Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: /bFu8D6OvXbatrUxA0NUcx6bVjOL88byPcIut84xa8k=
Subject key identifier: A2:E6:7C:C8:F7:8B:F4:E3:9E:C8:61:77:50:73:42:1D:B5:49:17:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25DB21CC42E24C4EC8DD2EB82F93D67D883D2066
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:db:21:cc:42:e2:4c:4e:c8:dd:2e:b8:2f:93:d6:7d:88:3d:20:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=6b725765b51a8453f128337f2447470d1d3827818c21436f2e21029eb2d3a1b4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a0:46:ef:09:92:07:da:89:e5:c4:5f:af:7e:
d4:17:77:d2:51:b4:7c:1e:db:f1:1b:41:15:9f:cc:
b8:0a:bd:61:1a:4a:9b:4b:ff:2d:fb:83:c1:9f:45:
e2:7d:25:ee:82:05:6c:59:df:29:db:06:c1:dd:ce:
a2:f4:49:2a:8b:5f:c4:7f:34:ab:5f:db:47:f1:9e:
f5:b8:c0:3c:36:8c:2c:50:7c:9d:4d:17:81:9d:25:
68:5e:b6:5d:a6:ff:ec:bf:5a:a7:2f:dd:7e:5e:63:
01:3f:f5:7c:79:91:42:de:bc:cf:1f:99:ed:39:a1:
d3:80:5d:58:d1:b8:2c:fe:fc:cf:e4:ed:5c:24:0c:
c5:04:c7:c7:07:02:98:a2:3a:47:a3:b1:63:bf:3f:
4d:42:64:09:d8:40:3d:a5:92:6a:dd:9b:7d:45:b8:
1c:e1:72:9f:fe:e1:7d:7e:0f:f1:15:90:ef:95:9c:
79:0f:3e:ab:b8:08:e2:cc:de:18:4f:ba:7e:af:b6:
c8:8d:71:56:8f:d7:f6:e2:e1:50:9c:0d:4c:fb:eb:
cc:5f:d4:af:3d:75:f1:78:a6:97:79:bf:44:0d:b4:
15:c4:ed:95:5f:83:03:72:00:57:0d:93:30:55:49:
af:45:f9:bf:8b:ce:d5:64:38:71:b1:c8:f0:fb:9e:
1b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E6:7C:C8:F7:8B:F4:E3:9E:C8:61:77:50:73:42:1D:B5:49:17:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:20:f5:b4:03:9f:a9:87:d9:02:8d:ea:13:d8:d9:e3:4e:1f:
15:41:8a:38:5e:78:9a:ce:67:ad:10:42:b2:b7:d4:03:51:e1:
3c:fc:3a:72:da:72:1d:5d:3b:7f:e6:01:48:bf:55:2d:d6:f8:
c6:83:f8:06:e4:09:c9:f6:6f:94:fc:cf:55:f9:e3:d0:e8:4a:
03:72:4e:74:39:a4:ea:1d:b6:b8:a5:4f:88:34:7c:b6:fc:ab:
b7:83:ca:64:8f:ef:e8:86:c1:48:54:f6:ad:83:53:5d:42:97:
54:0b:d7:7a:4f:1f:78:8f:22:84:73:0b:2b:2c:cb:7a:25:c3:
53:98:5f:a4:4c:c8:31:cb:d4:d3:df:e2:9c:1a:d4:45:36:39:
38:6c:77:0d:71:40:2f:90:ed:d5:b4:e3:3f:04:69:a0:64:3b:
4b:a1:d0:61:9b:f8:cd:0a:85:ba:80:78:9f:dc:d2:0f:78:f5:
ad:55:ee:45:78:6b:fb:46:1d:4d:de:f8:8c:a9:b0:ad:54:59:
00:36:c4:dc:83:7a:7b:c6:72:76:f6:fd:83:97:7c:4d:6c:1b:
17:90:aa:d9:6a:e7:c9:e1:63:97:a2:47:f1:69:dc:e8:3e:32:
f9:d5:3d:2e:9f:df:a8:9b:b9:c4:46:8f:54:55:8c:33:d4:a1:
41:4b:f6:15
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJdshzELiTE7I3S64L5PWfYg9IGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiNzI1NzY1YjUxYTg0NTNmMTI4MzM3ZjI0NDc0NzBkMWQzODI3ODE4YzIx
NDM2ZjJlMjEwMjllYjJkM2ExYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCgRu8JkgfaieXEX69+1Bd30lG0fB7b8RtBFZ/MuAq9YRpKm0v/LfuDwZ9F
4n0l7oIFbFnfKdsGwd3OovRJKotfxH80q1/bR/Ge9bjAPDaMLFB8nU0XgZ0laF62
Xab/7L9apy/dfl5jAT/1fHmRQt68zx+Z7Tmh04BdWNG4LP78z+TtXCQMxQTHxwcC
mKI6R6OxY78/TUJkCdhAPaWSat2bfUW4HOFyn/7hfX4P8RWQ75WceQ8+q7gI4sze
GE+6fq+2yI1xVo/X9uLhUJwNTPvrzF/Urz118Ximl3m/RA20FcTtlV+DA3IAVw2T
MFVJr0X5v4vO1WQ4cbHI8PueG50CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSi5nzI
94v0457IYXdQc0IdtUkXbDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQBmIPW0A5+ph9kCjeoT2NnjTh8VQYo4XniazmetEEKy
t9QDUeE8/Dpy2nIdXTt/5gFIv1Ut1vjGg/gG5AnJ9m+U/M9V+ePQ6EoDck50OaTq
Hba4pU+INHy2/Ku3g8pkj+/ohsFIVPatg1NdQpdUC9d6Tx94jyKEcwsrLMt6JcNT
mF+kTMgxy9TT3+KcGtRFNjk4bHcNcUAvkO3VtOM/BGmgZDtLodBhm/jNCoW6gHif
3NIPePWtVe5FeGv7Rh1N3viMqbCtVFkANsTcg3p7xnJ29v2Dl3xNbBsXkKrZaufJ
4WOXokfxadzoPjL51T0un9+om7nERo9UVYwz1KFBS/YV
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org