Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
File: 695716ab-c4db-435d-95fe-4143be62030e.roa (raw, json)
Hash identifier: tR11IUu5qWLi6sCtBBu91fYNMtxoaXg5vioElAIbSmw=
Subject key identifier: 05:BA:77:91:45:15:96:8E:FB:61:76:D2:1D:02:9F:8E:E9:92:F0:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3780F6014B1415A758DE417B588FB6CF2056BEF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
Signing time: Tue 19 Sep 2023 00:00:00 +0000
ROA not before: Tue 19 Sep 2023 00:00:00 +0000
ROA not after: Tue 24 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 19 Sep 2023 18:07:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:80:f6:01:4b:14:15:a7:58:de:41:7b:58:8f:b6:cf:20:56:be:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 19 00:00:00 2023 GMT
Not After : Oct 24 23:59:59 2023 GMT
Subject: serialNumber=3e0e573110cbb9b80661e94d073c7b24bfdcc555b4551f32ffbf025e23dc9bc4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:24:5e:de:6c:3c:e9:59:fb:7f:ca:da:78:56:
24:ee:0d:39:38:87:fc:f2:99:dd:8c:1d:f6:cb:d9:
fb:d0:8b:f1:f7:c4:ad:99:97:90:f0:fb:9e:24:6d:
55:a0:08:ac:c0:3d:37:1a:f5:a4:31:d3:28:df:4d:
c6:68:db:4d:c3:78:1e:66:4f:7f:78:6b:be:f0:0d:
e2:4d:ba:91:de:95:b5:d4:62:ae:5c:12:78:a7:64:
89:be:ad:fc:15:c6:ef:6d:fd:f9:86:a1:ed:e6:d0:
50:5f:d0:54:27:54:58:75:19:50:9a:bd:af:cb:9b:
bc:d2:31:c6:52:ae:df:74:ee:39:06:33:39:d3:ac:
4b:f0:27:71:27:ea:18:b8:90:d4:62:d3:8f:02:25:
b7:5a:47:b9:dc:97:93:6e:0a:ef:ac:7e:6d:4d:8f:
99:44:ce:55:e5:f8:c3:fc:30:c4:81:21:8f:75:61:
f6:56:d9:3c:26:6e:69:c8:5d:6a:6c:06:96:5c:48:
5c:8a:a6:2c:59:3b:87:ad:d5:45:f3:c5:5d:d9:6a:
f5:f4:53:14:63:ba:3f:6a:bb:9e:75:f5:89:b6:9a:
56:f3:56:72:ca:07:a5:d2:e7:99:4f:6f:c1:48:42:
fe:9d:7a:71:0a:5d:d2:fe:7a:0c:be:49:0f:fa:27:
f3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BA:77:91:45:15:96:8E:FB:61:76:D2:1D:02:9F:8E:E9:92:F0:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:22:05:82:5f:50:46:20:99:c6:ee:90:b7:bc:2f:46:21:41:
a1:a7:1b:44:be:6c:53:5a:4f:bf:19:37:96:1d:96:0e:87:ed:
fc:1c:cd:77:ad:3c:d7:d4:24:63:7a:97:29:96:2d:6d:ce:f3:
6e:41:2d:df:c7:76:e3:0c:19:b8:2d:1a:b9:74:84:25:17:69:
d5:3e:ca:ce:d9:10:30:9f:96:06:25:6d:ac:77:2d:2d:4f:f4:
66:e8:16:a5:49:9c:f5:3c:6f:67:08:b4:9a:8f:a6:88:0b:08:
2e:8c:a5:6a:d1:82:e3:fe:56:d4:6e:f5:16:34:4e:ca:c0:f6:
c2:be:81:75:8f:77:e6:ca:bb:d3:e4:74:fe:d4:f4:ad:d2:cd:
32:83:9c:2d:48:2e:59:b2:2b:30:ad:7f:1a:40:2c:ed:11:8c:
b9:14:60:2e:79:67:22:48:56:d7:0b:f9:cc:f9:d0:7f:ac:b2:
3c:f4:b5:1f:bf:34:8d:7a:7d:9e:42:3f:3d:32:af:3e:7f:38:
2a:de:e7:ea:52:0e:e7:d9:b0:1e:8a:e4:6d:35:81:6f:4a:0b:
68:16:0e:6a:dd:44:fc:ad:0a:99:90:0d:eb:04:53:ee:45:b4:
07:64:99:72:cd:30:97:8b:a4:1c:6d:03:9e:db:52:8c:16:3d:
32:52:4d:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN4D2AUsUFadY3kF7WI+2zyBWvvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MTkwMDAwMDBaFw0yMzEwMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMGU1NzMxMTBjYmI5YjgwNjYxZTk0ZDA3M2M3YjI0YmZkY2M1NTViNDU1
MWYzMmZmYmYwMjVlMjNkYzliYzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAkXt5sPOlZ+3/K2nhWJO4NOTiH/PKZ3Ywd9svZ+9CL8ffErZmXkPD7niRt
VaAIrMA9Nxr1pDHTKN9NxmjbTcN4HmZPf3hrvvAN4k26kd6VtdRirlwSeKdkib6t
/BXG7239+Yah7ebQUF/QVCdUWHUZUJq9r8ubvNIxxlKu33TuOQYzOdOsS/AncSfq
GLiQ1GLTjwIlt1pHudyXk24K76x+bU2PmUTOVeX4w/wwxIEhj3Vh9lbZPCZuachd
amwGllxIXIqmLFk7h63VRfPFXdlq9fRTFGO6P2q7nnX1ibaaVvNWcsoHpdLnmU9v
wUhC/p16cQpd0v56DL5JD/on85UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFuneR
RRWWjvthdtIdAp+O6ZLwfzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk1NzE2YWItYzRkYi00MzVkLTk1ZmUtNDE0M2JlNjIwMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQCFIgWCX1BGIJnG7pC3vC9GIUGhpxtEvmxTWk+/GTeW
HZYOh+38HM13rTzX1CRjepcpli1tzvNuQS3fx3bjDBm4LRq5dIQlF2nVPsrO2RAw
n5YGJW2sdy0tT/Rm6BalSZz1PG9nCLSaj6aICwgujKVq0YLj/lbUbvUWNE7KwPbC
voF1j3fmyrvT5HT+1PSt0s0yg5wtSC5ZsiswrX8aQCztEYy5FGAueWciSFbXC/nM
+dB/rLI89LUfvzSNen2eQj89Mq8+fzgq3ufqUg7n2bAeiuRtNYFvSgtoFg5q3UT8
rQqZkA3rBFPuRbQHZJlyzTCXi6QcbQOe21KMFj0yUk2f
-----END CERTIFICATE-----
Generated at Tue Sep 19 00:21:21 2023 by rpki-client on console-fra.rpki-client.org