Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: CrWEBlh9tPOo8eQ8oRwMUliNkoM9m6ujwDPjBAXIF6I=
Subject key identifier: CA:79:6A:57:E1:02:6D:38:56:AE:1D:AF:5E:4A:C6:1E:FC:AC:FC:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4182F0AACE86AFD2C5199338A59E96DB54D02447
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:82:f0:aa:ce:86:af:d2:c5:19:93:38:a5:9e:96:db:54:d0:24:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=a2c5f83b76f511d535d2fd6946a19a4e2a5a5aec0db5ea9fde4be84c6ddd54ad, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d1:82:f7:41:5e:6b:50:ad:93:99:e1:ec:42:
c3:d0:4c:ad:7a:f3:c1:93:88:db:4d:71:ee:f0:1c:
c3:f4:f0:77:e5:63:2e:3e:e0:1f:98:14:d2:af:ea:
ab:33:12:4f:e2:09:c7:1b:ba:05:21:a4:8e:3f:b5:
8f:73:3b:78:a7:75:f9:74:4f:a0:b3:fc:69:d3:79:
cc:99:9b:5a:50:5d:9c:ee:9b:98:19:13:07:2f:b0:
e9:1e:f9:fe:a6:e2:dc:21:58:2e:90:8f:40:05:0c:
2d:83:df:d9:59:69:c5:0e:06:73:79:5c:f6:49:7c:
e9:67:6d:eb:75:ed:80:2b:34:ce:44:9d:d3:1c:d8:
8f:69:aa:18:39:e7:b0:d6:76:c8:f2:97:71:81:ae:
85:a2:66:e7:d3:06:5c:34:e7:07:67:18:a4:f9:a8:
69:e7:05:4b:fb:e3:1b:1f:90:05:d8:33:4a:5e:19:
7d:ee:19:1c:02:f3:6a:56:1d:3c:df:db:aa:45:48:
61:1e:1a:94:08:f1:cc:64:de:d3:81:63:c9:75:48:
6b:94:80:eb:15:26:fe:d2:bf:73:4f:5e:60:9e:a5:
5f:66:96:7d:53:a4:9a:29:a7:65:cb:b2:6f:6d:a9:
a7:8c:96:83:f2:10:6e:21:4b:bb:17:5d:08:2e:b2:
c4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:79:6A:57:E1:02:6D:38:56:AE:1D:AF:5E:4A:C6:1E:FC:AC:FC:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
be:c8:3c:e0:05:ad:3a:35:49:37:af:e0:fe:d5:89:81:31:3b:
c3:ff:3c:ea:1e:6a:eb:4f:85:6d:1a:d0:f6:07:1b:63:49:cc:
fd:f4:8b:f8:25:0e:f8:a0:93:eb:a6:1b:dc:d1:d4:33:27:02:
ac:c0:50:4f:39:19:85:9f:9d:fb:2d:a1:a0:a9:31:92:24:33:
4b:04:37:e6:96:19:e8:85:b5:21:94:41:fe:56:bd:1a:bd:73:
6c:4a:c2:6a:26:86:20:3e:b5:41:62:cc:eb:f8:57:c7:03:7a:
56:01:62:39:89:d4:1d:3a:1d:2f:11:7a:ac:84:9a:dd:b9:7f:
73:4e:12:29:b0:7b:ea:41:45:4a:6a:81:ff:a1:1b:ab:a2:78:
cf:1d:79:52:1f:e5:2a:d1:ce:05:db:c4:66:92:88:76:8c:73:
a6:dd:20:a3:c7:11:2d:02:59:f5:5c:a3:d1:f9:cc:d0:80:58:
9d:69:c5:f8:50:56:c8:ce:e5:32:d7:28:a7:71:9a:ae:81:52:
3c:71:5e:22:ff:03:0d:d3:62:7a:22:ea:a6:8f:b1:66:a8:c8:
70:f8:5f:cf:ef:51:d6:36:2f:e7:c9:26:d2:cf:ef:27:91:8f:
e6:45:70:a7:7f:d7:87:6e:18:7d:c1:ca:9b:cd:3f:3e:27:3b:
b3:9c:73:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQYLwqs6Gr9LFGZM4pZ6W21TQJEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyYzVmODNiNzZmNTExZDUzNWQyZmQ2OTQ2YTE5YTRlMmE1YTVhZWMwZGI1
ZWE5ZmRlNGJlODRjNmRkZDU0YWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnRgvdBXmtQrZOZ4exCw9BMrXrzwZOI201x7vAcw/Twd+VjLj7gH5gU0q/q
qzMST+IJxxu6BSGkjj+1j3M7eKd1+XRPoLP8adN5zJmbWlBdnO6bmBkTBy+w6R75
/qbi3CFYLpCPQAUMLYPf2VlpxQ4Gc3lc9kl86Wdt63XtgCs0zkSd0xzYj2mqGDnn
sNZ2yPKXcYGuhaJm59MGXDTnB2cYpPmoaecFS/vjGx+QBdgzSl4Zfe4ZHALzalYd
PN/bqkVIYR4alAjxzGTe04FjyXVIa5SA6xUm/tK/c09eYJ6lX2aWfVOkmimnZcuy
b22pp4yWg/IQbiFLuxddCC6yxJ0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTKeWpX
4QJtOFauHa9eSsYe/Kz8dDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAvsg84AWtOjVJN6/g/tWJgTE7w/886h5q60+FbRrQ
9gcbY0nM/fSL+CUO+KCT66Yb3NHUMycCrMBQTzkZhZ+d+y2hoKkxkiQzSwQ35pYZ
6IW1IZRB/la9Gr1zbErCaiaGID61QWLM6/hXxwN6VgFiOYnUHTodLxF6rISa3bl/
c04SKbB76kFFSmqB/6Ebq6J4zx15Uh/lKtHOBdvEZpKIdoxzpt0go8cRLQJZ9Vyj
0fnM0IBYnWnF+FBWyM7lMtcop3GaroFSPHFeIv8DDdNieiLqpo+xZqjIcPhfz+9R
1jYv58km0s/vJ5GP5kVwp3/Xh24YfcHKm80/Pic7s5xz/g==
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:32:41 2023 by rpki-client on console-ams.rpki-client.org