Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
File: ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa (raw, json)
Hash identifier: Sk9Lb/kXxeEdL+wA7T7bHtunpKbSGSwdGqgf3HBJirM=
Subject key identifier: CE:7D:2D:B4:85:EE:96:47:E6:D0:2B:7C:E3:34:0D:0E:C8:FF:59:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 280158F25D14860447DB913E648FFD359C4FC91D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
Signing time: Tue 03 Oct 2023 00:00:00 +0000
ROA not before: Tue 03 Oct 2023 00:00:00 +0000
ROA not after: Tue 07 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Oct 2023 18:28:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:01:58:f2:5d:14:86:04:47:db:91:3e:64:8f:fd:35:9c:4f:c9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 3 00:00:00 2023 GMT
Not After : Nov 7 23:59:59 2023 GMT
Subject: serialNumber=2ddd87d0afbd8f035803bf9f8acb4223468e90ae6a5c6897e3f0fef93491f18d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:81:72:13:bc:94:1b:7c:83:18:8e:3f:00:
68:86:c3:7e:ab:d6:f5:7d:59:b9:35:7b:75:e8:c2:
bc:4b:cc:54:e7:ab:3e:c5:e4:da:42:cb:f5:95:b6:
81:30:82:dc:f3:81:89:cf:de:67:f7:8f:1e:02:26:
60:a7:00:ca:8f:d9:3f:7d:9c:fc:81:01:6e:fb:d5:
6c:87:cb:1c:95:05:4d:59:44:36:aa:de:0b:b7:13:
ca:b6:ef:87:23:58:c6:e1:b9:d5:24:e3:95:0d:b6:
34:49:8d:d9:bf:be:20:75:b4:2d:a3:1d:8f:a0:f5:
db:1a:b9:9b:89:53:81:e6:98:36:ad:46:14:33:e9:
fe:52:df:15:41:b7:61:05:28:ea:be:e2:7e:b0:4f:
e6:e1:8a:8f:60:69:0f:a1:ce:35:d7:c2:25:73:5e:
30:85:f5:ba:3f:a8:83:a9:85:60:c6:e0:fc:00:36:
5a:e4:11:3f:b0:73:fb:4e:94:a0:a7:ee:79:56:3c:
d7:9e:ff:ea:22:5e:ab:3a:13:6d:50:70:52:e5:1e:
b0:42:31:88:de:5d:fd:8d:ee:3b:bb:4f:ab:c7:73:
0e:3e:0c:49:6a:80:cd:2d:53:4f:86:d6:7a:15:df:
c1:e4:c7:f9:53:4d:2e:d8:f8:49:53:ce:de:3c:87:
b5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:7D:2D:B4:85:EE:96:47:E6:D0:2B:7C:E3:34:0D:0E:C8:FF:59:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:bd:89:52:34:7b:2f:f7:26:b3:40:eb:3c:af:24:3a:93:54:
c9:1d:c5:d3:7f:90:d6:b3:3c:d1:b4:2e:88:c0:9f:49:67:a0:
18:ea:14:6e:c7:b9:e7:5e:7b:8f:16:5f:65:17:e3:fd:1d:ad:
c7:31:2d:91:04:78:e6:e0:3f:a3:b9:4f:5c:c2:46:7d:e1:17:
48:5a:89:71:cc:56:44:6f:fa:f6:f3:d2:69:71:76:0c:b2:54:
eb:93:a9:82:48:09:28:56:bd:ab:99:9c:25:98:ca:90:b2:5d:
07:a5:5f:52:c4:d6:e2:42:2c:b1:0b:88:94:38:a4:f4:7a:8f:
38:7e:ff:d2:16:5b:12:b7:1a:ac:9a:a9:18:20:10:85:21:78:
56:f0:fe:19:39:49:e9:a4:1c:65:2b:49:43:0d:d2:17:34:8c:
31:38:9a:de:d5:56:86:da:38:ba:41:be:2a:d1:2f:c4:ec:d2:
77:ea:d3:ab:48:0e:ca:19:6d:cf:ab:99:2e:56:55:9f:4a:bd:
37:4c:d1:d0:df:54:27:bb:6c:53:82:2d:d3:c3:43:1f:01:9f:
7a:0a:60:b2:07:15:26:dd:6b:a1:9b:dd:09:66:99:fc:d3:88:
45:4c:36:28:f4:b9:4f:72:98:eb:d3:72:4b:3a:a9:c2:60:b2:
85:19:67:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKAFY8l0UhgRH25E+ZI/9NZxPyR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzEwMDMwMDAwMDBaFw0yMzExMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkZGQ4N2QwYWZiZDhmMDM1ODAzYmY5ZjhhY2I0MjIzNDY4ZTkwYWU2YTVj
Njg5N2UzZjBmZWY5MzQ5MWYxOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrKgXITvJQbfIMYjj8AaIbDfqvW9X1ZuTV7dejCvEvMVOerPsXk2kLL9ZW2
gTCC3POBic/eZ/ePHgImYKcAyo/ZP32c/IEBbvvVbIfLHJUFTVlENqreC7cTyrbv
hyNYxuG51STjlQ22NEmN2b++IHW0LaMdj6D12xq5m4lTgeaYNq1GFDPp/lLfFUG3
YQUo6r7ifrBP5uGKj2BpD6HONdfCJXNeMIX1uj+og6mFYMbg/AA2WuQRP7Bz+06U
oKfueVY8157/6iJeqzoTbVBwUuUesEIxiN5d/Y3uO7tPq8dzDj4MSWqAzS1TT4bW
ehXfweTH+VNNLtj4SVPO3jyHtRECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOfS20
he6WR+bQK3zjNA0OyP9ZaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YTZkNzEtOGYyYy00YTUxLWI3M2QtMjNhYmNiODFhM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQBBvYlSNHsv9yazQOs8ryQ6k1TJHcXTf5DWszzRtC6I
wJ9JZ6AY6hRux7nnXnuPFl9lF+P9Ha3HMS2RBHjm4D+juU9cwkZ94RdIWolxzFZE
b/r289JpcXYMslTrk6mCSAkoVr2rmZwlmMqQsl0HpV9SxNbiQiyxC4iUOKT0eo84
fv/SFlsStxqsmqkYIBCFIXhW8P4ZOUnppBxlK0lDDdIXNIwxOJre1VaG2ji6Qb4q
0S/E7NJ36tOrSA7KGW3Pq5kuVlWfSr03TNHQ31Qnu2xTgi3Tw0MfAZ96CmCyBxUm
3Wuhm90JZpn804hFTDYo9LlPcpjr03JLOqnCYLKFGWfC
-----END CERTIFICATE-----
Generated at Tue Oct 3 00:31:42 2023 by rpki-client on console-fra.rpki-client.org