f:54:ee:64:da:2d:51:21:a3:70:2e:19:33:ec:
d9:cd:37:67:74:9c:7e:ec:57:5b:f6:61:43:92:6b:
f8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:47:59:C7:21:61:FB:12:58:25:C3:63:EF:07:ED:61:ED:8C:CC:B2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80ccbd73-b51e-4203-8083-8baaa848e6c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:d3:9f:97:31:f9:e9:4f:37:4c:45:86:9c:00:b8:ee:5c:d7:
12:96:7a:aa:9f:bc:ce:e7:53:74:e0:0f:98:ec:08:da:8e:bb:
a5:69:2f:a5:3f:be:a4:59:91:b8:b5:20:38:14:9b:64:a8:4f:
8f:17:33:b5:46:1d:6a:64:33:43:42:24:6e:dd:dc:b8:16:d2:
35:d0:d8:bc:7d:58:04:e7:2d:2f:bc:e5:10:46:a8:f6:9a:6b:
60:52:2b:89:9f:83:fa:36:c0:48:7c:b4:1e:92:18:31:08:ef:
c2:b6:f7:b1:e8:23:97:05:5a:23:8f:a8:6f:6e:ef:c2:d8:d8:
46:3c:e9:5f:d8:c2:38:03:7d:a5:8e:52:8c:92:9c:07:e2:4a:
63:e3:f6:a5:f1:f3:e8:de:f3:ab:e3:b4:fe:9e:c2:d7:67:4c:
f8:38:1d:77:9d:23:93:27:b6:b4:f6:19:4b:43:8f:92:04:9b:
9a:fb:7f:81:8f:b3:4c:97:ba:8f:91:13:bd:3e:70:6a:b5:ef:
ae:55:7b:eb:48:ae:a3:a8:95:1c:9f:78:35:ab:20:48:0c:c8:
5a:f7:49:74:1a:49:00:2a:70:d0:c9:1f:61:a0:70:55:79:9d:
ed:69:1b:36:c4:22:d8:83:06:54:ec:81:a2:07:9f:45:f5:96:
8a:4a:5f:9f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdL2nFeK0GILvkj2E1MvvuIk3B3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmOTkwYmRiMTM3NjNmNmJhNTkxYTA1YTc0MGNkMDRhM2UyOTZmMDI2NWIx
ZTExMDhhN2M3OTNhNjg0MDY2OTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALahbJTM2ePyj3d9srPFc6Dc7IR6h9xW7mHcwuMfsvaCz9muDBiOzLNa7mT2
8VOmpR06FmEUyBYUKawpp6BkqY97HLe5zzYxlaLNSb9xNamcFls45CcgH87LXgbK
CiLHbF1N2RhmNNY032g5cO9T8ihKWpzMKmbd+/lT8kXD8C/kdRSP4Agu7DcfndUY
PZmshvUFSd4q1+T/KjW9p4lAcy6czuQ0TqvYsMos1fZamHMPcmKpTYxVe/LTUnRl
QxCGzWnj+MdoZPu8T/7fI+oQN4ek6s/ap+bhnnpHXIXk/c7Gwl9U7mTaLVEho3Au
GTPs2c03Z3ScfuxXW/ZhQ5Jr+BcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZR1nH
IWH7Elglw2PvB+1h7YzMsjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBjY2JkNzMtYjUxZS00MjAzLTgwODMtOGJhYWE4NDhlNmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAuNOflzH56U83TEWGnAC47lzXEpZ6qp+8zudTdOAP
mOwI2o67pWkvpT++pFmRuLUgOBSbZKhPjxcztUYdamQzQ0Ikbt3cuBbSNdDYvH1Y
BOctL7zlEEao9pprYFIriZ+D+jbASHy0HpIYMQjvwrb3segjlwVaI4+ob27vwtjY
RjzpX9jCOAN9pY5SjJKcB+JKY+P2pfHz6N7zq+O0/p7C12dM+Dgdd50jkye2tPYZ
S0OPkgSbmvt/gY+zTJe6j5ETvT5warXvrlV760iuo6iVHJ94NasgSAzIWvdJdBpJ
ACpw0MkfYaBwVXmd7WkbNsQi2IMGVOyBogefRfWWikpfnw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org