Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: rguZ2F+JHr3mG10f1E1KNlIWdAKafz6I0O4c+A0a838=
Subject key identifier: 79:ED:35:49:26:4C:9A:2B:CA:93:0E:1F:D6:83:62:B3:72:65:AC:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 050554E14810AB1DFC171AD8D8EC5C988B420E5D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:05:54:e1:48:10:ab:1d:fc:17:1a:d8:d8:ec:5c:98:8b:42:0e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8833090aa9bd52eb5f648755c0cb7119d8b48b755bb8e194adc8e22cfba72654, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7d:82:d0:e6:5f:37:e2:d2:1c:35:b2:7c:6c:
4b:25:d7:b2:2d:8f:b2:e2:25:a6:eb:81:d5:7b:f2:
ba:a7:15:b0:26:9b:b6:fb:5f:b4:93:f6:80:10:47:
07:0e:91:73:d3:18:19:48:2b:62:ab:07:7f:8e:6e:
ef:22:47:85:db:72:31:68:76:62:61:29:4e:a1:1d:
a7:f0:45:02:87:35:b5:2b:29:a2:cd:36:f7:1a:f4:
28:ab:4b:38:6e:f3:a0:e9:14:3e:c3:94:8f:0f:5e:
e8:14:b6:92:72:3e:17:7e:54:54:2f:f6:88:6d:65:
6b:34:b1:fe:71:0a:84:dc:e6:d2:70:be:62:ae:65:
3b:94:f7:d4:4a:85:63:9d:15:31:b0:ec:d5:a5:02:
21:ed:84:52:4a:96:af:13:6c:12:44:28:0f:f4:f5:
fa:08:d8:83:1e:2f:a4:fe:d3:1a:84:7e:d3:c1:7e:
78:01:1f:a6:f6:65:0d:65:6a:3b:25:af:e7:ff:b2:
ca:2a:60:27:9e:d9:63:23:6a:2d:74:1d:a4:00:26:
18:dc:b8:c3:fc:b1:9c:ec:ec:ab:6a:16:fb:df:c8:
6f:03:95:e4:d5:79:05:63:37:27:26:df:e7:38:08:
5e:f8:83:27:f1:38:36:45:39:82:5e:28:dc:a8:a3:
3d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:ED:35:49:26:4C:9A:2B:CA:93:0E:1F:D6:83:62:B3:72:65:AC:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:8c:16:78:30:c7:3f:7c:fe:e8:2b:53:94:ec:5b:13:4b:4d:
e0:db:ba:cc:7d:e2:d0:d3:c5:08:b7:df:d4:b8:6a:f9:d3:26:
16:d5:03:4d:2d:76:4b:69:aa:45:e2:7c:45:0b:55:4e:61:10:
7a:4f:1d:9e:2c:bb:86:e8:94:ac:5e:0c:83:e9:74:8c:dc:bd:
05:86:53:61:4c:03:85:0e:0c:0d:b0:64:0a:dc:6e:85:05:16:
f4:62:a1:32:be:24:31:f7:35:df:a0:b5:e9:80:98:da:dc:54:
94:0b:ca:96:6a:0c:e1:94:a6:c8:25:94:e1:4c:1d:0e:9a:75:
7b:f6:e4:d8:26:b3:42:1a:26:17:81:1b:e3:d5:73:f6:ab:bc:
be:55:ff:eb:5c:4d:2f:a9:1c:3c:e7:8a:ce:4b:ee:e2:c6:99:
dc:b5:e2:46:4e:e4:67:bc:2d:c9:1f:7b:b7:1b:74:0a:7f:44:
b3:60:34:fb:80:e9:84:2c:f8:f3:1e:9f:b4:3e:cc:d7:af:ee:
d9:da:0f:96:8f:8d:ed:b2:db:8f:37:9a:e1:53:0e:ad:9b:3a:
6f:d9:ff:ab:ac:29:e5:cf:06:86:50:2a:1d:2a:0a:4f:68:fb:
72:db:87:5c:37:be:11:12:90:64:66:2d:86:dc:ee:35:de:99:
66:e4:94:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBQVU4UgQqx38FxrY2OxcmItCDl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MzMwOTBhYTliZDUyZWI1ZjY0ODc1NWMwY2I3MTE5ZDhiNDhiNzU1YmI4
ZTE5NGFkYzhlMjJjZmJhNzI2NTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALB9gtDmXzfi0hw1snxsSyXXsi2PsuIlpuuB1XvyuqcVsCabtvtftJP2gBBH
Bw6Rc9MYGUgrYqsHf45u7yJHhdtyMWh2YmEpTqEdp/BFAoc1tSspos029xr0KKtL
OG7zoOkUPsOUjw9e6BS2knI+F35UVC/2iG1lazSx/nEKhNzm0nC+Yq5lO5T31EqF
Y50VMbDs1aUCIe2EUkqWrxNsEkQoD/T1+gjYgx4vpP7TGoR+08F+eAEfpvZlDWVq
OyWv5/+yyipgJ57ZYyNqLXQdpAAmGNy4w/yxnOzsq2oW+9/IbwOV5NV5BWM3Jybf
5zgIXviDJ/E4NkU5gl4o3KijPVsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR57TVJ
JkyaK8qTDh/Wg2KzcmWsaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQDMjBZ4MMc/fP7oK1OU7FsTS03g27rMfeLQ08UIt9/U
uGr50yYW1QNNLXZLaapF4nxFC1VOYRB6Tx2eLLuG6JSsXgyD6XSM3L0FhlNhTAOF
DgwNsGQK3G6FBRb0YqEyviQx9zXfoLXpgJja3FSUC8qWagzhlKbIJZThTB0OmnV7
9uTYJrNCGiYXgRvj1XP2q7y+Vf/rXE0vqRw854rOS+7ixpncteJGTuRnvC3JH3u3
G3QKf0SzYDT7gOmELPjzHp+0PszXr+7Z2g+Wj43tstuPN5rhUw6tmzpv2f+rrCnl
zwaGUCodKgpPaPty24dcN74REpBkZi2G3O413plm5JS+
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org