Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: wrLFzH13HT4FADaWDQk7XVfztJbiFUeEpWqiun991MQ=
Subject key identifier: 73:B7:37:41:0A:AB:A7:DD:49:0D:41:B5:B2:9D:D7:CE:58:61:09:A6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B77A7444E81E8F7A1FBED673869A5FD76FFD5B9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Mon 08 Apr 2024 00:00:00 +0000
ROA not before: Mon 08 Apr 2024 00:00:00 +0000
ROA not after: Mon 13 May 2024 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 14:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:77:a7:44:4e:81:e8:f7:a1:fb:ed:67:38:69:a5:fd:76:ff:d5:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 8 00:00:00 2024 GMT
Not After : May 13 23:59:59 2024 GMT
Subject: serialNumber=69b6c3605c2a5350fcd9c2a65a32359d27a703d9c571a609dd46735ddd48f2dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:36:22:fc:2b:28:3d:9e:8c:02:4e:94:1d:dc:
ae:52:58:fc:e6:dc:69:1b:a0:84:31:91:09:a5:83:
11:2e:3a:af:28:bf:bd:5a:ab:be:e7:62:a8:20:e1:
7a:52:48:d2:c0:0e:6d:64:ef:67:a7:06:e5:97:d7:
75:c1:cc:93:05:1a:36:fd:88:29:36:cd:8b:ba:67:
c0:3d:8a:50:29:5f:0f:c6:3c:17:81:b0:2e:16:46:
4e:09:76:30:30:ba:04:ca:0d:e7:d2:5e:89:84:a8:
b7:18:92:42:00:b4:01:27:6d:49:86:dc:07:a3:43:
2d:a4:fa:7b:31:34:78:16:31:9d:04:5e:8c:9d:a0:
a0:d0:ae:fb:ea:60:92:24:ce:03:15:1e:e1:e2:11:
7c:e3:90:b5:95:aa:bd:b4:f1:f7:74:16:bb:89:6e:
c1:4a:b0:1d:d7:bc:d7:90:09:a9:a6:2e:52:75:54:
a5:4f:bf:39:38:5c:18:be:c8:34:fe:b2:e2:b7:26:
79:89:16:12:be:43:d3:13:f6:7b:3f:82:41:7d:2b:
ac:af:cc:ae:f8:24:a5:48:67:c0:0c:97:1a:fa:b2:
ed:d1:4a:64:6b:9f:c5:b5:4d:07:32:e9:2a:1b:25:
de:e5:c9:98:98:ef:67:32:68:2b:fa:77:d9:98:18:
57:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B7:37:41:0A:AB:A7:DD:49:0D:41:B5:B2:9D:D7:CE:58:61:09:A6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
15:20:8a:f3:e3:b2:f6:35:64:87:d4:53:d0:13:f4:3d:c3:ec:
a3:e3:22:da:51:48:d5:6a:1f:22:31:49:2a:94:e5:d1:30:a3:
79:43:15:d5:56:89:7a:a9:5c:62:8d:f3:58:48:1b:89:a6:12:
de:d4:e4:fe:2f:df:c8:a8:ef:52:9f:ee:b9:03:59:c9:a7:a3:
aa:24:ec:92:7e:28:bc:2a:46:6c:fa:87:2b:54:b2:04:37:a7:
25:d1:93:ff:55:c9:ff:22:cd:72:ce:9c:bb:1e:52:43:48:20:
99:03:eb:08:28:a8:af:cb:9b:29:6d:e8:56:69:c4:fc:ce:05:
31:0e:64:00:f3:89:f4:25:e8:0f:44:9f:c1:fa:26:5b:f5:6b:
00:50:dd:7b:05:91:ba:ae:66:63:35:ec:6d:2e:de:ff:4e:fe:
46:c6:e6:32:86:78:50:33:b0:a6:a7:2b:02:ca:20:f1:48:d6:
0b:b5:a0:af:d3:1c:13:ba:d0:b8:5b:53:50:0f:42:64:df:2b:
f2:42:36:e7:9f:09:10:dd:c9:24:c5:93:be:a1:05:a4:d3:e9:
96:3f:ac:c1:95:09:06:5e:63:ea:e8:38:82:4b:e3:af:33:f6:
f2:5f:20:8f:b2:30:35:f7:5b:f8:ec:7f:9c:bd:4e:6d:07:b3:
ca:80:44:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO3enRE6B6Peh++1nOGml/Xb/1bkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDgwMDAwMDBaFw0yNDA1MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5YjZjMzYwNWMyYTUzNTBmY2Q5YzJhNjVhMzIzNTlkMjdhNzAzZDljNTcx
YTYwOWRkNDY3MzVkZGQ0OGYyZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOw2IvwrKD2ejAJOlB3crlJY/ObcaRughDGRCaWDES46ryi/vVqrvudiqCDh
elJI0sAObWTvZ6cG5ZfXdcHMkwUaNv2IKTbNi7pnwD2KUClfD8Y8F4GwLhZGTgl2
MDC6BMoN59JeiYSotxiSQgC0ASdtSYbcB6NDLaT6ezE0eBYxnQRejJ2goNCu++pg
kiTOAxUe4eIRfOOQtZWqvbTx93QWu4luwUqwHde815AJqaYuUnVUpU+/OThcGL7I
NP6y4rcmeYkWEr5D0xP2ez+CQX0rrK/MrvgkpUhnwAyXGvqy7dFKZGufxbVNBzLp
Khsl3uXJmJjvZzJoK/p32ZgYVxkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRztzdB
Cqun3UkNQbWyndfOWGEJpjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAFSCK8+Oy9jVkh9RT0BP0PcPso+Mi2lFI1WofIjFJ
KpTl0TCjeUMV1VaJeqlcYo3zWEgbiaYS3tTk/i/fyKjvUp/uuQNZyaejqiTskn4o
vCpGbPqHK1SyBDenJdGT/1XJ/yLNcs6cux5SQ0ggmQPrCCior8ubKW3oVmnE/M4F
MQ5kAPOJ9CXoD0SfwfomW/VrAFDdewWRuq5mYzXsbS7e/07+RsbmMoZ4UDOwpqcr
Asog8UjWC7Wgr9McE7rQuFtTUA9CZN8r8kI2558JEN3JJMWTvqEFpNPplj+swZUJ
Bl5j6ug4gkvjrzP28l8gj7IwNfdb+Ox/nL1ObQezyoBEcg==
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:31:26 2024 by rpki-client on console-fra.rpki-client.org