Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: KB7S6F29zroHWNpCSmOXWSPBoeiDADOgJt5bb25wqhg=
Subject key identifier: 36:11:95:32:07:78:1B:D3:28:F1:BA:7E:D1:A1:16:17:BB:04:B1:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 213E7DBA5DFBA2670CE71B0BF2875D2CA45AC2D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:3e:7d:ba:5d:fb:a2:67:0c:e7:1b:0b:f2:87:5d:2c:a4:5a:c2:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=f2efe6e26e78107b8c4b908695bc33e3347dddcb7805a26d0564cd6232790a27, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d0:85:a3:63:5f:5a:71:63:89:88:75:59:63:
3a:24:74:18:4d:2d:c2:bb:a8:e8:54:10:1b:53:f4:
35:06:9c:a1:6b:c4:de:16:69:35:69:c7:20:7b:52:
94:67:ef:43:40:30:38:5f:70:c7:47:8b:32:d1:65:
7a:eb:dc:eb:9f:0e:5b:2a:b8:3d:0a:e0:58:fd:cf:
d4:4c:cf:97:c3:13:50:1e:fa:5b:85:97:9c:df:da:
ac:dd:57:28:94:fb:6d:28:14:b3:eb:02:3a:f4:09:
73:e8:ad:5a:cb:a3:87:f4:c9:9a:6f:b8:62:34:57:
23:93:3d:67:1a:c8:46:76:d5:18:1b:c3:62:1e:c9:
42:5b:70:0c:1a:54:34:75:9c:e7:a4:c4:1d:d9:1f:
d7:ae:07:99:22:56:aa:72:0d:04:31:5d:44:29:de:
6d:05:bd:f9:06:ad:4e:c0:19:28:bf:8c:c9:27:b1:
c8:fd:37:de:cc:eb:1d:45:43:3a:02:35:5d:60:4e:
a6:21:67:8a:e4:1e:0a:ff:0d:d4:1e:35:8f:81:31:
ed:1f:48:ee:63:4a:05:6d:11:25:0d:97:3b:c9:c0:
fc:36:8a:33:fe:3b:4f:a7:fb:a2:33:d3:e0:9d:b8:
98:06:58:0a:96:73:a7:7f:d3:74:95:b8:59:40:e4:
7f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:11:95:32:07:78:1B:D3:28:F1:BA:7E:D1:A1:16:17:BB:04:B1:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:e8:01:d7:2a:38:55:be:ec:76:f1:fd:97:40:bd:55:3b:81:
43:22:c4:06:c4:00:5c:dc:94:2e:d8:ac:1a:5b:de:73:97:97:
17:5e:3a:a1:ba:94:9c:20:46:3e:c5:5a:7c:2a:1b:f1:c3:51:
9f:13:1b:83:1e:e9:f5:7e:19:3c:31:97:6f:70:e0:49:e4:93:
a7:12:db:8c:e3:7d:49:bc:f6:3c:cf:4c:0d:7e:c5:e8:33:17:
3d:3f:a4:58:dd:78:33:78:9f:fc:00:ea:ba:36:2a:68:0a:1a:
38:1d:18:b2:77:1c:05:34:a8:07:ed:a0:d0:d6:a9:3b:8e:be:
cf:b2:e0:2b:83:2d:3f:9b:27:61:7b:fa:b3:12:bb:af:e3:cf:
5e:8c:4d:0a:45:4c:28:18:59:02:25:2b:8b:56:fb:85:26:74:
10:6b:d1:c2:c6:a4:cd:e7:53:5d:7c:7e:67:e1:b7:5b:33:8a:
4e:20:e9:8b:85:73:43:40:8f:d9:68:f4:f4:36:10:0d:75:1a:
ea:53:6e:71:f4:18:79:54:cc:58:cf:f8:b7:68:66:92:59:0a:
96:df:b2:0b:80:da:fc:37:01:bc:f6:32:1d:a8:43:e2:b9:e0:
cc:d7:95:9b:0c:c7:96:6c:c2:39:04:5f:1b:3a:20:36:f3:f4:
15:ff:22:4c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIT59ul37omcM5xsL8oddLKRawtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyZWZlNmUyNmU3ODEwN2I4YzRiOTA4Njk1YmMzM2UzMzQ3ZGRkY2I3ODA1
YTI2ZDA1NjRjZDYyMzI3OTBhMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDQhaNjX1pxY4mIdVljOiR0GE0twruo6FQQG1P0NQacoWvE3hZpNWnHIHtS
lGfvQ0AwOF9wx0eLMtFleuvc658OWyq4PQrgWP3P1EzPl8MTUB76W4WXnN/arN1X
KJT7bSgUs+sCOvQJc+itWsujh/TJmm+4YjRXI5M9ZxrIRnbVGBvDYh7JQltwDBpU
NHWc56TEHdkf164HmSJWqnINBDFdRCnebQW9+QatTsAZKL+MySexyP033szrHUVD
OgI1XWBOpiFniuQeCv8N1B41j4Ex7R9I7mNKBW0RJQ2XO8nA/DaKM/47T6f7ojPT
4J24mAZYCpZzp3/TdJW4WUDkf/8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ2EZUy
B3gb0yjxun7RoRYXuwSxnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQBx6AHXKjhVvux28f2XQL1VO4FDIsQGxABc3JQu2Kwa
W95zl5cXXjqhupScIEY+xVp8Khvxw1GfExuDHun1fhk8MZdvcOBJ5JOnEtuM431J
vPY8z0wNfsXoMxc9P6RY3XgzeJ/8AOq6NipoCho4HRiydxwFNKgH7aDQ1qk7jr7P
suArgy0/mydhe/qzEruv489ejE0KRUwoGFkCJSuLVvuFJnQQa9HCxqTN51NdfH5n
4bdbM4pOIOmLhXNDQI/ZaPT0NhANdRrqU25x9Bh5VMxYz/i3aGaSWQqW37ILgNr8
NwG89jIdqEPiueDM15WbDMeWbMI5BF8bOiA28/QV/yJM
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:38:26 2023 by rpki-client on console-fra.rpki-client.org