Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: dhfOALuzU7KUyaWyveP4Vkb6PPMWGc8RtPJYqfvVVKY=
Subject key identifier: BA:5B:B6:65:6E:9B:B8:C9:D7:B3:D5:E3:74:B5:B2:1D:9E:80:C6:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B398EEBC766020CE6D081518FF34D77B01CF28B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:39:8e:eb:c7:66:02:0c:e6:d0:81:51:8f:f3:4d:77:b0:1c:f2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=8e6da2ea71dc7783d7567a1b2d08a9f7383c097088d8ee88acab35d4181c3f72, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:74:f8:8a:7c:2e:b7:37:9f:e6:be:4b:b6:34:
c5:4d:33:9a:28:5a:29:38:d8:e5:ee:ec:28:58:34:
8a:bc:6c:8c:e0:d1:d1:50:48:03:6f:16:71:e2:d7:
ac:98:f5:eb:0d:4b:2e:14:16:61:e1:45:df:13:d0:
68:26:45:9a:d4:08:f1:3b:0c:96:ba:56:92:09:c5:
0c:d9:1f:ee:1f:78:9d:c8:2b:b7:40:24:96:fa:ce:
c9:c9:10:9d:eb:48:f5:06:a4:d1:20:46:b5:ac:18:
3e:20:20:d3:5e:03:43:62:66:e5:b8:39:93:3d:96:
b4:9b:94:c0:78:b7:ea:09:32:e4:c6:f6:1f:dd:4c:
47:b0:15:e4:95:0c:49:4d:00:7d:4c:a1:e7:6f:74:
51:79:a1:bf:09:02:94:4e:8f:09:42:47:03:80:17:
df:fa:44:9e:28:50:da:d8:bb:37:c9:32:4d:e7:76:
c6:f3:20:21:3a:73:25:82:9d:0e:a6:39:4d:4e:0d:
f3:6d:b5:b5:0e:5b:98:85:a8:27:92:6c:03:f4:77:
1f:d4:44:72:d6:25:d0:f4:f8:80:7d:e0:7b:00:e8:
cc:9d:bd:37:56:74:0b:91:0a:d3:ef:57:4f:0e:b7:
ed:fe:ba:f2:43:2f:d4:64:bd:59:f3:23:41:e7:4d:
b6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5B:B6:65:6E:9B:B8:C9:D7:B3:D5:E3:74:B5:B2:1D:9E:80:C6:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:5f:2d:04:00:3d:b5:18:7f:82:43:3e:81:da:4a:d1:fc:c4:
c8:2f:b1:09:50:77:5d:90:29:94:99:a3:74:44:dc:cb:c3:da:
e8:87:c1:63:32:1a:ea:fe:d0:0d:77:1d:af:43:b5:47:7c:b6:
9e:c2:ad:5e:58:40:da:74:34:a8:66:2c:dc:30:1f:08:65:43:
60:9b:43:19:bd:f6:9f:a8:9f:ff:5a:4e:0e:5d:79:35:b3:54:
dc:fe:49:6c:84:7a:ef:b1:e6:2a:87:4e:34:01:ae:c3:7c:eb:
16:35:fd:39:b1:95:18:ce:1c:a8:78:d4:0e:73:4d:05:ea:1c:
2d:c3:7f:09:04:31:c3:5a:06:04:62:f9:b9:d5:f0:5b:4f:f1:
97:e0:ce:0a:d2:01:f9:54:a5:d2:51:40:a1:19:e6:ce:d4:12:
63:75:9e:87:4a:1e:86:60:d3:0b:53:3f:10:bd:66:d9:e6:73:
0d:e2:27:84:e3:8b:19:7c:f7:c1:a1:8a:f7:4a:34:8e:64:af:
84:1e:1a:83:7b:27:7a:4f:8e:df:44:dc:83:d6:c0:45:99:c2:
13:54:23:98:a5:1d:22:a9:22:39:3d:cf:b9:a6:ba:ce:b1:dc:
4a:07:14:73:20:0f:61:6c:b1:a2:7a:99:3b:fd:15:d9:aa:8d:
75:f8:16:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGzmO68dmAgzm0IFRj/NNd7Ac8oswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNmRhMmVhNzFkYzc3ODNkNzU2N2ExYjJkMDhhOWY3MzgzYzA5NzA4OGQ4
ZWU4OGFjYWIzNWQ0MTgxYzNmNzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJ0+Ip8Lrc3n+a+S7Y0xU0zmihaKTjY5e7sKFg0irxsjODR0VBIA28WceLX
rJj16w1LLhQWYeFF3xPQaCZFmtQI8TsMlrpWkgnFDNkf7h94ncgrt0AklvrOyckQ
netI9Qak0SBGtawYPiAg014DQ2Jm5bg5kz2WtJuUwHi36gky5Mb2H91MR7AV5JUM
SU0AfUyh5290UXmhvwkClE6PCUJHA4AX3/pEnihQ2ti7N8kyTed2xvMgITpzJYKd
DqY5TU4N8221tQ5bmIWoJ5JsA/R3H9REctYl0PT4gH3gewDozJ29N1Z0C5EK0+9X
Tw637f668kMv1GS9WfMjQedNtncCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6W7Zl
bpu4ydez1eN0tbIdnoDGazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQBUXy0EAD21GH+CQz6B2krR/MTIL7EJUHddkCmUmaN0
RNzLw9roh8FjMhrq/tANdx2vQ7VHfLaewq1eWEDadDSoZizcMB8IZUNgm0MZvfaf
qJ//Wk4OXXk1s1Tc/klshHrvseYqh040Aa7DfOsWNf05sZUYzhyoeNQOc00F6hwt
w38JBDHDWgYEYvm51fBbT/GX4M4K0gH5VKXSUUChGebO1BJjdZ6HSh6GYNMLUz8Q
vWbZ5nMN4ieE44sZfPfBoYr3SjSOZK+EHhqDeyd6T47fRNyD1sBFmcITVCOYpR0i
qSI5Pc+5prrOsdxKBxRzIA9hbLGiepk7/RXZqo11+BYh
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:38:26 2023 by rpki-client on console-fra.rpki-client.org