Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
File: 7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa (raw, json)
Hash identifier: qc624kcXBeE9Xi7kkY+R/X95K5eKPoDqGQWCFjcO1R8=
Subject key identifier: BC:40:91:01:E3:AD:69:71:A7:A8:16:B6:9B:F1:99:5A:38:C8:47:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 298E2B2A42E24338D21E3AACEFF7179366E35464
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:8e:2b:2a:42:e2:43:38:d2:1e:3a:ac:ef:f7:17:93:66:e3:54:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=b9cecd72a750d89d86bbefd7cb8fb268cdb0a4ddbca4f678f8ceb937de09bdc2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:04:cf:98:4c:be:69:68:bf:96:ea:64:98:b7:
e5:49:3c:50:2c:e0:d3:3f:18:b3:cc:a3:13:e5:40:
3f:23:a0:d7:e0:16:e4:9b:f2:ef:67:75:03:0d:42:
b8:30:a0:ec:ae:90:77:3e:2c:4c:7c:d8:ab:5a:70:
a0:11:e9:e2:a0:ea:8b:86:87:9f:b4:1d:31:37:16:
c0:e9:c5:e2:55:95:05:b8:bd:2d:6f:32:80:c2:3b:
8e:dc:77:a2:1b:e5:ff:07:66:2f:74:5d:16:0d:37:
73:68:f0:ee:29:58:5e:ed:22:cf:22:ed:70:78:a1:
6a:d8:5b:70:c8:07:8b:02:7d:a0:fe:9e:30:d1:71:
28:f7:4f:c4:24:23:64:a3:1e:b4:e8:93:29:8d:d6:
e2:6e:45:43:05:ac:23:68:e7:19:10:2f:a8:78:e5:
59:f8:2f:3d:a4:44:84:d6:a4:7a:94:63:f6:a2:cd:
a3:98:46:ce:1e:4a:dc:04:6a:31:97:76:d6:23:99:
6b:46:48:7c:73:e9:ca:a9:4a:be:f9:b5:fc:89:30:
09:43:45:5e:c9:a6:9a:b1:74:0f:d1:b1:0f:06:64:
8c:11:8e:34:90:33:66:47:7d:6e:20:17:92:de:c6:
2c:bd:86:3d:f7:70:c5:52:18:de:cd:ae:b3:21:31:
8e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:40:91:01:E3:AD:69:71:A7:A8:16:B6:9B:F1:99:5A:38:C8:47:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
13:aa:48:0c:e3:38:a5:08:13:a8:7d:11:fd:41:4c:46:bb:7d:
92:9f:67:ad:51:f2:1e:38:18:84:12:cd:9b:fe:64:7c:c1:0f:
ac:72:27:a3:a4:04:22:77:1d:81:2a:d2:10:07:6f:5a:12:2c:
90:1e:4f:40:15:77:41:31:c6:67:1d:c6:90:a4:e9:a1:78:29:
00:ee:39:47:74:b7:e3:f3:09:63:ec:a3:5e:9f:fc:71:97:9f:
b7:54:41:77:35:a4:c2:2e:68:da:e9:ec:98:60:37:42:b7:fc:
6a:ff:94:6c:78:a3:5e:b6:33:35:a5:5f:45:3b:60:b2:e4:85:
42:be:13:07:3e:ff:4a:d7:53:f1:1d:12:44:3b:74:a0:55:d3:
1b:71:50:13:48:dd:de:c1:40:89:70:e4:74:ba:8a:12:ac:d4:
bb:82:fb:7c:de:9e:12:d9:6a:50:29:d1:6b:d8:65:bb:67:1d:
cd:1a:0c:cf:74:28:2f:36:3b:98:55:b5:46:84:7f:6b:df:a8:
60:c6:88:49:f5:64:b8:9f:b5:44:6f:dc:8c:f3:6e:88:13:74:
c3:d2:4e:f8:03:65:16:b3:6c:6d:ac:aa:21:c3:ca:fd:93:37:
2a:79:6f:eb:0c:36:2e:16:44:37:1a:2e:59:0a:eb:76:0c:ee:
cb:e9:c8:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKY4rKkLiQzjSHjqs7/cXk2bjVGQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5Y2VjZDcyYTc1MGQ4OWQ4NmJiZWZkN2NiOGZiMjY4Y2RiMGE0ZGRiY2E0
ZjY3OGY4Y2ViOTM3ZGUwOWJkYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMEz5hMvmlov5bqZJi35Uk8UCzg0z8Ys8yjE+VAPyOg1+AW5Jvy72d1Aw1C
uDCg7K6Qdz4sTHzYq1pwoBHp4qDqi4aHn7QdMTcWwOnF4lWVBbi9LW8ygMI7jtx3
ohvl/wdmL3RdFg03c2jw7ilYXu0izyLtcHihathbcMgHiwJ9oP6eMNFxKPdPxCQj
ZKMetOiTKY3W4m5FQwWsI2jnGRAvqHjlWfgvPaREhNakepRj9qLNo5hGzh5K3ARq
MZd21iOZa0ZIfHPpyqlKvvm1/IkwCUNFXsmmmrF0D9GxDwZkjBGONJAzZkd9biAX
kt7GLL2GPfdwxVIY3s2usyExjr0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8QJEB
461pcaeoFrab8ZlaOMhHHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2E5ZDQ5NzAtOGU5Yy00ZDExLWExYzYtNzcyYTU3MTMzNGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAE6pIDOM4pQgTqH0R/UFMRrt9kp9nrVHyHjgYhBLN
m/5kfMEPrHIno6QEIncdgSrSEAdvWhIskB5PQBV3QTHGZx3GkKTpoXgpAO45R3S3
4/MJY+yjXp/8cZeft1RBdzWkwi5o2unsmGA3Qrf8av+UbHijXrYzNaVfRTtgsuSF
Qr4TBz7/StdT8R0SRDt0oFXTG3FQE0jd3sFAiXDkdLqKEqzUu4L7fN6eEtlqUCnR
a9hlu2cdzRoMz3QoLzY7mFW1RoR/a9+oYMaISfVkuJ+1RG/cjPNuiBN0w9JO+ANl
FrNsbayqIcPK/ZM3Knlv6ww2LhZENxouWQrrdgzuy+nIfg==
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:23:34 2023 by rpki-client on console-fra.rpki-client.org