Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
File: 8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa (raw, json)
Hash identifier: vo6NJVMiPV9bN5v8TZiHAQJDKEJsJJBuZsRsHwKlyWc=
Subject key identifier: 62:73:C2:6D:92:20:F1:AE:5A:0C:0E:C3:5B:A0:1B:ED:9C:17:45:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DBF3F49B1ECBD48A147AC1591F27D76A832354B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
Signing time: Wed 27 Mar 2024 00:00:00 +0000
ROA not before: Wed 27 Mar 2024 00:00:00 +0000
ROA not after: Wed 01 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 83.119.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:bf:3f:49:b1:ec:bd:48:a1:47:ac:15:91:f2:7d:76:a8:32:35:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 27 00:00:00 2024 GMT
Not After : May 1 23:59:59 2024 GMT
Subject: serialNumber=80a626894d285e812cb69491b8563442de63bf56076364738386aaa3f6bda41c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d6:58:e9:9e:1f:db:6c:8e:38:ac:df:44:ca:
d6:e1:75:8a:2a:67:53:ff:22:6f:0e:2a:b6:8d:77:
3d:38:c8:9c:85:87:21:d6:a2:02:bd:11:2d:25:76:
6e:4c:97:0b:e6:03:d4:47:c7:83:08:76:7b:c7:e1:
69:29:95:c2:fa:86:88:d5:07:82:f5:d5:f4:ea:51:
eb:c6:f6:7f:ab:e8:f5:6b:fa:7a:e3:62:83:6b:24:
d4:0c:17:ef:af:bb:5b:b4:67:5e:7d:9f:12:13:2c:
93:dd:ce:fb:e3:e8:85:76:85:58:d4:d0:16:df:62:
ab:fd:07:49:bc:bb:3f:08:36:d8:ea:54:17:23:e3:
7d:e2:83:2e:a9:81:e1:e2:e5:7c:a3:16:92:42:95:
75:b4:d8:c1:09:1c:d7:3b:7e:07:e5:0f:81:0d:64:
d0:c2:b9:a8:ba:3e:84:a1:2b:c6:91:0b:4d:5a:6f:
ca:1b:30:fa:b7:3f:db:4d:d1:36:59:e9:97:2a:ba:
db:80:36:2e:ee:e4:5b:5d:af:17:4c:eb:b3:a3:10:
b0:54:78:85:a1:83:74:05:3d:16:41:4c:ec:20:09:
c7:93:fc:df:cd:84:a2:56:59:b7:aa:4e:7b:06:ee:
5a:2a:d2:36:d9:fa:a6:cd:f7:7e:6b:74:26:76:7d:
e3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:73:C2:6D:92:20:F1:AE:5A:0C:0E:C3:5B:A0:1B:ED:9C:17:45:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcf354c-50e8-4623-a59e-bddf5821c2d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c1:33:d1:aa:7c:f2:a4:a7:be:aa:91:c9:84:53:b6:4f:7d:a0:
d7:7e:72:23:64:68:e8:d5:5d:c6:dd:93:1d:c8:79:af:1e:8b:
24:b0:a0:d5:47:64:61:05:00:1a:5c:2b:cf:6a:c3:5a:c1:0a:
10:32:ca:2c:0e:d2:be:dd:c8:03:63:fb:98:47:80:9e:17:58:
bd:fb:f3:c7:d0:b7:a4:47:85:5f:9f:c0:54:23:b8:b5:72:83:
c9:aa:a4:9f:6c:9a:6a:a2:40:03:3d:2e:a8:1d:4b:e9:c3:09:
88:3a:16:b0:7e:21:c3:fd:4a:c0:04:8c:e7:9d:93:bf:32:fc:
a4:fc:6d:f8:be:0c:7a:ce:36:55:bf:00:65:cb:ef:d5:16:80:
f3:fe:da:fd:e3:5d:aa:29:02:76:83:ad:fb:af:21:15:8d:fe:
eb:17:ee:3c:db:73:0b:0a:a6:34:e1:04:6d:46:00:c5:6b:56:
7d:3f:f2:ee:7d:6e:71:52:2a:a4:58:50:df:81:6f:34:fd:89:
e7:35:7f:50:01:d2:c7:d5:c2:a8:63:7d:51:18:13:ed:9b:8d:
34:8f:42:81:f5:d5:95:10:ac:1b:11:c7:72:84:10:c6:65:3b:
de:15:b6:06:62:7d:1a:c3:ae:e8:a7:dd:51:b9:21:a6:37:8e:
a9:ad:b4:41
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfb8/SbHsvUihR6wVkfJ9dqgyNUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjcwMDAwMDBaFw0yNDA1MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwYTYyNjg5NGQyODVlODEyY2I2OTQ5MWI4NTYzNDQyZGU2M2JmNTYwNzYz
NjQ3MzgzODZhYWEzZjZiZGE0MWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzWWOmeH9tsjjis30TK1uF1iipnU/8ibw4qto13PTjInIWHIdaiAr0RLSV2
bkyXC+YD1EfHgwh2e8fhaSmVwvqGiNUHgvXV9OpR68b2f6vo9Wv6euNig2sk1AwX
76+7W7RnXn2fEhMsk93O++PohXaFWNTQFt9iq/0HSby7Pwg22OpUFyPjfeKDLqmB
4eLlfKMWkkKVdbTYwQkc1zt+B+UPgQ1k0MK5qLo+hKErxpELTVpvyhsw+rc/203R
Nlnplyq624A2Lu7kW12vF0zrs6MQsFR4haGDdAU9FkFM7CAJx5P8382EolZZt6pO
ewbuWirSNtn6ps33fmt0JnZ941cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRic8Jt
kiDxrloMDsNboBvtnBdFDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZjM1NGMtNTBlOC00NjIzLWE1OWUtYmRkZjU4MjFjMmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAwTPRqnzypKe+qpHJhFO2T32g135yI2Ro6NVdxt2T
Hch5rx6LJLCg1UdkYQUAGlwrz2rDWsEKEDLKLA7Svt3IA2P7mEeAnhdYvfvzx9C3
pEeFX5/AVCO4tXKDyaqkn2yaaqJAAz0uqB1L6cMJiDoWsH4hw/1KwASM552TvzL8
pPxt+L4Mes42Vb8AZcvv1RaA8/7a/eNdqikCdoOt+68hFY3+6xfuPNtzCwqmNOEE
bUYAxWtWfT/y7n1ucVIqpFhQ34FvNP2J5zV/UAHSx9XCqGN9URgT7ZuNNI9CgfXV
lRCsGxHHcoQQxmU73hW2BmJ9GsOu6KfdUbkhpjeOqa20QQ==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:19 2024 by rpki-client on console-fra.rpki-client.org