Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
File: d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa (raw, json)
Hash identifier: R4N5qhhqnXyTzSWrkrn+jNKEgPWOTXxVQ104ZG1G7UM=
Subject key identifier: 09:8D:20:C8:D8:99:48:75:1D:26:AB:09:DC:7C:49:C8:B0:02:9B:E6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40A61E6D155AE723EED1AB2C2B8E6743EEE5084A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
Signing time: Mon 04 Nov 2024 00:00:00 +0000
ROA not before: Mon 04 Nov 2024 00:00:00 +0000
ROA not after: Mon 09 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:a6:1e:6d:15:5a:e7:23:ee:d1:ab:2c:2b:8e:67:43:ee:e5:08:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:00:00 2024 GMT
Not After : Dec 9 23:59:59 2024 GMT
Subject: serialNumber=6a9be14ff16cf29e07788fa6d709e9977733775c7896ca82d7d3741251210655, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:01:15:bf:21:37:2b:33:13:18:b6:74:85:1c:
c5:6a:31:aa:98:9f:ba:13:24:96:83:c4:7a:e0:a1:
a1:46:8f:4f:ed:71:8b:42:b8:30:55:29:c8:04:d6:
59:a0:b5:1b:a5:c0:c9:74:fe:51:3e:b6:c5:ac:03:
8d:bb:cd:a7:88:3a:f7:93:f9:12:c2:ba:ca:5f:43:
8c:60:7c:35:92:5b:51:67:2d:fc:14:68:15:ac:10:
27:48:04:9b:24:8e:a8:9b:c1:4b:e1:94:a4:51:bd:
4a:2d:1b:b3:68:65:e9:1e:f1:3d:fe:99:51:2f:b6:
44:7c:1f:7f:e1:1b:41:d2:04:0b:59:09:c4:97:e0:
00:de:10:76:f5:10:64:96:77:92:02:8a:3a:a0:bb:
38:ed:09:97:e8:d1:d7:36:be:81:a0:17:82:2d:6f:
e1:77:c4:3e:be:48:bb:e5:89:c2:bb:93:06:70:1b:
99:2b:0a:1d:66:cf:5c:f2:a3:80:0a:a2:d9:29:15:
08:0c:49:8e:a6:b8:80:91:9c:38:c5:9d:9a:fa:a0:
a3:49:50:5c:ab:b8:76:17:07:dc:d6:c8:e3:6a:d1:
a9:6a:09:e5:92:1b:9d:69:41:2d:bb:5a:b7:45:4a:
43:af:8c:65:f3:16:d7:3b:57:b8:75:5a:bd:bf:ae:
e5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8D:20:C8:D8:99:48:75:1D:26:AB:09:DC:7C:49:C8:B0:02:9B:E6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
13:f5:41:c6:a5:e3:0d:56:f3:f7:51:68:76:75:95:91:e7:0e:
26:34:44:47:1d:d1:a4:49:bd:c9:51:38:a0:c9:77:63:f8:21:
c6:01:c7:f6:c0:9b:01:4d:9c:2f:7e:57:34:6b:d1:5c:3a:1a:
28:3d:08:da:51:d2:eb:d5:df:3d:3b:f4:a7:fd:7e:c3:10:15:
52:f1:5e:b0:6d:f8:25:5f:1b:9f:ba:4e:97:16:b6:ec:0c:3e:
6e:b6:9f:2f:cd:66:28:7b:5c:19:7b:95:28:1d:94:c9:c6:25:
2d:8c:0c:cf:d1:53:b4:77:54:08:1d:74:79:8e:48:2f:8c:d1:
f7:d7:46:7e:1d:0d:f7:f7:84:f1:ba:82:0f:2a:b4:77:05:ed:
be:14:ef:0c:44:85:4a:0d:9e:6d:d0:51:3d:a7:55:54:1b:bd:
08:99:72:cb:b5:53:4c:8b:c3:51:9d:e9:de:c3:79:49:b5:10:
00:de:e2:0b:86:b7:d4:01:ca:9b:5b:dc:67:2f:87:2d:01:dd:
d8:93:72:8e:1d:27:f4:fd:3e:4d:d6:bc:66:b9:c1:09:17:a3:
1a:d4:ad:1b:61:82:c5:79:f9:9f:5f:83:73:8a:cb:80:64:8b:
92:07:08:d8:48:43:a2:40:43:8e:14:55:5d:86:36:82:19:6b:
d6:11:d3:36
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQKYebRVa5yPu0assK45nQ+7lCEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDQwMDAwMDBaFw0yNDEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhOWJlMTRmZjE2Y2YyOWUwNzc4OGZhNmQ3MDllOTk3NzczMzc3NWM3ODk2
Y2E4MmQ3ZDM3NDEyNTEyMTA2NTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcBFb8hNyszExi2dIUcxWoxqpifuhMkloPEeuChoUaPT+1xi0K4MFUpyATW
WaC1G6XAyXT+UT62xawDjbvNp4g695P5EsK6yl9DjGB8NZJbUWct/BRoFawQJ0gE
mySOqJvBS+GUpFG9Si0bs2hl6R7xPf6ZUS+2RHwff+EbQdIEC1kJxJfgAN4QdvUQ
ZJZ3kgKKOqC7OO0Jl+jR1za+gaAXgi1v4XfEPr5Iu+WJwruTBnAbmSsKHWbPXPKj
gAqi2SkVCAxJjqa4gJGcOMWdmvqgo0lQXKu4dhcH3NbI42rRqWoJ5ZIbnWlBLbta
t0VKQ6+MZfMW1ztXuHVavb+u5bcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQJjSDI
2JlIdR0mqwncfEnIsAKb5jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQxMWVjYTctOTVhZi00MWRkLWEyZmMtZmRhYTE2MmFkMmU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAE/VBxqXjDVbz91FodnWVkecOJjRERx3RpEm9yVE4
oMl3Y/ghxgHH9sCbAU2cL35XNGvRXDoaKD0I2lHS69XfPTv0p/1+wxAVUvFesG34
JV8bn7pOlxa27Aw+brafL81mKHtcGXuVKB2UycYlLYwMz9FTtHdUCB10eY5IL4zR
99dGfh0N9/eE8bqCDyq0dwXtvhTvDESFSg2ebdBRPadVVBu9CJlyy7VTTIvDUZ3p
3sN5SbUQAN7iC4a31AHKm1vcZy+HLQHd2JNyjh0n9P0+Tda8ZrnBCRejGtStG2GC
xXn5n1+Dc4rLgGSLkgcI2EhDokBDjhRVXYY2ghlr1hHTNg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:58:08 2024 by rpki-client on console-fra.rpki-client.org