Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
File: d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa (raw, json)
Hash identifier: FJU3IHwrK9sfaYWPA0+p5xKorHF1ZnPhpsg+eD/GJGk=
Subject key identifier: 19:6B:C6:F2:B7:FF:E3:85:94:48:8C:34:42:AA:FB:DB:11:E8:F4:DB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43F3C0B59C62F1D890EFE6CCAB733E4F6BD43116
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:f3:c0:b5:9c:62:f1:d8:90:ef:e6:cc:ab:73:3e:4f:6b:d4:31:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=666018cbdb9d30256becfdcacc3f115448ff728b746c2d590c89dd66b5c32e69, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:da:f8:8e:a9:8b:92:04:e3:1c:02:ff:eb:62:
98:82:2f:46:97:df:7a:ad:16:f3:ad:9e:f6:e6:23:
89:5f:0d:16:0e:38:92:f0:97:14:d3:95:05:9e:2b:
9e:5f:17:58:d1:6f:ab:71:52:f9:d4:cc:18:af:de:
0d:39:ce:9f:9e:be:bc:d2:14:a5:db:41:cb:0b:91:
e3:72:e4:db:68:a6:55:e8:5c:b2:1f:ec:01:cb:f8:
42:ad:03:7a:ca:05:bf:c3:93:0e:48:f7:c2:17:3a:
5b:20:38:4b:8e:73:88:77:be:3a:26:f7:51:b6:f1:
bf:c1:8e:12:37:87:7a:38:1f:81:2e:a0:ac:32:ff:
e6:e7:fe:3c:9f:5b:d4:d9:01:68:66:8e:8e:fa:99:
39:41:6e:f6:ac:85:94:4a:66:f9:7a:2f:fa:eb:1f:
02:45:fb:14:59:4a:60:09:05:b8:7c:31:31:70:1c:
f6:92:a7:66:b8:f6:46:39:69:2e:fd:bf:00:fd:65:
9c:f6:3d:22:9f:b3:f4:83:79:6c:fa:ad:91:20:cd:
be:d3:b0:b0:4a:f0:83:bc:55:f4:71:f7:ca:5c:0a:
47:b6:08:02:94:0f:97:3a:1b:8a:28:99:41:ec:11:
53:cd:bf:d8:86:ba:04:a4:52:4c:b2:3d:6a:f3:18:
6d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6B:C6:F2:B7:FF:E3:85:94:48:8C:34:42:AA:FB:DB:11:E8:F4:DB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
83:69:f2:b8:27:10:27:b6:43:79:82:b9:08:76:f2:ea:bc:d6:
d6:6d:ab:56:92:0a:8f:ec:1c:c0:fa:90:d4:5d:9b:82:67:7b:
e0:e0:f4:71:0d:63:2c:08:a4:d4:c8:32:8e:e6:82:99:97:8c:
72:60:98:32:6b:11:d9:85:08:3d:72:75:43:bf:5b:4b:a9:03:
dd:de:89:ae:df:6e:c1:d6:5a:d5:9f:82:99:8c:b8:61:5e:d8:
67:80:43:bc:ad:59:bb:ee:08:bb:fa:35:2f:77:22:bc:6f:ce:
c6:77:f5:1f:d8:80:c0:51:bd:ee:99:44:53:ef:2e:e1:75:d8:
73:70:59:27:23:bd:42:59:88:1b:6e:23:8e:ca:a1:f7:05:d5:
74:91:f3:52:4f:6b:a9:a9:ac:c1:0e:bd:52:a6:5b:c4:3b:a2:
f1:85:2f:70:31:51:fa:3a:15:c2:21:28:e1:b4:91:94:7b:84:
e8:01:52:4b:a7:ce:54:11:e5:b6:dc:2d:f2:3d:f4:87:79:ef:
9e:3b:d5:40:6f:8c:c1:ba:c4:e7:c1:35:31:65:ec:0d:bc:7e:
2c:bb:6d:b2:cd:77:f3:65:7b:77:35:96:02:c4:b4:c4:79:aa:
b0:95:58:30:73:61:b5:ff:7a:7c:d3:3f:b9:54:7d:41:91:ec:
e0:1a:92:77
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQ/PAtZxi8diQ7+bMq3M+T2vUMRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2NjAxOGNiZGI5ZDMwMjU2YmVjZmRjYWNjM2YxMTU0NDhmZjcyOGI3NDZj
MmQ1OTBjODlkZDY2YjVjMzJlNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKra+I6pi5IE4xwC/+timIIvRpffeq0W862e9uYjiV8NFg44kvCXFNOVBZ4r
nl8XWNFvq3FS+dTMGK/eDTnOn56+vNIUpdtBywuR43Lk22imVehcsh/sAcv4Qq0D
esoFv8OTDkj3whc6WyA4S45ziHe+Oib3Ubbxv8GOEjeHejgfgS6grDL/5uf+PJ9b
1NkBaGaOjvqZOUFu9qyFlEpm+Xov+usfAkX7FFlKYAkFuHwxMXAc9pKnZrj2Rjlp
Lv2/AP1lnPY9Ip+z9IN5bPqtkSDNvtOwsErwg7xV9HH3ylwKR7YIApQPlzobiiiZ
QewRU82/2Ia6BKRSTLI9avMYbYUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZa8by
t//jhZRIjDRCqvvbEej02zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQxMWVjYTctOTVhZi00MWRkLWEyZmMtZmRhYTE2MmFkMmU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAg2nyuCcQJ7ZDeYK5CHby6rzW1m2rVpIKj+wcwPqQ
1F2bgmd74OD0cQ1jLAik1MgyjuaCmZeMcmCYMmsR2YUIPXJ1Q79bS6kD3d6Jrt9u
wdZa1Z+CmYy4YV7YZ4BDvK1Zu+4Iu/o1L3civG/Oxnf1H9iAwFG97plEU+8u4XXY
c3BZJyO9QlmIG24jjsqh9wXVdJHzUk9rqamswQ69UqZbxDui8YUvcDFR+joVwiEo
4bSRlHuE6AFSS6fOVBHlttwt8j30h3nvnjvVQG+MwbrE58E1MWXsDbx+LLttss13
82V7dzWWAsS0xHmqsJVYMHNhtf96fNM/uVR9QZHs4BqSdw==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org