Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: ZiK56jsdNHBLF3qvNvDKHyapjDry1PFbNoKi5I2td4g=
Subject key identifier: 1D:EB:EE:5B:BB:DA:64:5F:44:85:C7:F7:69:C1:4A:61:6F:8E:60:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7927A46F3E22CDAD48E8AAD9E4ADB98B545C08D9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:27:a4:6f:3e:22:cd:ad:48:e8:aa:d9:e4:ad:b9:8b:54:5c:08:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=7759757c1f467dbc52744dc10680d47c0066054eb04d01a0925a2debd487f5cb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f0:ac:2f:9a:e4:4c:c0:a5:15:ad:85:f6:05:
39:65:68:a2:d5:f0:28:79:ce:1e:75:52:48:57:d6:
32:bd:af:25:aa:ae:6b:ee:c0:c6:ff:e0:0b:de:2c:
e3:02:a3:a0:fe:16:23:45:52:93:29:de:c0:9d:eb:
9e:6d:9d:fb:85:9a:2c:43:e8:e6:e1:02:49:c6:04:
1c:10:b8:f4:1c:28:88:6c:82:43:95:e3:96:d8:3a:
4a:85:ad:b6:cd:d5:0c:4e:3b:91:dd:bd:42:bb:75:
6d:d3:9d:11:f4:74:c8:82:21:f7:7a:e5:54:72:69:
1e:29:4a:7c:20:85:d1:5d:7d:2b:96:ed:cc:e6:cc:
96:9b:a4:4d:7f:52:ae:39:86:75:9f:62:92:48:b4:
ce:f8:5b:34:1a:7c:44:65:79:41:8e:b7:04:c1:42:
0a:44:b1:4d:81:41:d1:50:80:9a:9f:6d:b3:92:a5:
24:3b:81:61:07:dc:b8:22:32:98:1d:dd:da:d0:e9:
f3:d7:6d:b6:42:e8:b1:8b:41:05:f4:01:37:b0:a3:
b6:c5:21:fb:e8:35:7e:bd:d7:61:51:aa:4f:95:ed:
76:ad:aa:66:cf:83:44:ce:eb:ef:a7:9a:87:16:28:
21:ab:12:6a:a8:ad:bb:e6:27:3c:19:bf:99:50:c4:
d6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EB:EE:5B:BB:DA:64:5F:44:85:C7:F7:69:C1:4A:61:6F:8E:60:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:e8:a9:1c:85:5f:37:cd:45:32:4b:c9:69:05:93:76:31:1c:
10:7d:8d:87:46:90:88:8c:3b:2e:2f:8e:79:56:1f:19:7b:1b:
27:8c:3a:e5:27:8e:94:60:0d:7b:25:28:15:0b:7f:f1:b5:3b:
77:73:8c:4e:3c:65:be:88:bd:27:11:0b:1f:3c:5d:07:f1:b3:
da:5c:d4:7b:79:9d:3f:de:a5:df:f9:2a:a6:1b:9c:c4:b6:04:
62:25:ae:bb:47:6e:b2:7e:06:d9:74:77:0d:5a:64:6a:a9:d4:
70:87:d1:3b:6e:29:81:5c:26:32:98:36:0a:d4:27:14:9d:ed:
09:5c:42:86:d4:6b:d6:6e:e6:2a:f2:82:e8:b9:45:c0:7e:73:
50:c1:38:65:d1:b6:d4:15:18:c0:69:a5:51:d4:5f:d0:dd:7c:
00:82:37:38:b7:f1:29:77:c8:56:bc:e5:48:ee:11:28:d9:aa:
f7:90:6c:eb:a6:be:05:f6:fd:10:1f:22:9e:17:2d:65:ba:0f:
d2:87:2f:61:f0:f1:e6:4a:67:44:6d:0c:11:29:18:6f:4f:b3:
58:90:33:25:02:dd:b1:08:f0:93:6d:3b:b9:aa:20:5f:a1:0a:
47:29:1a:e2:bf:26:fa:72:20:89:d0:68:99:af:65:3e:98:ef:
ba:0e:4a:3b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeSekbz4iza1I6KrZ5K25i1RcCNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NTk3NTdjMWY0NjdkYmM1Mjc0NGRjMTA2ODBkNDdjMDA2NjA1NGViMDRk
MDFhMDkyNWEyZGViZDQ4N2Y1Y2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrwrC+a5EzApRWthfYFOWVootXwKHnOHnVSSFfWMr2vJaqua+7Axv/gC94s
4wKjoP4WI0VSkynewJ3rnm2d+4WaLEPo5uECScYEHBC49BwoiGyCQ5Xjltg6SoWt
ts3VDE47kd29Qrt1bdOdEfR0yIIh93rlVHJpHilKfCCF0V19K5btzObMlpukTX9S
rjmGdZ9ikki0zvhbNBp8RGV5QY63BMFCCkSxTYFB0VCAmp9ts5KlJDuBYQfcuCIy
mB3d2tDp89dttkLosYtBBfQBN7CjtsUh++g1fr3XYVGqT5Xtdq2qZs+DRM7r76ea
hxYoIasSaqitu+YnPBm/mVDE1g0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQd6+5b
u9pkX0SFx/dpwUphb45gwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAxeipHIVfN81FMkvJaQWTdjEcEH2Nh0aQiIw7Li+O
eVYfGXsbJ4w65SeOlGANeyUoFQt/8bU7d3OMTjxlvoi9JxELHzxdB/Gz2lzUe3md
P96l3/kqphucxLYEYiWuu0dusn4G2XR3DVpkaqnUcIfRO24pgVwmMpg2CtQnFJ3t
CVxChtRr1m7mKvKC6LlFwH5zUME4ZdG21BUYwGmlUdRf0N18AII3OLfxKXfIVrzl
SO4RKNmq95Bs66a+Bfb9EB8inhctZboP0ocvYfDx5kpnRG0MESkYb0+zWJAzJQLd
sQjwk207uaogX6EKRyka4r8m+nIgidBoma9lPpjvug5KOw==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org