Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
File: 0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa (raw, json)
Hash identifier: j4j37CIRvPypugRJFOtvRTD+M34NfifiycrCRT4o/j8=
Subject key identifier: B5:FE:CD:3E:B6:D3:24:F0:EB:45:F9:6C:78:3C:F7:69:74:C0:41:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24B4535B9007F53D0D7FB83E2AD0090CB4E41022
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:b4:53:5b:90:07:f5:3d:0d:7f:b8:3e:2a:d0:09:0c:b4:e4:10:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=10cdb755a437447655c980ca0ed4740b561c55c1f2ebd63211a515090fc575ce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8b:ec:56:8d:71:9e:73:dc:82:3d:23:c6:e8:
e3:f4:24:c8:97:f2:81:21:d5:af:4f:7c:2c:4d:f7:
1c:1e:6e:1b:ad:af:00:01:27:46:24:bd:65:7a:47:
aa:59:a2:65:70:de:31:27:3b:b3:00:02:36:c6:ef:
8e:aa:bf:0c:28:43:3f:20:18:f8:4f:72:ce:b8:ac:
f2:27:22:5e:48:13:51:17:db:e0:28:15:cf:cb:5e:
fd:c0:bf:c5:c2:9d:e6:73:c8:4a:65:09:d2:cd:42:
e8:fa:b8:1a:02:3d:de:1a:e4:76:60:64:06:9b:97:
70:a3:92:5c:1c:04:a6:fd:37:10:ae:1b:39:44:27:
57:fc:7f:ac:72:50:21:a3:41:1e:7b:15:37:b1:3f:
e1:ce:d3:76:d2:3b:e9:fe:0e:cf:56:da:ff:8e:ba:
a4:37:75:80:ad:b7:5d:2b:96:fb:24:4b:f4:79:77:
b0:f5:ed:ae:6b:77:05:89:9c:73:70:50:3d:24:7e:
06:b6:ef:b3:8c:b0:41:d8:ea:1f:c5:32:91:4f:6b:
63:02:04:9e:31:3a:72:43:57:33:72:37:3a:e1:2b:
2d:1a:a9:fe:66:56:ed:2d:2e:a9:26:ec:28:19:41:
6b:3c:5d:4c:ea:d1:ff:a7:f4:eb:c0:27:2c:d6:2a:
a2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FE:CD:3E:B6:D3:24:F0:EB:45:F9:6C:78:3C:F7:69:74:C0:41:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a58cef7-5fa5-456d-9cd7-d96be1f2faad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
27:f3:93:5d:5a:77:6f:79:af:17:96:02:d3:b7:f1:fb:2a:6c:
5a:43:2b:32:77:76:fc:d4:cd:15:b6:e1:55:e3:50:c9:0d:d6:
b3:1e:c7:ae:93:ce:53:04:07:f1:f1:01:42:27:7c:97:ce:13:
64:df:d7:48:7f:7c:27:e2:da:ae:12:ca:18:13:36:e9:e0:50:
c4:a9:7d:65:af:dd:98:70:a0:f8:64:90:b4:d0:04:71:0c:5f:
93:54:e6:c3:69:23:4b:8b:96:4a:aa:42:aa:03:eb:91:81:c5:
0f:ef:73:c3:60:05:96:75:c2:7d:4f:7d:08:26:b5:ac:d6:fd:
2a:b1:38:3a:dd:a3:eb:04:50:17:18:a3:6c:5d:4f:54:65:81:
92:8b:39:63:7c:30:9f:2a:83:92:38:e8:8b:96:78:b2:35:0f:
eb:a0:13:db:14:44:fb:09:8b:06:92:df:d6:bf:26:2e:76:6b:
0a:ce:3b:92:de:0e:c4:1c:78:8c:aa:6b:52:3d:97:74:35:58:
06:89:91:cf:4c:8c:1b:b9:65:15:08:8f:dd:28:6e:04:11:45:
c8:0b:ef:12:08:b4:26:59:a8:9b:90:9c:09:03:f3:40:10:de:
63:7e:79:4c:ae:15:5b:01:fb:04:ae:3b:d5:82:1f:f3:6e:e9:
c5:09:39:dc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJLRTW5AH9T0Nf7g+KtAJDLTkECIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwY2RiNzU1YTQzNzQ0NzY1NWM5ODBjYTBlZDQ3NDBiNTYxYzU1YzFmMmVi
ZDYzMjExYTUxNTA5MGZjNTc1Y2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaL7FaNcZ5z3II9I8bo4/QkyJfygSHVr098LE33HB5uG62vAAEnRiS9ZXpH
qlmiZXDeMSc7swACNsbvjqq/DChDPyAY+E9yzris8iciXkgTURfb4CgVz8te/cC/
xcKd5nPISmUJ0s1C6Pq4GgI93hrkdmBkBpuXcKOSXBwEpv03EK4bOUQnV/x/rHJQ
IaNBHnsVN7E/4c7TdtI76f4Oz1ba/466pDd1gK23XSuW+yRL9Hl3sPXtrmt3BYmc
c3BQPSR+Brbvs4ywQdjqH8UykU9rYwIEnjE6ckNXM3I3OuErLRqp/mZW7S0uqSbs
KBlBazxdTOrR/6f068AnLNYqogECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1/s0+
ttMk8OtF+Wx4PPdpdMBBLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGE1OGNlZjctNWZhNS00NTZkLTljZDctZDk2YmUxZjJmYWFkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQAn85NdWndvea8XlgLTt/H7KmxaQysyd3b81M0VtuFV
41DJDdazHseuk85TBAfx8QFCJ3yXzhNk39dIf3wn4tquEsoYEzbp4FDEqX1lr92Y
cKD4ZJC00ARxDF+TVObDaSNLi5ZKqkKqA+uRgcUP73PDYAWWdcJ9T30IJrWs1v0q
sTg63aPrBFAXGKNsXU9UZYGSizljfDCfKoOSOOiLlniyNQ/roBPbFET7CYsGkt/W
vyYudmsKzjuS3g7EHHiMqmtSPZd0NVgGiZHPTIwbuWUVCI/dKG4EEUXIC+8SCLQm
WaibkJwJA/NAEN5jfnlMrhVbAfsErjvVgh/zbunFCTnc
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org