Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
File: 43c182d6-87cf-4ea0-9709-b661212b9631.roa (raw, json)
Hash identifier: apk6oQ4lAtmQotCSEigRxq/mWFsi6BEoZARm2EFB3wo=
Subject key identifier: EC:9B:D5:5C:94:74:59:B8:2D:6D:BE:97:19:CB:A4:BC:22:4A:3B:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C2F389DF6C4CB124417B1F6B35AAAF3D09D532C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
Signing time: Tue 11 Jun 2024 00:00:00 +0000
ROA not before: Tue 11 Jun 2024 00:00:00 +0000
ROA not after: Tue 16 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:2f:38:9d:f6:c4:cb:12:44:17:b1:f6:b3:5a:aa:f3:d0:9d:53:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 11 00:00:00 2024 GMT
Not After : Jul 16 23:59:59 2024 GMT
Subject: serialNumber=198586966a7b4a0575453e1865d003822c2c064385e7fd64c1405d55caa66856, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c9:55:0a:cf:f3:c1:85:d7:36:ba:49:ad:68:
09:f7:68:f9:bf:8d:41:21:84:37:37:3d:cf:12:3e:
f4:2e:d8:7d:d2:c3:e7:59:37:cc:83:1c:88:14:bf:
96:8d:ca:6c:eb:fb:75:55:fc:04:b4:fc:76:30:5f:
fc:4a:ab:47:84:a9:68:f0:d5:90:ce:97:71:f1:43:
35:08:d5:1f:90:5a:9b:de:e5:1a:8a:4e:31:c4:7b:
fa:f0:db:bf:1e:26:8f:7d:2c:ba:a2:4a:97:4c:bd:
a6:f2:f0:cc:e8:1a:fb:71:5c:d4:fe:15:91:a8:14:
7c:65:a9:97:c6:8e:78:1a:1f:c1:89:67:3d:11:ed:
be:03:a8:85:a3:58:fc:a3:b6:17:22:1a:2c:cc:27:
77:98:23:e8:f3:54:b6:95:e5:0e:0a:4c:55:df:46:
41:b5:c1:9a:8b:54:f8:55:73:1a:ed:3d:c4:2d:81:
97:98:05:99:71:31:e3:c4:d4:1c:5d:04:fd:da:86:
13:ef:af:de:85:9f:cd:ee:91:b2:f6:63:0d:4a:61:
09:99:4c:79:a5:0b:f7:56:88:f3:4f:f0:7b:fa:87:
cb:a3:e9:10:20:04:72:90:2b:2c:46:a5:44:ec:cc:
23:73:b4:ff:5b:80:88:a5:96:f3:e9:a0:fc:06:b3:
a5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9B:D5:5C:94:74:59:B8:2D:6D:BE:97:19:CB:A4:BC:22:4A:3B:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
d6:35:e4:f1:e6:75:18:95:0d:f4:7f:65:91:12:1d:b2:2a:af:
89:9c:88:6b:ef:be:78:83:35:a9:2e:0f:b0:8b:24:a0:c4:f4:
e0:90:0b:50:34:c4:ae:2f:8a:f0:2f:f3:ad:23:9b:82:65:37:
9b:74:44:3c:85:c4:ef:76:64:20:05:e0:4b:59:97:d3:22:32:
1d:68:41:cb:f0:35:2b:db:11:b9:34:f1:82:9b:36:55:92:91:
7e:31:bb:90:fa:e3:99:3a:31:8a:82:63:6b:93:63:4f:7d:2c:
5e:6c:43:b8:38:c1:1d:4e:e0:bf:b0:7b:d4:9a:b7:a0:80:b8:
a9:88:cf:e1:44:b1:ed:2e:b5:d8:ae:f8:1a:b4:6e:dd:fc:67:
cc:04:7e:fb:08:80:25:5c:32:94:2f:27:15:3d:a4:82:ff:e1:
2a:74:24:2b:b1:c9:e0:30:e2:f8:6e:46:67:fd:a9:e7:ac:63:
c4:89:89:c9:a2:4d:48:8b:70:c2:72:a8:8c:4b:ac:2f:c9:9a:
30:a4:57:55:a1:16:89:12:0f:a6:c5:bf:d8:70:4b:e6:e3:23:
1c:48:54:10:57:0c:03:4d:ad:0c:63:b8:aa:9a:42:40:5a:d1:
6a:bc:3d:93:97:06:5a:92:ba:71:b2:04:d3:05:46:87:91:38:
8b:53:ff:4d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXC84nfbEyxJEF7H2s1qq89CdUywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTEwMDAwMDBaFw0yNDA3MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5ODU4Njk2NmE3YjRhMDU3NTQ1M2UxODY1ZDAwMzgyMmMyYzA2NDM4NWU3
ZmQ2NGMxNDA1ZDU1Y2FhNjY4NTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI7JVQrP88GF1za6Sa1oCfdo+b+NQSGENzc9zxI+9C7YfdLD51k3zIMciBS/
lo3KbOv7dVX8BLT8djBf/EqrR4SpaPDVkM6XcfFDNQjVH5Bam97lGopOMcR7+vDb
vx4mj30suqJKl0y9pvLwzOga+3Fc1P4VkagUfGWpl8aOeBofwYlnPRHtvgOohaNY
/KO2FyIaLMwnd5gj6PNUtpXlDgpMVd9GQbXBmotU+FVzGu09xC2Bl5gFmXEx48TU
HF0E/dqGE++v3oWfze6RsvZjDUphCZlMeaUL91aI80/we/qHy6PpECAEcpArLEal
ROzMI3O0/1uAiKWW8+mg/AazpVMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTsm9Vc
lHRZuC1tvpcZy6S8Iko7PTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNjMTgyZDYtODdjZi00ZWEwLTk3MDktYjY2MTIxMmI5NjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEA1jXk8eZ1GJUN9H9lkRIdsiqviZyIa+++eIM1qS4P
sIskoMT04JALUDTEri+K8C/zrSObgmU3m3REPIXE73ZkIAXgS1mX0yIyHWhBy/A1
K9sRuTTxgps2VZKRfjG7kPrjmToxioJja5NjT30sXmxDuDjBHU7gv7B71Jq3oIC4
qYjP4USx7S612K74GrRu3fxnzAR++wiAJVwylC8nFT2kgv/hKnQkK7HJ4DDi+G5G
Z/2p56xjxImJyaJNSItwwnKojEusL8maMKRXVaEWiRIPpsW/2HBL5uMjHEhUEFcM
A02tDGO4qppCQFrRarw9k5cGWpK6cbIE0wVGh5E4i1P/TQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:39 2024 by rpki-client on console-ams.rpki-client.org