Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
File: c8417d8d-dd59-4c9c-9131-401f49361e96.roa (raw, json)
Hash identifier: oPKHPBP92YpceIVXP41ib9CGPc3m659yLPlx2wqimuA=
Subject key identifier: 25:17:AA:1C:5F:99:DA:34:B5:47:CE:12:3D:80:3D:03:19:BE:37:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70EB0D3B0598191F2DDB6B9D051001800364A17A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.119.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:eb:0d:3b:05:98:19:1f:2d:db:6b:9d:05:10:01:80:03:64:a1:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=afecdda4b02003a3808ddf29962dbc58b9048a0f18fb2d24b83a99f09f2cf3b3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:53:43:f2:90:da:3a:d4:dd:30:63:ca:52:df:
6a:30:82:24:52:80:33:74:c6:65:ba:9c:15:4f:11:
6e:d5:1c:b9:9c:41:6b:f2:0a:80:dd:42:b6:52:29:
22:c7:dc:b2:c9:6a:3c:be:b2:cd:d4:c5:1f:3a:d5:
1d:ef:a0:ac:d9:6b:a1:ee:e8:bb:10:d5:ff:75:e3:
ad:12:0e:23:29:00:22:81:52:67:a7:86:8b:10:61:
e5:1f:e4:2e:60:80:6a:6a:d8:7b:a6:f4:78:a5:03:
37:ab:47:49:e4:3d:1d:37:90:90:46:49:3a:60:ce:
92:73:97:21:b3:0f:dd:67:af:37:c8:e9:6f:f1:ea:
4e:b3:ce:81:b2:94:97:de:51:b8:3c:37:e5:2f:d4:
7d:7e:d8:72:57:da:c4:94:72:53:10:bb:4a:9e:a3:
62:9b:f3:ff:a5:28:a5:ce:55:51:b1:01:61:07:ba:
7c:ec:2f:b6:67:01:7c:1f:e9:9c:d7:05:57:99:ba:
29:70:ed:f2:ce:41:91:8c:9c:28:14:61:5d:a9:61:
3e:6e:c9:be:d8:df:eb:e8:dd:e9:80:82:30:24:5a:
c4:9e:13:41:e8:5c:85:a6:0e:5b:de:fc:eb:40:3d:
46:84:ff:76:05:3e:0e:95:38:6c:01:41:00:a2:99:
d9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:17:AA:1C:5F:99:DA:34:B5:47:CE:12:3D:80:3D:03:19:BE:37:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8417d8d-dd59-4c9c-9131-401f49361e96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ce:23:8d:3e:14:d9:ea:fe:27:f0:41:61:e4:14:97:4d:28:e1:
48:41:05:a9:6a:ad:f4:ee:8c:91:3f:10:bb:99:19:84:56:01:
0b:e4:ad:cb:1c:9e:4c:7f:c4:d6:a3:45:f2:42:89:43:35:de:
0c:c2:70:bf:61:56:22:19:7c:7c:bc:20:67:dc:34:66:72:ef:
7a:80:c6:d6:2b:da:2b:e4:65:6d:da:0a:45:37:fb:f4:0e:ee:
18:56:28:39:1b:f7:49:e1:06:ef:bb:6d:10:da:71:d8:bc:9d:
81:7d:50:a9:62:2d:cd:a3:88:82:e4:3f:d5:f2:ac:42:13:6c:
a4:85:df:80:de:9a:d3:2e:6c:ed:af:5c:8e:25:e9:f3:7e:92:
bc:8e:e6:47:dd:a3:d4:61:68:7c:2e:a8:56:d1:1c:d3:67:35:
87:62:c9:f5:98:16:e8:ff:f5:95:8e:c7:26:2b:31:47:d5:65:
72:a2:a8:97:a9:26:1a:73:9b:90:3b:fd:f4:2a:6b:2b:fd:ca:
2e:fa:01:dc:d5:00:3a:8c:cc:7a:a8:a4:0a:fe:94:0e:07:9f:
ca:76:3c:74:35:55:51:7e:4a:ea:24:7a:4b:98:a2:3a:cb:e9:
49:ef:af:c8:62:39:b1:13:e3:92:70:8d:e2:ca:ff:7a:b9:ac:
ac:65:ce:a0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcOsNOwWYGR8t22udBRABgANkoXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmZWNkZGE0YjAyMDAzYTM4MDhkZGYyOTk2MmRiYzU4YjkwNDhhMGYxOGZi
MmQyNGI4M2E5OWYwOWYyY2YzYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9TQ/KQ2jrU3TBjylLfajCCJFKAM3TGZbqcFU8RbtUcuZxBa/IKgN1CtlIp
IsfcsslqPL6yzdTFHzrVHe+grNlroe7ouxDV/3XjrRIOIykAIoFSZ6eGixBh5R/k
LmCAamrYe6b0eKUDN6tHSeQ9HTeQkEZJOmDOknOXIbMP3WevN8jpb/HqTrPOgbKU
l95RuDw35S/UfX7YclfaxJRyUxC7Sp6jYpvz/6Uopc5VUbEBYQe6fOwvtmcBfB/p
nNcFV5m6KXDt8s5BkYycKBRhXalhPm7Jvtjf6+jd6YCCMCRaxJ4TQehchaYOW978
60A9RoT/dgU+DpU4bAFBAKKZ2Z8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQlF6oc
X5naNLVHzhI9gD0DGb43VjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yzg0MTdkOGQtZGQ1OS00YzljLTkxMzEtNDAxZjQ5MzYxZTk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAziONPhTZ6v4n8EFh5BSXTSjhSEEFqWqt9O6MkT8Q
u5kZhFYBC+StyxyeTH/E1qNF8kKJQzXeDMJwv2FWIhl8fLwgZ9w0ZnLveoDG1iva
K+RlbdoKRTf79A7uGFYoORv3SeEG77ttENpx2LydgX1QqWItzaOIguQ/1fKsQhNs
pIXfgN6a0y5s7a9cjiXp836SvI7mR92j1GFofC6oVtEc02c1h2LJ9ZgW6P/1lY7H
JisxR9VlcqKol6kmGnObkDv99CprK/3KLvoB3NUAOozMeqikCv6UDgefynY8dDVV
UX5K6iR6S5iiOsvpSe+vyGI5sRPjknCN4sr/ermsrGXOoA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:31 2024 by rpki-client on console-ams.rpki-client.org