Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json)
Hash identifier: BvVi7eIBijSEgPNtZEAU49292ncO0G58ODUkUVX6Sow=
Subject key identifier: 24:8D:B0:E1:B3:60:F1:A1:A5:8C:81:97:37:42:74:30:5D:76:B8:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 691B5341A1D762F542C3C7C3F3FE73B111C56E17
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
Signing time: Tue 03 Oct 2023 00:00:00 +0000
ROA not before: Tue 03 Oct 2023 00:00:00 +0000
ROA not after: Tue 07 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Oct 2023 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:1b:53:41:a1:d7:62:f5:42:c3:c7:c3:f3:fe:73:b1:11:c5:6e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 3 00:00:00 2023 GMT
Not After : Nov 7 23:59:59 2023 GMT
Subject: serialNumber=61e5f1125126c844dcbc9ff9c9826b18a0396a5bf461aa0139a8c673bc1cbd10, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:08:6e:83:43:7d:57:69:a8:63:bb:3e:57:
e6:37:ea:6f:04:dc:f2:c9:5a:51:d5:e9:bc:a0:ff:
da:82:fe:cb:a4:9b:04:79:4f:93:cb:89:94:60:08:
04:64:bb:35:04:bb:d2:21:02:9e:77:b8:b6:ad:99:
0f:d6:f8:51:cb:e1:a2:d9:a7:ec:9a:5f:b7:c7:f3:
a5:f9:52:39:9f:cc:c0:58:df:45:64:79:0d:33:3b:
de:6e:88:cf:d1:8b:af:c6:68:8c:41:7c:43:06:c3:
20:0f:12:f3:84:2e:d6:7d:b9:ca:05:29:af:01:32:
51:47:55:31:11:5d:da:75:a3:f0:5c:68:3a:65:83:
2c:8f:0a:23:32:4e:8f:a5:cb:51:e3:61:03:12:0c:
f6:92:2b:2f:96:b0:38:18:84:3f:20:4b:cc:b9:51:
85:36:56:3f:0f:60:77:3e:3e:a5:55:aa:ec:49:33:
f5:00:1a:17:e9:13:02:6b:d4:49:8e:f2:de:d4:74:
36:e7:26:49:ed:4a:3a:43:6e:51:9c:25:83:43:ed:
b9:4e:25:4f:1c:f8:eb:ce:25:e9:80:72:3d:73:c3:
77:15:1e:00:50:90:f5:78:53:cf:16:e3:31:f3:e9:
47:9e:2a:58:9b:41:51:47:b4:81:8a:c5:4f:b5:1c:
38:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8D:B0:E1:B3:60:F1:A1:A5:8C:81:97:37:42:74:30:5D:76:B8:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:bc:8e:2f:0b:dd:af:2b:6b:54:4e:b7:79:c3:3b:b8:17:8b:
94:21:08:1e:1c:3a:03:c1:25:fb:d8:a5:91:97:de:dd:28:3d:
65:89:63:41:3c:2e:7e:3e:4f:d5:6f:e9:35:de:43:e4:95:d3:
6f:45:d2:c7:f8:0b:cb:51:90:13:d7:d8:06:f9:1a:b8:f0:37:
fd:e3:bb:6e:ef:5f:3e:9a:32:bc:16:d8:8c:2e:32:76:e2:bb:
6d:9b:b5:26:ed:fc:4e:a7:af:7e:b3:c6:67:ac:d0:d7:2b:06:
71:55:9f:a7:f4:75:8a:d2:26:9b:e9:cb:ac:25:20:9a:dc:45:
02:d1:95:52:17:09:40:c5:c7:88:60:51:88:34:c7:d8:c0:6e:
a6:5e:fd:cb:21:2a:fb:5b:1e:75:eb:b5:36:ba:bb:82:24:24:
ca:9c:b7:1c:be:51:09:1c:ab:30:be:b5:d9:b6:9e:df:54:b6:
57:6a:ca:37:a2:35:6f:42:dc:c5:6c:b5:04:e0:47:4b:4b:51:
aa:71:8e:d2:aa:6c:40:77:4d:bb:41:4f:31:95:07:19:96:bb:
fc:76:87:93:36:bd:76:03:89:d3:75:7c:05:6f:a0:dc:5a:18:
01:96:cc:44:78:08:73:d4:39:76:00:0f:85:1d:85:70:7a:58:
50:72:1a:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaRtTQaHXYvVCw8fD8/5zsRHFbhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzEwMDMwMDAwMDBaFw0yMzExMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxZTVmMTEyNTEyNmM4NDRkY2JjOWZmOWM5ODI2YjE4YTAzOTZhNWJmNDYx
YWEwMTM5YThjNjczYmMxY2JkMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxjCG6DQ31Xaahjuz5X5jfqbwTc8slaUdXpvKD/2oL+y6SbBHlPk8uJlGAI
BGS7NQS70iECnne4tq2ZD9b4Ucvhotmn7Jpft8fzpflSOZ/MwFjfRWR5DTM73m6I
z9GLr8ZojEF8QwbDIA8S84Qu1n25ygUprwEyUUdVMRFd2nWj8FxoOmWDLI8KIzJO
j6XLUeNhAxIM9pIrL5awOBiEPyBLzLlRhTZWPw9gdz4+pVWq7Ekz9QAaF+kTAmvU
SY7y3tR0NucmSe1KOkNuUZwlg0PtuU4lTxz4684l6YByPXPDdxUeAFCQ9XhTzxbj
MfPpR54qWJtBUUe0gYrFT7UcOKcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkjbDh
s2DxoaWMgZc3QnQwXXa4bDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQCxvI4vC92vK2tUTrd5wzu4F4uUIQgeHDoDwSX72KWR
l97dKD1liWNBPC5+Pk/Vb+k13kPkldNvRdLH+AvLUZAT19gG+Rq48Df947tu718+
mjK8FtiMLjJ24rttm7Um7fxOp69+s8ZnrNDXKwZxVZ+n9HWK0iab6cusJSCa3EUC
0ZVSFwlAxceIYFGINMfYwG6mXv3LISr7Wx5167U2uruCJCTKnLccvlEJHKswvrXZ
tp7fVLZXaso3ojVvQtzFbLUE4EdLS1GqcY7SqmxAd027QU8xlQcZlrv8doeTNr12
A4nTdXwFb6DcWhgBlsxEeAhz1Dl2AA+FHYVwelhQchqb
-----END CERTIFICATE-----
Generated at Tue Oct 3 15:52:35 2023 by rpki-client on console-fra.rpki-client.org