Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
File: 67568c6a-cd1a-4586-a397-580b374dbdb0.roa (raw, json)
Hash identifier: 7bBfn3/DVBE7M1xQWvD1ej3cIwmHOrdMgBo7QbAMp6g=
Subject key identifier: 0E:22:08:49:3D:91:65:9C:E6:5D:21:42:DD:CE:03:57:14:4C:EB:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A6CFD7043DAFBBA8707CDC6A65B73D3DA574C87
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:6c:fd:70:43:da:fb:ba:87:07:cd:c6:a6:5b:73:d3:da:57:4c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=4ee9e1672a1d1bf7dd0af357c6338351e090334626d9a79f7c4a19f3ab315ff3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a4:7b:c6:62:e5:38:37:f6:ec:60:10:1b:11:
13:9c:d4:3e:11:d3:7a:ea:3a:4f:4f:2e:2b:7c:e2:
8c:c8:28:74:f7:77:e2:0c:a9:88:88:b9:09:ac:7a:
6e:8e:e4:eb:4d:0e:d9:b5:de:0b:e6:96:41:47:c0:
0e:26:b5:34:d1:f3:17:f1:fd:f7:5a:11:60:27:be:
d3:b8:f1:85:0e:b6:fb:d7:a9:78:22:83:f1:fa:1f:
52:de:82:26:0c:e0:82:9a:8b:0e:80:42:b0:84:7b:
5a:bf:09:84:75:4a:da:01:a1:a6:bd:f2:b5:be:f8:
ef:08:91:c7:f4:4e:e1:66:c8:9e:dd:8f:70:d2:ff:
ec:94:3c:f9:6a:89:2f:2d:2c:7a:d6:76:f5:5f:f8:
f6:ba:b7:6a:2c:1a:0e:17:24:d5:70:ac:81:16:6b:
23:4a:2f:f0:e2:4d:f7:cd:d5:80:48:e6:26:ce:71:
de:53:c2:aa:c8:f0:61:e0:ba:96:bd:b1:4e:8e:c2:
2d:6e:8b:35:21:5d:66:1a:24:49:8f:4a:e0:06:24:
3c:2f:3c:12:eb:c0:be:92:e8:0e:16:ae:2f:1f:28:
46:f2:86:91:21:8c:85:b4:67:df:72:70:16:b2:1d:
b8:72:11:a0:4e:02:f3:e0:75:46:5f:c9:8e:1b:19:
74:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:22:08:49:3D:91:65:9C:E6:5D:21:42:DD:CE:03:57:14:4C:EB:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/67568c6a-cd1a-4586-a397-580b374dbdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:c0:ff:7b:72:71:5f:3d:0b:2b:33:b9:94:8c:3c:1b:0c:0c:
95:1c:a4:0c:47:f9:33:e8:14:6d:81:b8:d2:ae:b6:4b:fd:8d:
74:98:1e:c9:7c:64:59:c3:ca:35:ec:a1:83:35:04:f0:b2:d2:
7e:54:9b:d0:94:8c:2a:24:54:4b:da:ed:f3:c3:0a:00:89:7a:
06:9f:83:9a:62:b5:d0:b3:65:df:45:4c:7c:7e:65:59:94:c5:
83:4a:1a:cb:07:e1:44:f4:aa:ed:39:1f:2a:d3:07:bd:8b:47:
8e:e7:56:61:8d:c1:e5:f8:6a:ef:81:27:5c:1f:db:96:24:b1:
a0:c1:a8:0d:65:5a:88:09:db:ae:70:83:0d:88:53:9b:23:a6:
e3:ab:bf:de:6e:71:ee:b9:7b:63:83:cd:28:b5:04:c3:50:1f:
d9:f7:8c:a2:87:1a:f4:3b:ba:6a:28:20:a2:a6:04:a0:a1:38:
1b:a9:9d:b1:18:2d:5b:c1:7f:39:d4:6e:68:4c:ae:a4:13:c8:
ae:97:1b:9c:ae:5d:01:bb:30:42:d4:5e:0a:41:e7:0f:ad:5c:
83:24:9a:47:23:11:48:65:ad:45:b4:e8:34:04:2e:4a:b7:4a:
ed:30:df:89:58:41:cd:f0:47:a6:98:99:5b:f9:0c:9a:e7:f3:
5e:c3:5c:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUemz9cEPa+7qHB83Gpltz09pXTIcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlZTllMTY3MmExZDFiZjdkZDBhZjM1N2M2MzM4MzUxZTA5MDMzNDYyNmQ5
YTc5ZjdjNGExOWYzYWIzMTVmZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyke8Zi5Tg39uxgEBsRE5zUPhHTeuo6T08uK3zijMgodPd34gypiIi5Cax6
bo7k600O2bXeC+aWQUfADia1NNHzF/H991oRYCe+07jxhQ62+9epeCKD8fofUt6C
JgzggpqLDoBCsIR7Wr8JhHVK2gGhpr3ytb747wiRx/RO4WbInt2PcNL/7JQ8+WqJ
Ly0setZ29V/49rq3aiwaDhck1XCsgRZrI0ov8OJN983VgEjmJs5x3lPCqsjwYeC6
lr2xTo7CLW6LNSFdZhokSY9K4AYkPC88EuvAvpLoDhauLx8oRvKGkSGMhbRn33Jw
FrIduHIRoE4C8+B1Rl/JjhsZdFkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQOIghJ
PZFlnOZdIULdzgNXFEzr4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc1NjhjNmEtY2QxYS00NTg2LWEzOTctNTgwYjM3NGRiZGIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQCZwP97cnFfPQsrM7mUjDwbDAyVHKQMR/kz6BRtgbjS
rrZL/Y10mB7JfGRZw8o17KGDNQTwstJ+VJvQlIwqJFRL2u3zwwoAiXoGn4OaYrXQ
s2XfRUx8fmVZlMWDShrLB+FE9KrtOR8q0we9i0eO51ZhjcHl+GrvgSdcH9uWJLGg
wagNZVqICduucIMNiFObI6bjq7/ebnHuuXtjg80otQTDUB/Z94yihxr0O7pqKCCi
pgSgoTgbqZ2xGC1bwX851G5oTK6kE8iulxucrl0BuzBC1F4KQecPrVyDJJpHIxFI
Za1FtOg0BC5Kt0rtMN+JWEHN8EemmJlb+Qya5/New1yn
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org