Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: DEA+5UnBiZEkC4yo/3JdAuyYSz/Ofux57jQFwRfYGd0=
Subject key identifier: 95:66:59:6C:C3:CA:28:E0:28:A9:E8:25:5D:7A:2C:7E:A9:22:A0:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C5ECAC7D768377A80EAAE3C2FBB5FA600E6F652
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:5e:ca:c7:d7:68:37:7a:80:ea:ae:3c:2f:bb:5f:a6:00:e6:f6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=2ac909b65c298916fb1673951a31fe2bc9c4c4575908af13aed9f005145ca402, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:83:8a:4a:ac:b6:11:9a:a0:e0:ee:4e:6a:d7:
f3:f2:6f:b3:5c:c0:84:56:36:26:98:76:fe:6c:06:
ef:2d:c4:aa:80:1e:71:5b:96:9b:0a:f7:8f:b5:10:
4b:e3:1f:46:60:76:d6:c3:78:24:4e:fd:8d:c2:cd:
10:ca:13:cc:e6:41:6e:4e:24:81:3d:a5:b4:26:22:
f1:22:eb:94:86:4e:b6:11:a1:00:40:68:42:89:af:
6c:d7:4a:b4:11:43:13:bc:c7:53:5f:f3:69:23:54:
f9:88:bc:e7:8e:6d:f2:d4:aa:a6:d9:79:cd:af:98:
4c:af:0c:24:eb:8a:4f:9a:f8:b3:12:57:00:c0:68:
e1:f6:c6:14:14:c1:43:ca:5e:63:db:97:ab:ff:74:
39:b8:b2:f8:f1:1c:69:65:1b:6c:01:01:ad:a0:92:
a0:eb:ba:07:d1:5c:e9:df:13:e9:a1:0e:bd:40:af:
49:f2:b1:4f:5c:b8:88:bf:2b:e7:b9:02:78:e1:99:
13:93:94:2d:1d:41:c6:6c:10:9a:2e:d0:c2:e4:a5:
36:90:7e:64:08:26:b5:cf:48:98:50:05:92:e2:f8:
3a:90:44:29:ac:e7:f6:b5:ef:d3:46:4d:14:7a:bc:
de:97:1a:da:8a:fb:f6:92:f5:80:a0:79:aa:b6:15:
a8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:66:59:6C:C3:CA:28:E0:28:A9:E8:25:5D:7A:2C:7E:A9:22:A0:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
29:75:95:3d:96:6d:e1:80:3b:c4:46:15:13:0b:26:ae:01:4f:
72:8a:bf:3e:79:ba:bf:20:f6:85:53:f4:0b:4b:6a:f7:af:54:
16:86:bb:f2:b3:81:f2:67:83:fa:91:67:1c:c8:35:0f:f4:d7:
d5:4e:8c:29:18:81:2e:e5:6b:7d:08:31:6d:4f:25:dc:17:0e:
fc:04:02:90:5d:c6:6d:a5:29:59:c9:62:22:f6:dc:a7:b7:13:
82:d0:11:95:95:d8:d8:4c:b6:35:b7:cd:a5:fc:10:ad:bc:a4:
fb:9c:ca:3f:10:fe:8b:61:16:26:08:32:f2:7a:bd:df:c7:9e:
c7:db:ea:18:7d:da:cd:8b:74:1f:21:5f:84:43:33:62:e4:63:
49:eb:9f:22:55:21:34:99:b1:db:1a:35:56:2d:d1:3d:d8:84:
45:7b:1b:9a:8a:8c:08:e0:f9:62:3f:c4:89:11:b0:9f:10:e3:
1d:79:c5:28:a4:f9:fc:df:e0:e5:0c:09:31:45:84:85:33:aa:
e2:49:68:bb:17:7a:8a:db:c1:9f:84:e2:81:4a:2f:f4:4e:6b:
33:d0:f1:27:10:91:7b:6e:b9:68:08:f7:ae:ba:b0:ef:32:72:
db:c6:8a:99:c4:07:08:30:e9:2a:50:32:a8:ec:46:79:e0:50:
ea:82:62:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHF7Kx9doN3qA6q48L7tfpgDm9lIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhYzkwOWI2NWMyOTg5MTZmYjE2NzM5NTFhMzFmZTJiYzljNGM0NTc1OTA4
YWYxM2FlZDlmMDA1MTQ1Y2E0MDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2DikqsthGaoODuTmrX8/Jvs1zAhFY2Jph2/mwG7y3EqoAecVuWmwr3j7UQ
S+MfRmB21sN4JE79jcLNEMoTzOZBbk4kgT2ltCYi8SLrlIZOthGhAEBoQomvbNdK
tBFDE7zHU1/zaSNU+Yi8545t8tSqptl5za+YTK8MJOuKT5r4sxJXAMBo4fbGFBTB
Q8peY9uXq/90Obiy+PEcaWUbbAEBraCSoOu6B9Fc6d8T6aEOvUCvSfKxT1y4iL8r
57kCeOGZE5OULR1BxmwQmi7QwuSlNpB+ZAgmtc9ImFAFkuL4OpBEKazn9rXv00ZN
FHq83pca2or79pL1gKB5qrYVqBcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSVZlls
w8oo4Cip6CVdeix+qSKgpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQApdZU9lm3hgDvERhUTCyauAU9yir8+ebq/IPaFU/QL
S2r3r1QWhrvys4HyZ4P6kWccyDUP9NfVTowpGIEu5Wt9CDFtTyXcFw78BAKQXcZt
pSlZyWIi9tyntxOC0BGVldjYTLY1t82l/BCtvKT7nMo/EP6LYRYmCDLyer3fx57H
2+oYfdrNi3QfIV+EQzNi5GNJ658iVSE0mbHbGjVWLdE92IRFexuaiowI4PliP8SJ
EbCfEOMdecUopPn83+DlDAkxRYSFM6riSWi7F3qK28GfhOKBSi/0Tmsz0PEnEJF7
brloCPeuurDvMnLbxoqZxAcIMOkqUDKo7EZ54FDqgmJv
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org