Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
File: 43c182d6-87cf-4ea0-9709-b661212b9631.roa (raw, json)
Hash identifier: OpQZF4L3FQnfpRdtLLl1QzQXEwm6FJO4/G2KVhCvY5o=
Subject key identifier: B7:FB:BE:4A:18:24:16:4D:04:6D:8D:54:F1:24:1C:0D:1E:69:7F:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38406DC18AC143CAFACCEAD2162D08647B9D6652
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
Signing time: Tue 29 Oct 2024 00:00:00 +0000
ROA not before: Tue 29 Oct 2024 00:00:00 +0000
ROA not after: Tue 03 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:40:6d:c1:8a:c1:43:ca:fa:cc:ea:d2:16:2d:08:64:7b:9d:66:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 29 00:00:00 2024 GMT
Not After : Dec 3 23:59:59 2024 GMT
Subject: serialNumber=e1df72a83eb4bd84b9ddab50a95bf90d657165ce2ef48c644930570d91068d06, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:60:f3:6e:3f:9a:18:31:39:1d:5b:2d:2e:d7:
24:e1:c2:a2:7a:d4:7e:23:43:72:a0:2c:ae:43:58:
6d:89:3d:ba:38:05:2b:4b:0f:f2:34:4b:4d:ed:c2:
b3:69:d8:b9:a9:ff:cb:c9:57:15:0c:ba:75:6e:cc:
68:f9:24:c5:ea:e3:c2:0d:35:98:02:4d:68:ca:0c:
42:ac:cd:ee:4d:02:24:f9:5e:a4:19:3c:90:c1:25:
32:4b:80:a0:c4:a1:4a:23:59:88:81:6c:d3:e8:01:
a1:0c:4a:7b:98:ac:b4:97:5c:1b:10:24:9e:39:22:
f8:5b:7b:57:86:6a:cd:3d:75:52:30:5b:a7:93:9a:
12:26:ec:87:31:44:62:a5:08:b6:3b:b7:d4:0b:65:
78:50:57:ce:92:d8:72:a9:57:66:66:1b:18:3f:7a:
e9:b4:ce:f8:ff:78:02:41:19:d1:42:ef:cb:c5:bc:
32:95:2d:9e:e1:36:cd:f7:b8:de:58:35:c8:25:7c:
a1:8c:5d:c8:cc:e2:22:63:82:b3:15:4b:27:25:45:
78:f2:f6:b4:34:7c:37:bc:ec:37:95:71:6a:55:c1:
53:4a:a5:c6:f8:e1:50:6e:37:f3:44:94:bb:23:e3:
89:c1:fb:07:51:51:c9:0c:49:2d:04:5b:cd:0f:20:
a0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FB:BE:4A:18:24:16:4D:04:6D:8D:54:F1:24:1C:0D:1E:69:7F:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/43c182d6-87cf-4ea0-9709-b661212b9631.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
80:e5:02:ae:af:73:6d:1a:fa:6a:b8:3c:1c:46:62:c1:62:f8:
00:60:31:b0:f8:1c:51:60:2d:bb:ae:fc:7f:dd:0c:ec:65:08:
c8:9a:7d:6c:3a:68:10:a0:2d:d7:39:0d:0f:87:56:17:93:00:
f7:8a:2b:c1:99:89:63:71:b6:33:ab:c6:0b:32:e1:e6:92:fb:
22:e1:b8:9a:18:88:bc:72:65:8e:b8:51:f0:c9:39:50:c4:ee:
7f:d1:ba:5a:d0:70:84:03:b7:4e:99:59:5d:d3:d4:13:67:f4:
8d:41:e5:45:ed:b6:13:60:87:58:83:cb:30:11:8b:9d:59:1a:
4c:9f:99:d3:fd:4e:e3:89:35:fb:5b:2a:c5:41:4e:ae:05:0b:
02:e9:f7:59:8b:4d:f5:c5:0e:50:bb:01:8e:0b:5d:4b:ef:ed:
53:6a:53:23:70:24:2b:ec:40:d3:47:92:60:f3:d5:4f:f5:ed:
ed:3a:94:2d:79:63:9c:6e:3a:ff:ea:b2:b9:27:7f:0a:16:71:
c5:ab:d1:9d:5e:3d:7f:66:3b:15:e7:82:01:30:84:d7:05:26:
96:df:a6:e2:7f:61:eb:9b:e7:44:75:9b:48:fb:d7:3d:cc:d1:
dc:16:be:7d:a4:ea:d9:ca:ad:85:c5:b5:91:8a:39:e6:20:76:
bf:3c:07:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOEBtwYrBQ8r6zOrSFi0IZHudZlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEwMjkwMDAwMDBaFw0yNDEyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxZGY3MmE4M2ViNGJkODRiOWRkYWI1MGE5NWJmOTBkNjU3MTY1Y2UyZWY0
OGM2NDQ5MzA1NzBkOTEwNjhkMDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIhg824/mhgxOR1bLS7XJOHConrUfiNDcqAsrkNYbYk9ujgFK0sP8jRLTe3C
s2nYuan/y8lXFQy6dW7MaPkkxerjwg01mAJNaMoMQqzN7k0CJPlepBk8kMElMkuA
oMShSiNZiIFs0+gBoQxKe5istJdcGxAknjki+Ft7V4ZqzT11UjBbp5OaEibshzFE
YqUItju31AtleFBXzpLYcqlXZmYbGD966bTO+P94AkEZ0ULvy8W8MpUtnuE2zfe4
3lg1yCV8oYxdyMziImOCsxVLJyVFePL2tDR8N7zsN5VxalXBU0qlxvjhUG4380SU
uyPjicH7B1FRyQxJLQRbzQ8goNsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3+75K
GCQWTQRtjVTxJBwNHml/PDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDNjMTgyZDYtODdjZi00ZWEwLTk3MDktYjY2MTIxMmI5NjMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAgOUCrq9zbRr6arg8HEZiwWL4AGAxsPgcUWAtu678
f90M7GUIyJp9bDpoEKAt1zkND4dWF5MA94orwZmJY3G2M6vGCzLh5pL7IuG4mhiI
vHJljrhR8Mk5UMTuf9G6WtBwhAO3TplZXdPUE2f0jUHlRe22E2CHWIPLMBGLnVka
TJ+Z0/1O44k1+1sqxUFOrgULAun3WYtN9cUOULsBjgtdS+/tU2pTI3AkK+xA00eS
YPPVT/Xt7TqULXljnG46/+qyuSd/ChZxxavRnV49f2Y7FeeCATCE1wUmlt+m4n9h
65vnRHWbSPvXPczR3Ba+faTq2cqthcW1kYo55iB2vzwH9g==
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:43:49 2024 by rpki-client on console-ams.rpki-client.org