Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: 5pqdZdBk4HaMf80ryBqNfdSWV0PuwU2awNxz7lO+epE=
Subject key identifier: C0:68:B8:7B:C0:5D:97:E6:08:78:60:BF:2B:3B:A2:0A:A0:2F:34:AB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2015E5DC91B2D47F23E4DD07280C2C6AB42F92B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:15:e5:dc:91:b2:d4:7f:23:e4:dd:07:28:0c:2c:6a:b4:2f:92:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=bf3a793c72bcfd71592e296f3eac937ce89a5a71e40ae14f7df7e4e1a1659fea, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b8:0f:bc:fd:96:44:68:08:83:11:9c:b9:e4:
66:f2:7a:6e:fc:c2:ac:11:dd:a7:be:a4:d4:d9:9e:
14:5e:dc:4e:85:e9:af:09:46:77:a7:e2:98:42:49:
3e:e4:8c:40:4f:86:bf:2c:8d:1b:1f:12:91:60:e8:
a9:b6:14:f5:01:7c:7d:d5:ab:01:c7:a7:b8:7d:c7:
69:bc:89:9d:7f:d0:c7:09:d1:c5:0d:9e:04:7e:87:
99:9d:8e:ad:77:07:f1:3f:ce:4b:2e:1c:13:25:14:
07:d9:57:d8:f2:26:5e:96:22:a9:9a:32:27:83:ab:
36:dd:a5:88:29:98:ec:3d:ca:ce:5b:16:5e:c0:13:
d6:fd:c8:77:d7:7a:49:4e:34:c5:e9:8b:f1:60:86:
9b:c0:85:4e:05:d3:6c:10:be:ac:30:7d:f9:cd:7a:
59:a0:c6:d1:48:6b:af:6c:77:73:c6:76:7c:cc:03:
67:31:af:70:87:01:cb:3c:44:44:c0:3b:b0:7f:43:
71:82:5a:90:7c:ee:cb:e7:c8:df:83:a3:82:db:f6:
ac:b3:fa:98:ca:41:c1:48:ed:8c:a7:8f:59:c6:cf:
60:0c:c6:89:88:29:aa:55:3b:65:a2:66:c3:35:95:
f9:94:ea:51:7e:d6:ef:9b:8c:e7:19:41:26:1d:79:
e3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:68:B8:7B:C0:5D:97:E6:08:78:60:BF:2B:3B:A2:0A:A0:2F:34:AB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d6:b6:6f:e7:5b:f5:8c:c4:55:08:9b:0d:0c:2f:05:c5:98:aa:
b4:91:9b:ba:9a:8e:ac:f1:e8:73:30:da:05:1a:95:39:b2:f5:
dc:ed:86:b8:04:43:e4:1e:5a:b5:e9:4e:d1:5c:f4:8c:6e:ed:
a7:31:79:28:ea:73:23:8a:1d:34:8b:45:36:c2:00:61:d7:57:
25:29:b1:e3:17:15:97:da:78:bd:40:29:b2:0d:aa:6c:70:03:
e5:25:7e:bc:13:68:32:ec:d7:f5:a2:d5:fd:d3:39:b5:a3:2f:
3a:c9:f4:77:17:c6:e4:ce:e1:91:91:53:c6:af:e3:f8:f2:c9:
7f:3d:86:a3:45:31:f7:2b:24:93:0f:6b:59:d1:a2:a8:6f:b4:
b0:97:e8:2f:ca:56:ea:04:5f:99:3e:10:b3:d2:64:f0:d6:8f:
30:79:89:0f:6a:8f:53:c6:5e:01:ca:aa:94:5e:22:a9:97:d3:
59:3b:9a:db:1d:4a:1f:eb:1e:3b:ae:55:df:c5:2d:9b:46:84:
2d:3c:e7:f7:95:04:b9:6c:93:d2:c3:b9:8d:b5:74:49:95:1f:
60:dd:cd:84:87:c5:9f:7e:83:ae:7b:55:3a:54:a7:64:ef:19:
e5:69:df:b0:f7:40:c7:77:5f:f7:8e:01:4a:f6:2a:92:61:be:
67:b3:d5:64
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIBXl3JGy1H8j5N0HKAwsarQvkrYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmM2E3OTNjNzJiY2ZkNzE1OTJlMjk2ZjNlYWM5MzdjZTg5YTVhNzFlNDBh
ZTE0ZjdkZjdlNGUxYTE2NTlmZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO24D7z9lkRoCIMRnLnkZvJ6bvzCrBHdp76k1NmeFF7cToXprwlGd6fimEJJ
PuSMQE+GvyyNGx8SkWDoqbYU9QF8fdWrAcenuH3HabyJnX/QxwnRxQ2eBH6HmZ2O
rXcH8T/OSy4cEyUUB9lX2PImXpYiqZoyJ4OrNt2liCmY7D3KzlsWXsAT1v3Id9d6
SU40xemL8WCGm8CFTgXTbBC+rDB9+c16WaDG0Uhrr2x3c8Z2fMwDZzGvcIcByzxE
RMA7sH9DcYJakHzuy+fI34Ojgtv2rLP6mMpBwUjtjKePWcbPYAzGiYgpqlU7ZaJm
wzWV+ZTqUX7W75uM5xlBJh154/kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTAaLh7
wF2X5gh4YL8rO6IKoC80qzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQDWtm/nW/WMxFUImw0MLwXFmKq0kZu6mo6s8ehzMNoF
GpU5svXc7Ya4BEPkHlq16U7RXPSMbu2nMXko6nMjih00i0U2wgBh11clKbHjFxWX
2ni9QCmyDapscAPlJX68E2gy7Nf1otX90zm1oy86yfR3F8bkzuGRkVPGr+P48sl/
PYajRTH3KySTD2tZ0aKob7Swl+gvylbqBF+ZPhCz0mTw1o8weYkPao9Txl4ByqqU
XiKpl9NZO5rbHUof6x47rlXfxS2bRoQtPOf3lQS5bJPSw7mNtXRJlR9g3c2Eh8Wf
foOue1U6VKdk7xnlad+w90DHd1/3jgFK9iqSYb5ns9Vk
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org