Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: kBx/FkJi4LNoCptmDodN9xrj6WlOriVviWwU5Qb3Ww4=
Subject key identifier: AE:42:74:4F:A5:21:04:5C:CE:93:30:34:B8:EA:AE:E5:A0:C7:27:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1903D1467B8B88C0736C0E7B130CB1EC403A4EF4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:03:d1:46:7b:8b:88:c0:73:6c:0e:7b:13:0c:b1:ec:40:3a:4e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=55cf509915d4b80e8f4e5ece34febd09f290bee76a1acc7b192b1bbb916510b3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bf:10:fb:8a:79:26:50:79:12:e6:3f:b5:34:
f2:62:b5:4b:5c:55:18:d2:7b:e5:33:a7:eb:32:20:
f0:41:7d:76:bb:bf:38:dd:d3:4c:ae:14:03:b5:c7:
33:8f:2e:00:26:2d:eb:a0:76:d8:1e:cd:b6:31:36:
14:f8:aa:62:97:ce:7c:8c:65:51:9e:3d:fb:dd:c3:
12:ff:a0:04:25:3e:90:4f:d7:01:a2:0e:3d:00:8f:
cf:1f:29:83:e5:b9:c7:ba:b1:06:ea:9f:df:ff:08:
54:5f:91:01:68:33:60:ea:7a:98:ae:e8:be:d1:89:
18:46:86:cc:a8:55:15:a6:de:94:f6:75:d0:df:bd:
1f:7f:12:78:d5:1f:97:d0:75:99:88:e1:6b:6a:79:
22:f7:46:77:97:5c:c2:bb:70:0b:82:74:3e:b6:1d:
a1:f4:50:61:87:8f:77:c1:0b:b5:56:c4:17:09:6c:
5e:7f:2e:4d:ac:95:21:a7:22:eb:d6:bd:9f:52:c7:
d2:c1:68:1f:e3:5d:66:ab:c8:cf:32:65:f9:0c:5f:
3f:9d:9e:3c:aa:fb:0a:1d:e0:18:ed:d8:76:a8:3a:
b4:20:7e:23:75:4d:41:9e:37:66:cf:4b:47:ac:3d:
45:35:56:59:5b:7c:b0:62:d3:cf:ac:99:f2:60:41:
03:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:42:74:4F:A5:21:04:5C:CE:93:30:34:B8:EA:AE:E5:A0:C7:27:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:46:13:d8:58:82:59:52:06:db:22:a6:df:9e:1f:8d:15:e3:
f9:a2:04:32:2a:e3:8f:66:d2:2e:5e:66:75:31:7c:47:d9:8b:
d0:38:c0:56:7e:e5:09:6f:48:3e:ed:34:7b:41:21:27:1e:d7:
0a:29:e6:30:4d:88:9c:56:a0:7d:23:36:70:f8:6b:0d:50:a6:
bc:78:2f:ce:3f:9b:98:0f:41:47:5b:48:22:d6:91:5a:ed:8b:
d1:97:e3:19:82:8d:c7:d2:71:9a:b4:31:ee:af:a1:c5:64:d9:
d3:4d:dc:15:9b:29:6d:27:ae:d5:3e:d6:69:09:1b:64:c1:2d:
51:05:bb:ec:0b:b2:93:98:ad:7f:2c:89:bd:6f:4a:50:9c:ba:
88:c0:46:c0:8e:ed:5a:91:54:f1:10:b3:f6:3a:db:e4:8d:7a:
68:ff:d1:11:c6:1d:cb:23:07:3a:ca:2e:f6:f5:8b:c9:e2:f8:
6c:13:a4:c2:54:0e:1c:73:c7:28:6e:7a:12:e6:b6:c7:4d:a8:
1a:fa:c6:42:63:85:5e:c4:43:66:01:81:ea:2a:2e:a0:fd:b3:
b0:d3:be:c1:40:fa:3b:ef:20:af:3f:d8:bb:12:86:2a:ad:ae:
2a:4f:67:f1:4d:0d:8b:2c:f0:7c:b7:ca:8c:17:2d:ce:9e:b0:
51:92:6b:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGQPRRnuLiMBzbA57Ewyx7EA6TvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1Y2Y1MDk5MTVkNGI4MGU4ZjRlNWVjZTM0ZmViZDA5ZjI5MGJlZTc2YTFh
Y2M3YjE5MmIxYmJiOTE2NTEwYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKO/EPuKeSZQeRLmP7U08mK1S1xVGNJ75TOn6zIg8EF9dru/ON3TTK4UA7XH
M48uACYt66B22B7NtjE2FPiqYpfOfIxlUZ49+93DEv+gBCU+kE/XAaIOPQCPzx8p
g+W5x7qxBuqf3/8IVF+RAWgzYOp6mK7ovtGJGEaGzKhVFabelPZ10N+9H38SeNUf
l9B1mYjha2p5IvdGd5dcwrtwC4J0PrYdofRQYYePd8ELtVbEFwlsXn8uTayVIaci
69a9n1LH0sFoH+NdZqvIzzJl+QxfP52ePKr7Ch3gGO3Ydqg6tCB+I3VNQZ43Zs9L
R6w9RTVWWVt8sGLTz6yZ8mBBAwUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSuQnRP
pSEEXM6TMDS46q7loMcnYzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQAPRhPYWIJZUgbbIqbfnh+NFeP5ogQyKuOPZtIuXmZ1
MXxH2YvQOMBWfuUJb0g+7TR7QSEnHtcKKeYwTYicVqB9IzZw+GsNUKa8eC/OP5uY
D0FHW0gi1pFa7YvRl+MZgo3H0nGatDHur6HFZNnTTdwVmyltJ67VPtZpCRtkwS1R
BbvsC7KTmK1/LIm9b0pQnLqIwEbAju1akVTxELP2OtvkjXpo/9ERxh3LIwc6yi72
9YvJ4vhsE6TCVA4cc8cobnoS5rbHTaga+sZCY4VexENmAYHqKi6g/bOw077BQPo7
7yCvP9i7EoYqra4qT2fxTQ2LLPB8t8qMFy3OnrBRkmsS
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org