Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
File: e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa (raw, json)
Hash identifier: Tw0KdGV3vGf0NocLCgGW26EFieVVZqvoZsr8CrQArh8=
Subject key identifier: B1:D8:FB:0A:01:F2:E6:F7:15:1B:1D:4A:F7:C6:7F:D1:BA:D2:AF:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B29EF99AE6112D2B0B55B9548C9E05B8DC5EEC9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
Signing time: Mon 11 Nov 2024 00:00:00 +0000
ROA not before: Mon 11 Nov 2024 00:00:00 +0000
ROA not after: Mon 16 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:29:ef:99:ae:61:12:d2:b0:b5:5b:95:48:c9:e0:5b:8d:c5:ee:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 11 00:00:00 2024 GMT
Not After : Dec 16 23:59:59 2024 GMT
Subject: serialNumber=bad0dead858e733d2ac9f9c5e613307fa9a2e32723e001d0663e5cec5934004f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1f:f6:e5:9d:4f:a2:93:92:01:6d:bd:d8:45:
a0:44:d0:db:6b:4b:cc:4f:31:26:b7:60:70:ae:d0:
dc:e5:cb:85:07:ba:63:3a:72:d0:7d:52:9e:5f:38:
c7:e1:35:fb:7b:01:1e:40:13:fd:de:35:f0:f0:5a:
86:87:34:75:f2:58:ea:53:c1:74:6c:62:e8:c0:e6:
60:1c:25:6e:78:0f:0c:96:ae:ec:c2:ae:a3:02:fc:
20:e9:1f:a7:ef:a1:4f:17:3b:6f:82:f0:61:40:97:
1d:16:f2:1a:9e:8f:32:ce:eb:92:f6:74:52:43:1b:
d2:3c:6e:44:1e:42:f5:7c:4d:e3:64:fa:c1:cb:a4:
50:b7:cf:64:97:09:5d:72:b1:45:3e:9b:45:ca:52:
cd:15:2a:dd:6d:12:e8:b4:ed:0d:b0:a6:c4:b7:87:
be:0d:73:d8:d4:c0:20:b7:3c:da:bb:f8:bc:f1:cc:
de:d8:88:21:cc:c3:e3:7e:1a:3a:0f:ec:0a:13:55:
1b:ab:03:bb:13:f4:00:d7:ff:42:7f:9a:e1:4a:65:
9a:af:b2:b4:f1:49:64:ca:a6:8d:1b:05:95:41:c8:
13:4c:16:0b:af:60:58:56:b6:9b:99:cd:a5:f1:48:
1b:20:fe:25:f3:aa:1e:ea:39:dd:dc:5e:e1:66:a2:
49:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D8:FB:0A:01:F2:E6:F7:15:1B:1D:4A:F7:C6:7F:D1:BA:D2:AF:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e18ba74d-e46b-4bdc-ada9-e9a9072e0625.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
be:3e:ea:1c:71:b1:f3:bf:25:db:c1:a3:84:2c:7d:14:90:25:
a8:a0:6d:34:99:73:84:09:d2:f0:88:52:0a:45:5d:8c:4d:d6:
20:16:75:00:49:56:2e:71:ae:ca:a8:4e:d2:f1:6d:93:15:22:
85:bd:da:c4:9d:84:75:ab:96:53:06:a1:b5:8e:c0:d2:ca:a8:
5d:83:e0:ed:15:43:fd:da:62:6d:b9:52:28:67:6b:ff:24:b9:
3b:77:85:81:8b:f6:51:db:d0:02:2b:18:a9:47:07:cc:cc:60:
7a:44:f6:16:09:c6:3f:2b:85:e9:20:ba:90:d6:35:fa:e3:bb:
78:42:b1:59:19:7c:79:f6:c6:05:5a:9f:fa:94:77:46:54:c7:
3b:22:5d:a8:32:a3:c8:9c:71:b0:a1:30:b2:18:a0:2b:97:84:
f1:43:71:97:a2:33:2f:b7:f8:50:9b:c2:e6:9f:5e:eb:a8:3f:
eb:de:4b:0d:66:1e:18:98:75:b2:eb:be:6f:2b:52:26:5e:ea:
0e:0a:3b:b1:ae:20:66:fa:c3:6a:3f:0b:40:29:31:64:5e:27:
98:03:f8:cc:ff:13:ed:a7:1f:0c:f8:ab:37:10:7b:fa:da:3f:
26:9d:dd:75:9f:5c:8c:d6:0f:3f:3e:b5:59:4f:8f:86:59:fe:
46:72:19:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOynvma5hEtKwtVuVSMngW43F7skwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTEwMDAwMDBaFw0yNDEyMTYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhZDBkZWFkODU4ZTczM2QyYWM5ZjljNWU2MTMzMDdmYTlhMmUzMjcyM2Uw
MDFkMDY2M2U1Y2VjNTkzNDAwNGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsf9uWdT6KTkgFtvdhFoETQ22tLzE8xJrdgcK7Q3OXLhQe6Yzpy0H1Snl84
x+E1+3sBHkAT/d418PBahoc0dfJY6lPBdGxi6MDmYBwlbngPDJau7MKuowL8IOkf
p++hTxc7b4LwYUCXHRbyGp6PMs7rkvZ0UkMb0jxuRB5C9XxN42T6wcukULfPZJcJ
XXKxRT6bRcpSzRUq3W0S6LTtDbCmxLeHvg1z2NTAILc82rv4vPHM3tiIIczD434a
Og/sChNVG6sDuxP0ANf/Qn+a4Uplmq+ytPFJZMqmjRsFlUHIE0wWC69gWFa2m5nN
pfFIGyD+JfOqHuo53dxe4WaiScECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSx2PsK
AfLm9xUbHUr3xn/RutKv9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTE4YmE3NGQtZTQ2Yi00YmRjLWFkYTktZTlhOTA3MmUwNjI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQC+PuoccbHzvyXbwaOELH0UkCWooG00mXOECdLwiFIK
RV2MTdYgFnUASVYuca7KqE7S8W2TFSKFvdrEnYR1q5ZTBqG1jsDSyqhdg+DtFUP9
2mJtuVIoZ2v/JLk7d4WBi/ZR29ACKxipRwfMzGB6RPYWCcY/K4XpILqQ1jX647t4
QrFZGXx59sYFWp/6lHdGVMc7Il2oMqPInHGwoTCyGKArl4TxQ3GXojMvt/hQm8Lm
n17rqD/r3ksNZh4YmHWy675vK1ImXuoOCjuxriBm+sNqPwtAKTFkXieYA/jM/xPt
px8M+Ks3EHv62j8mnd11n1yM1g8/PrVZT4+GWf5Gchn1
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:30 2024 by rpki-client on console-fra.rpki-client.org