Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
File: 06d20303-8537-47c7-bd75-8dea01488a0a.roa (raw, json)
Hash identifier: 2x0Bqs8SM71/YKEMeVAMhIF4fR8jwv6JXJ97eLZPvmA=
Subject key identifier: CC:BA:AE:D3:8F:AA:15:34:24:D0:92:77:B1:00:E2:C2:1B:A8:B9:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2BEBF1B66B7A2BDE13FB0EEC8227B6BEB44DE8BF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:eb:f1:b6:6b:7a:2b:de:13:fb:0e:ec:82:27:b6:be:b4:4d:e8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=91dcd0a23d96a264895834cf3851af1981e881df3760d8da0714a635b172f4a2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4e:1d:c4:58:39:29:d1:5e:69:10:04:01:40:
ca:f8:96:49:c5:2d:c8:08:0b:a2:68:a2:13:c6:9f:
e9:bd:3d:7c:0d:b3:bf:df:1a:57:aa:f7:ba:e3:33:
b8:dd:4b:d6:b6:98:10:c4:d5:99:81:81:74:ab:ce:
70:6f:bd:03:9d:84:49:3c:e1:ab:57:76:b1:b7:1f:
49:fd:08:27:f1:be:b5:dd:48:f0:9a:f7:82:12:9c:
ae:98:c3:8d:19:ab:cd:26:61:da:54:59:c2:03:1b:
a7:ee:b8:e9:29:6d:29:d7:74:d1:f6:63:ee:61:83:
b7:80:a1:fb:90:a4:84:24:9e:73:d8:84:41:10:84:
50:b2:a4:2c:42:23:37:00:67:9a:1e:40:8a:90:d3:
12:c3:85:12:71:dc:4e:c5:bb:00:78:0f:50:b5:ad:
ec:07:a9:21:53:a4:92:bc:51:bc:3a:18:1f:f8:0c:
39:d8:98:36:03:d8:f5:d0:37:8a:43:8c:1a:91:fe:
f3:de:d1:e3:04:7e:db:df:da:87:9b:f5:f3:07:85:
c9:5e:f7:f0:8c:6f:8b:5d:2c:e3:2f:a1:65:cf:f6:
41:ba:33:58:22:dc:c4:b6:f2:3d:bf:39:0b:5f:1f:
31:97:42:a6:d5:14:20:8d:66:b4:9e:63:e4:08:0f:
f4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BA:AE:D3:8F:AA:15:34:24:D0:92:77:B1:00:E2:C2:1B:A8:B9:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/24
Signature Algorithm: sha256WithRSAEncryption
68:a2:4d:3d:74:5f:7a:b5:9a:2b:3c:96:9f:af:80:8b:c1:23:
c3:e5:4d:a9:ff:67:35:aa:8a:cc:94:39:e1:7a:71:bf:f9:ec:
3b:6d:c0:e0:92:ce:60:c6:a9:0c:f0:10:7a:5d:65:20:ff:35:
8d:71:9a:26:01:d2:56:2c:26:3f:2b:b5:16:48:ad:b1:89:3f:
04:d0:da:fc:ce:94:1f:a3:d6:a4:70:c0:83:0c:a3:bd:be:dd:
13:1a:25:ed:34:e0:15:18:8b:1c:fc:50:55:ce:14:af:ce:05:
8d:23:72:81:9f:fe:a4:11:6a:39:96:90:12:8e:27:32:83:78:
61:d6:ca:a3:77:83:5b:8f:41:44:37:50:6a:82:56:61:99:ca:
53:3f:dd:c3:af:f2:13:c2:ab:7f:fd:ae:44:49:b0:df:2c:5a:
de:ce:c9:b5:20:1e:60:b1:79:78:44:78:1f:37:58:30:5b:2b:
c9:f7:28:76:79:fc:9d:55:f2:2a:ea:93:c6:2f:ad:00:f5:13:
dc:71:8a:33:c9:f7:5e:6a:c2:65:ea:d6:84:1e:bc:db:39:bf:
c4:ba:4b:bc:8b:6e:7d:0c:db:21:5f:e2:7d:d3:35:45:c8:20:
ae:a6:42:cf:52:e0:39:60:aa:ee:40:6a:90:8c:d3:38:f1:ec:
70:3e:9b:b1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUK+vxtmt6K94T+w7sgie2vrRN6L8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxZGNkMGEyM2Q5NmEyNjQ4OTU4MzRjZjM4NTFhZjE5ODFlODgxZGYzNzYw
ZDhkYTA3MTRhNjM1YjE3MmY0YTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKROHcRYOSnRXmkQBAFAyviWScUtyAgLomiiE8af6b09fA2zv98aV6r3uuMz
uN1L1raYEMTVmYGBdKvOcG+9A52ESTzhq1d2sbcfSf0IJ/G+td1I8Jr3ghKcrpjD
jRmrzSZh2lRZwgMbp+646SltKdd00fZj7mGDt4Ch+5CkhCSec9iEQRCEULKkLEIj
NwBnmh5AipDTEsOFEnHcTsW7AHgPULWt7AepIVOkkrxRvDoYH/gMOdiYNgPY9dA3
ikOMGpH+897R4wR+29/ah5v18weFyV738Ixvi10s4y+hZc/2QbozWCLcxLbyPb85
C18fMZdCptUUII1mtJ5j5AgP9DcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTMuq7T
j6oVNCTQknexAOLCG6i51DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZkMjAzMDMtODUzNy00N2M3LWJkNzUtOGRlYTAxNDg4YTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAaKJNPXRferWaKzyWn6+Ai8Ejw+VNqf9nNaqKzJQ5
4Xpxv/nsO23A4JLOYMapDPAQel1lIP81jXGaJgHSViwmPyu1FkitsYk/BNDa/M6U
H6PWpHDAgwyjvb7dExol7TTgFRiLHPxQVc4Ur84FjSNygZ/+pBFqOZaQEo4nMoN4
YdbKo3eDW49BRDdQaoJWYZnKUz/dw6/yE8Krf/2uREmw3yxa3s7JtSAeYLF5eER4
HzdYMFsryfcodnn8nVXyKuqTxi+tAPUT3HGKM8n3XmrCZerWhB682zm/xLpLvItu
fQzbIV/ifdM1RcggrqZCz1LgOWCq7kBqkIzTOPHscD6bsQ==
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:32:41 2023 by rpki-client on console-ams.rpki-client.org