Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: a7Kc5jsYqk7MaDkJyI1cIcEa1Af8EE8SW2U9B/L940Q=
Subject key identifier: 30:CA:4C:CA:12:A0:74:8E:95:D7:92:31:A7:09:AD:8C:7C:10:E7:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 058EBE1531C70446F6FB150EB6AF521AE8B9E1E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:8e:be:15:31:c7:04:46:f6:fb:15:0e:b6:af:52:1a:e8:b9:e1:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=337cd57a87cf84563531baa0f340f96109b8e09464358afa6b15bfe6f30f8802, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bb:c8:0c:cb:20:0d:0a:ba:1c:8a:79:80:64:
cd:f4:60:0a:36:43:60:05:23:48:bc:77:7b:6a:28:
25:8f:08:1b:a1:61:d0:36:98:a9:95:f0:3e:80:f9:
06:ea:12:c7:03:41:57:e2:c9:6f:24:b7:4b:aa:d5:
fb:75:59:33:44:f5:b4:ec:b4:0b:0c:8f:65:d5:dc:
9c:71:7e:7b:a6:4e:db:10:4d:f0:b3:25:f1:a0:81:
c6:61:6b:7c:cd:55:4d:21:ed:a8:99:ce:1c:15:29:
62:7d:a2:fb:8c:fb:78:fb:41:cf:4c:02:c7:50:1d:
13:c3:f9:50:c5:a2:ba:70:d4:73:7c:2c:35:9b:ed:
7e:38:6e:cd:80:2b:b6:29:2b:18:02:17:a7:71:2e:
c0:d0:fb:78:62:5b:20:f4:17:b1:94:c9:c2:dd:8a:
2f:10:dd:75:7c:9a:6e:f9:03:dc:b7:23:e0:b4:60:
ea:57:d1:82:61:cd:b1:54:c5:2e:2f:28:03:4d:e6:
55:62:8e:db:5a:1a:8a:9e:0b:f2:fe:cd:db:82:60:
76:c9:e9:81:44:a5:14:01:14:3f:04:45:eb:e8:7c:
b4:51:64:60:fa:94:8c:e7:ec:04:08:9d:87:a4:10:
98:93:7b:30:ce:7c:89:14:2d:be:50:ed:80:95:09:
9b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:CA:4C:CA:12:A0:74:8E:95:D7:92:31:A7:09:AD:8C:7C:10:E7:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:58:87:3c:c1:4e:8d:65:45:7b:dc:84:a4:b9:f9:6b:e4:5a:
0d:24:b3:f1:d2:5e:ea:91:b4:50:17:d2:6e:8d:86:23:0f:e9:
98:cb:dd:f9:a8:f9:2d:1d:6b:15:8b:22:b3:fe:d3:53:34:ec:
90:14:15:45:cc:56:43:83:72:9c:77:dd:d3:65:fa:8d:91:f5:
dc:fb:ce:59:40:9a:10:01:cb:26:8d:eb:bd:35:4e:45:75:1b:
47:6b:61:9c:4a:72:f3:18:17:c7:62:2f:97:b3:3c:43:5b:3d:
1b:0b:7c:9b:65:fb:44:88:99:55:20:3f:22:81:be:48:7a:d0:
f7:cd:b8:2b:99:87:e3:84:9e:af:c9:89:4d:7d:bc:bb:63:8d:
dd:d4:98:ef:7c:03:0c:1e:88:b7:b9:e2:16:b6:37:e0:f8:ea:
4b:81:e7:1f:27:c1:a9:b1:7f:3a:b6:0a:59:43:0e:30:2a:7a:
46:5a:d2:44:f1:2c:0e:f3:b9:db:7e:83:ff:4a:38:fd:e6:02:
e4:a8:a5:e3:eb:14:99:33:dd:85:d5:f7:98:51:16:5c:e9:03:
25:dc:3d:44:db:ec:08:93:a7:e4:d0:14:66:f8:42:17:7a:80:
7f:d2:30:45:b6:d7:6a:68:c8:5f:0a:d8:21:a7:91:ae:b2:61:
2f:af:cf:47
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBY6+FTHHBEb2+xUOtq9SGui54ecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzN2NkNTdhODdjZjg0NTYzNTMxYmFhMGYzNDBmOTYxMDliOGUwOTQ2NDM1
OGFmYTZiMTViZmU2ZjMwZjg4MDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALG7yAzLIA0KuhyKeYBkzfRgCjZDYAUjSLx3e2ooJY8IG6Fh0DaYqZXwPoD5
BuoSxwNBV+LJbyS3S6rV+3VZM0T1tOy0CwyPZdXcnHF+e6ZO2xBN8LMl8aCBxmFr
fM1VTSHtqJnOHBUpYn2i+4z7ePtBz0wCx1AdE8P5UMWiunDUc3wsNZvtfjhuzYAr
tikrGAIXp3EuwND7eGJbIPQXsZTJwt2KLxDddXyabvkD3Lcj4LRg6lfRgmHNsVTF
Li8oA03mVWKO21oaip4L8v7N24JgdsnpgUSlFAEUPwRF6+h8tFFkYPqUjOfsBAid
h6QQmJN7MM58iRQtvlDtgJUJmz8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQwykzK
EqB0jpXXkjGnCa2MfBDniDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAvViHPMFOjWVFe9yEpLn5a+RaDSSz8dJe6pG0UBfS
bo2GIw/pmMvd+aj5LR1rFYsis/7TUzTskBQVRcxWQ4NynHfd02X6jZH13PvOWUCa
EAHLJo3rvTVORXUbR2thnEpy8xgXx2Ivl7M8Q1s9Gwt8m2X7RIiZVSA/IoG+SHrQ
9824K5mH44Ser8mJTX28u2ON3dSY73wDDB6It7niFrY34PjqS4HnHyfBqbF/OrYK
WUMOMCp6RlrSRPEsDvO5236D/0o4/eYC5Kil4+sUmTPdhdX3mFEWXOkDJdw9RNvs
CJOn5NAUZvhCF3qAf9IwRbbXamjIXwrYIaeRrrJhL6/PRw==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org