Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
File: 23d2e691-eee3-420e-8551-96a899136326.roa (raw, json)
Hash identifier: GjHPgfCR5DtElximfLoRRwhQCbON+7wqsk1ark2++34=
Subject key identifier: 7A:87:36:26:35:B4:78:7D:A1:E1:FC:28:D9:25:60:A5:40:8E:51:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 09678C8AF9BD1BA9B8334EF57826C5996C804EBD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:67:8c:8a:f9:bd:1b:a9:b8:33:4e:f5:78:26:c5:99:6c:80:4e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=5de366960cc12b91c68771479e632754204552f35c7aed7630e454af28e866ed, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:f2:85:97:31:ca:bd:c3:cd:74:a1:31:d1:cf:
2e:3e:b5:aa:f1:88:65:d5:7b:66:74:76:ae:fc:cd:
46:ef:0f:99:09:8e:8c:38:87:20:c3:61:62:6d:42:
68:a5:5d:f0:22:c1:b1:93:3c:b7:23:2d:58:c6:a5:
63:a9:8f:42:7f:5f:fa:3c:de:8f:66:04:18:73:f4:
01:3e:10:30:4e:7d:56:81:13:51:90:cb:fd:55:cd:
3a:2c:24:46:f3:35:a5:c1:b2:ca:8c:42:88:9b:92:
3e:dc:e8:9e:b2:0b:c9:24:fd:4e:f6:37:31:51:51:
37:ce:8f:a5:14:86:c9:6d:1e:21:3d:5a:aa:97:58:
3a:85:5e:b1:b9:c3:55:96:c5:c4:b6:cf:2e:5d:3b:
b2:58:ac:8b:52:70:dc:3a:40:e6:84:84:63:d1:93:
40:ea:b5:8d:8f:64:d1:7c:d4:9c:d1:0c:ef:7d:cf:
1c:72:e6:14:ee:7e:57:98:88:ae:a8:d7:42:67:a5:
9a:9e:e8:0b:d2:1f:26:52:24:c6:fc:96:7c:09:c0:
a2:02:ce:8f:e6:6c:7d:d6:2a:a3:bf:da:13:0b:a6:
20:22:e0:96:1f:74:84:f4:30:d2:1f:56:dd:94:69:
15:0a:a8:99:bb:45:ca:9f:ad:05:46:30:96:b8:a2:
a9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:87:36:26:35:B4:78:7D:A1:E1:FC:28:D9:25:60:A5:40:8E:51:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/23d2e691-eee3-420e-8551-96a899136326.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
53:aa:b4:ab:ed:a4:44:e2:18:62:92:4f:92:d2:f3:19:5a:a7:
55:b7:41:9e:e7:5d:9b:ae:f1:5d:05:0f:1f:d1:1f:4f:35:54:
1a:4f:e8:71:f5:8a:0c:c1:17:12:5e:b3:1a:68:c4:88:e5:b4:
c7:7c:25:9b:a9:85:92:eb:48:f4:3c:02:98:a3:bd:61:21:a7:
95:4c:32:c4:e0:67:db:fb:64:7e:67:f8:67:5b:27:16:b2:60:
6f:89:4a:59:f6:ae:fa:23:41:b5:83:06:76:9c:33:cd:c3:62:
41:68:22:60:c2:1e:9a:21:7c:8f:5e:34:3e:48:f2:8c:87:b8:
f7:33:65:19:43:01:8b:9b:ee:77:bd:74:89:4a:1a:5f:37:cb:
da:70:44:89:06:99:95:ce:7b:de:b4:49:e5:2f:cb:bd:40:aa:
e9:eb:a3:3e:30:c6:81:63:a2:a2:6c:7f:08:ce:17:57:b0:e7:
d2:2a:2a:73:bd:48:af:0a:13:b7:44:2d:8d:1e:69:7a:5b:df:
da:0c:40:4d:5b:f8:39:17:75:c3:ca:e8:8c:14:80:1f:bb:b6:
12:f5:44:0a:4d:0c:f6:cd:77:97:f4:99:b4:7a:7b:b4:ad:2e:
1c:b8:a5:b8:d3:f9:9e:67:fe:89:72:68:2a:9b:fd:6f:fd:00:
2e:3b:7b:f1
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUCWeMivm9G6m4M071eCbFmWyATr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkZTM2Njk2MGNjMTJiOTFjNjg3NzE0NzllNjMyNzU0MjA0NTUyZjM1Yzdh
ZWQ3NjMwZTQ1NGFmMjhlODY2ZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPHyhZcxyr3DzXShMdHPLj61qvGIZdV7ZnR2rvzNRu8PmQmOjDiHIMNhYm1C
aKVd8CLBsZM8tyMtWMalY6mPQn9f+jzej2YEGHP0AT4QME59VoETUZDL/VXNOiwk
RvM1pcGyyoxCiJuSPtzonrILyST9TvY3MVFRN86PpRSGyW0eIT1aqpdYOoVesbnD
VZbFxLbPLl07slisi1Jw3DpA5oSEY9GTQOq1jY9k0XzUnNEM733PHHLmFO5+V5iI
rqjXQmelmp7oC9IfJlIkxvyWfAnAogLOj+ZsfdYqo7/aEwumICLglh90hPQw0h9W
3ZRpFQqombtFyp+tBUYwlriiqbkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBR6hzYm
NbR4faHh/CjZJWClQI5RajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjNkMmU2OTEtZWVlMy00MjBlLTg1NTEtOTZhODk5MTM2MzI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAFOqtKvtpETiGGKST5LS8xlap1W3QZ7nXZuu8V0F
Dx/RH081VBpP6HH1igzBFxJesxpoxIjltMd8JZuphZLrSPQ8ApijvWEhp5VMMsTg
Z9v7ZH5n+GdbJxayYG+JSln2rvojQbWDBnacM83DYkFoImDCHpohfI9eND5I8oyH
uPczZRlDAYub7ne9dIlKGl83y9pwRIkGmZXOe960SeUvy71Aqunroz4wxoFjoqJs
fwjOF1ew59IqKnO9SK8KE7dELY0eaXpb39oMQE1b+DkXdcPK6IwUgB+7thL1RApN
DPbNd5f0mbR6e7StLhy4pbjT+Z5n/olyaCqb/W/9AC47e/E=
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org