Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: c6eQsRf1BLnowARL8RNLHtpXFUrZKRh01RXxDEPieEQ=
Subject key identifier: 4A:AE:B2:B8:BD:0A:8B:86:25:64:0A:A8:9E:D5:08:A9:71:CF:0B:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C1C5A553DC525AD4A73BE64C8A8C39BE7B642
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:1c:5a:55:3d:c5:25:ad:4a:73:be:64:c8:a8:c3:9b:e7:b6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=7ed2136d4d6e1417a68cd4845b9bd4bd8d716f043c7eae63fb18512cc5b28a74, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:16:dd:6f:33:bd:50:14:45:40:90:61:13:05:
0e:d4:ce:48:51:c4:33:dd:9f:64:ef:e6:18:71:b3:
d1:be:e6:4a:e1:fa:fe:b5:c0:42:c7:7c:24:2a:54:
6a:46:73:c4:1d:a0:17:5d:51:77:f5:d2:ea:a0:21:
37:65:97:a2:84:8c:c0:15:be:a9:49:eb:64:14:47:
66:4f:94:76:c0:2e:d3:56:10:c4:f2:79:43:6a:3e:
4e:18:aa:be:b3:ca:1c:e4:e3:09:06:f9:c2:e2:c2:
2e:7e:bf:88:df:52:d1:64:e6:7a:0e:84:79:c7:ac:
ce:fd:f6:87:ec:40:f3:4a:23:59:c1:9b:a4:24:67:
da:f5:a9:ba:3f:5b:99:f5:1b:ae:a8:e5:f1:29:de:
c7:7a:48:f1:b2:8e:82:c5:2f:c3:10:22:82:bc:42:
47:5c:fc:7e:06:ec:7d:bd:32:c4:c2:30:79:d4:e5:
8b:98:73:92:d5:4f:36:06:2a:e0:8b:b6:5a:1c:ad:
e1:b0:57:90:29:32:8e:9d:3a:51:6a:72:8a:2e:3a:
5a:3f:68:7a:a6:10:a1:9b:d2:10:48:e2:0f:81:28:
18:6b:7e:fd:eb:79:8d:de:0b:26:aa:6f:c0:bb:81:
4c:7e:89:24:03:73:55:b3:56:cc:90:fb:f0:03:50:
c0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AE:B2:B8:BD:0A:8B:86:25:64:0A:A8:9E:D5:08:A9:71:CF:0B:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:58:c5:d8:7a:9a:5d:d3:78:d1:ec:15:db:cc:36:13:dd:4d:
58:11:3e:71:e4:83:d2:57:24:71:eb:b7:8e:4b:77:c0:a4:da:
83:79:cd:c2:18:b3:8f:f5:20:75:74:38:44:d3:71:1a:a2:09:
7b:3f:10:49:68:10:a5:66:71:36:f9:8f:c1:43:c1:20:90:5e:
87:ce:f8:da:ea:ea:89:49:b4:11:62:14:46:b6:e0:39:fc:42:
a1:73:dc:02:20:ab:aa:c3:5e:d1:6c:0a:04:74:53:5a:76:3b:
10:e7:19:05:68:a9:73:08:26:42:27:b5:5a:26:1c:03:a0:6d:
5a:7c:1a:dc:a5:8f:e5:f2:1c:0f:a0:cd:1f:12:11:0c:42:b1:
da:47:3b:77:2e:48:c5:0d:c1:27:c2:0e:8d:a5:e2:7c:eb:18:
ba:8a:e1:75:24:78:59:ac:31:58:92:a9:cf:8d:f8:ec:2b:00:
be:3b:dc:59:76:b0:56:71:e1:fe:04:6d:a8:7f:91:6d:49:8c:
8b:25:d4:fa:90:35:d8:c4:f8:55:a6:33:9b:c2:3a:a9:65:0a:
f4:51:cb:35:35:14:c4:a2:7f:c4:53:06:fd:34:d2:0a:5d:4c:
5d:2c:85:f4:28:86:4c:04:0e:d6:f2:40:9e:c8:9a:e7:68:7b:
7b:b1:48:6c
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgITPBxaVT3FJa1Kc75kyKjDm+e2QjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTIzMDkwODAwMDAwMFoXDTIzMTAxMzIzNTk1OVowejFJMEcGA1UE
BRNAN2VkMjEzNmQ0ZDZlMTQxN2E2OGNkNDg0NWI5YmQ0YmQ4ZDcxNmYwNDNjN2Vh
ZTYzZmIxODUxMmNjNWIyOGE3NDEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxxbdbzO9UBRFQJBhEwUO1M5IUcQz3Z9k7+YYcbPRvuZK4fr+tcBCx3wkKlRq
RnPEHaAXXVF39dLqoCE3ZZeihIzAFb6pSetkFEdmT5R2wC7TVhDE8nlDaj5OGKq+
s8oc5OMJBvnC4sIufr+I31LRZOZ6DoR5x6zO/faH7EDzSiNZwZukJGfa9am6P1uZ
9RuuqOXxKd7Hekjxso6CxS/DECKCvEJHXPx+Bux9vTLEwjB51OWLmHOS1U82Birg
i7ZaHK3hsFeQKTKOnTpRanKKLjpaP2h6phChm9IQSOIPgSgYa37963mN3gsmqm/A
u4FMfokkA3NVs1bMkPvwA1DANQIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFEqusri9
CouGJWQKqJ7VCKlxzwugMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy81
NzVkNmY4MC02ZDRiLTQxODMtOGI4Ni1jYzQxMDZiZWRkNzgucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAw3cwDQYJ
KoZIhvcNAQELBQADggEBAGJYxdh6ml3TeNHsFdvMNhPdTVgRPnHkg9JXJHHrt45L
d8Ck2oN5zcIYs4/1IHV0OETTcRqiCXs/EEloEKVmcTb5j8FDwSCQXofO+Nrq6olJ
tBFiFEa24Dn8QqFz3AIgq6rDXtFsCgR0U1p2OxDnGQVoqXMIJkIntVomHAOgbVp8
Gtylj+XyHA+gzR8SEQxCsdpHO3cuSMUNwSfCDo2l4nzrGLqK4XUkeFmsMViSqc+N
+OwrAL473Fl2sFZx4f4Ebah/kW1JjIsl1PqQNdjE+FWmM5vCOqllCvRRyzU1FMSi
f8RTBv000gpdTF0shfQohkwEDtbyQJ7Imudoe3uxSGw=
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org