Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
File: 8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa (raw, json)
Hash identifier: HxX6n6XkqeR9YQQcwSvOQycE7b6HWIvRdbm2KcfaeO4=
Subject key identifier: 2C:DC:B2:DD:11:B8:26:34:0E:6F:B9:F5:6B:F8:3F:7D:65:AF:A5:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60752A9B9426CDE76BAA17435580118DF5534947
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:75:2a:9b:94:26:cd:e7:6b:aa:17:43:55:80:11:8d:f5:53:49:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=1103b284316d5f4cb3a7d438bf65ec7f2cefe26cb586b2318737bc6a2d575a55, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bf:7e:39:1f:0c:97:13:5a:93:01:c5:1e:70:
3f:6e:8d:78:b3:64:0c:88:71:db:01:6b:6a:c6:90:
91:30:e9:c5:8f:50:c1:e1:01:f0:e9:b3:f1:16:4b:
02:9b:cc:87:43:f5:de:af:0e:45:fc:da:14:d6:54:
53:db:5b:55:ca:55:f5:97:1e:85:68:47:22:3f:67:
fa:2e:ea:fd:ea:17:cd:73:dd:9b:23:21:44:b2:a1:
04:d2:6d:b9:d2:d8:95:c9:a4:c5:60:bd:79:08:2b:
b3:78:6e:c8:17:ca:c2:40:c0:2b:65:6e:dc:29:d4:
7c:e2:b5:86:ac:e1:45:72:e7:76:51:70:64:1a:1b:
3b:d7:c7:e5:29:92:09:22:77:6d:ad:44:ab:ed:0d:
00:87:9c:9b:56:16:af:85:cc:6a:eb:c3:bc:54:da:
b2:d2:a6:f1:58:d7:46:99:6d:9d:df:8a:44:d3:7e:
66:71:d2:7a:67:70:2f:80:e6:f0:4a:ac:96:b5:31:
cd:7f:66:6d:66:33:df:0e:3b:00:e5:50:c9:65:30:
54:e3:c3:d8:46:6f:04:32:ba:76:7f:c3:36:69:4b:
c8:ae:4e:49:ed:4b:db:b0:f6:21:74:b3:28:94:1b:
9e:ce:d6:7c:2c:b2:2a:9c:6e:ee:26:12:f8:e7:a5:
9c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:DC:B2:DD:11:B8:26:34:0E:6F:B9:F5:6B:F8:3F:7D:65:AF:A5:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4d:d7:d1:94:4a:01:37:c3:6f:96:89:a9:b8:a8:3b:76:61:60:
f0:ed:fa:83:d9:5e:d3:a7:54:9a:95:69:9a:63:1b:d1:b0:36:
b9:76:1a:4d:16:db:31:af:50:f3:88:71:24:03:d3:bd:ce:39:
0e:7d:06:a3:fc:fc:49:ac:dc:2c:50:53:77:80:0b:96:b3:f1:
d5:d1:71:dc:36:b2:25:1b:d0:a9:9a:af:98:68:40:b8:30:3b:
ca:d8:ba:82:23:45:e8:59:62:d7:27:11:f3:ae:4a:1e:24:58:
cf:ab:39:f9:65:8a:2e:e9:93:5b:9a:33:08:2f:33:10:f8:9e:
ef:5d:21:96:eb:c3:41:f8:58:6b:f8:5d:bd:3a:c5:9a:70:6a:
4b:64:80:7b:03:14:bd:16:ae:c7:a5:71:78:71:97:9e:ff:5d:
f4:c1:fe:d6:46:b6:80:ba:36:79:51:8a:c0:16:60:7d:17:69:
ec:fa:bf:5a:bc:e9:a8:19:33:a1:43:1f:30:fa:45:01:6c:0c:
d8:ba:11:7e:6e:74:66:5f:39:34:95:7e:da:6c:a3:6a:dc:91:
93:d2:0f:5e:ca:4f:55:bc:0c:52:b0:77:26:3e:be:2a:65:f1:
7f:be:7b:42:4b:9d:0a:08:6f:8d:5d:1b:e1:e9:13:8a:3a:cf:
12:cb:87:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYHUqm5QmzedrqhdDVYARjfVTSUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MjIwMDAwMDBaFw0yNDA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDExMDNiMjg0MzE2ZDVmNGNiM2E3ZDQzOGJmNjVlYzdmMmNlZmUyNmNiNTg2
YjIzMTg3MzdiYzZhMmQ1NzVhNTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+/fjkfDJcTWpMBxR5wP26NeLNkDIhx2wFrasaQkTDpxY9QweEB8Omz8RZL
ApvMh0P13q8ORfzaFNZUU9tbVcpV9ZcehWhHIj9n+i7q/eoXzXPdmyMhRLKhBNJt
udLYlcmkxWC9eQgrs3huyBfKwkDAK2Vu3CnUfOK1hqzhRXLndlFwZBobO9fH5SmS
CSJ3ba1Eq+0NAIecm1YWr4XMauvDvFTastKm8VjXRpltnd+KRNN+ZnHSemdwL4Dm
8EqslrUxzX9mbWYz3w47AOVQyWUwVOPD2EZvBDK6dn/DNmlLyK5OSe1L27D2IXSz
KJQbns7WfCyyKpxu7iYS+OelnGcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQs3LLd
EbgmNA5vufVr+D99Za+lPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZjM1NGMtNTBlOC00NjIzLWE1OWUtYmRkZjU4MjFjMmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEATdfRlEoBN8NvlompuKg7dmFg8O36g9le06dUmpVp
mmMb0bA2uXYaTRbbMa9Q84hxJAPTvc45Dn0Go/z8SazcLFBTd4ALlrPx1dFx3Day
JRvQqZqvmGhAuDA7yti6giNF6Fli1ycR865KHiRYz6s5+WWKLumTW5ozCC8zEPie
710hluvDQfhYa/hdvTrFmnBqS2SAewMUvRaux6VxeHGXnv9d9MH+1ka2gLo2eVGK
wBZgfRdp7Pq/WrzpqBkzoUMfMPpFAWwM2LoRfm50Zl85NJV+2myjatyRk9IPXspP
VbwMUrB3Jj6+KmXxf757QkudCghvjV0b4ekTijrPEsuHtQ==
-----END CERTIFICATE-----
Generated at Sun May 5 22:04:21 2024 by rpki-client on console-fra.rpki-client.org