Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: qAiW2ko8CfFrweO7AZZ1/u3yuxrVooTlGIHqDrMuKIE=
Subject key identifier: E3:FC:8A:B3:FD:E1:DF:22:24:20:15:E9:D9:4C:F9:D4:11:8D:7D:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4380A6F09765957DCC5306D57DF1BFF8340D2F9B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:80:a6:f0:97:65:95:7d:cc:53:06:d5:7d:f1:bf:f8:34:0d:2f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=55164d92eb576e75522965a5ffd730f4779669d0eb408bf67769b0f44082f66e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:d6:e9:11:0a:f5:ae:56:a9:d7:d7:9c:8d:
b2:5e:03:b1:79:53:49:1b:0e:a4:99:85:5d:70:41:
12:07:f6:50:bd:90:60:be:5c:82:b3:e5:06:76:b0:
96:d0:f0:a0:e9:c0:c3:4f:1a:27:61:60:c6:18:98:
d1:26:0f:5b:db:dc:a5:91:4f:78:01:20:1f:5f:af:
84:0b:e1:d6:92:ca:50:48:e6:09:de:5b:58:75:d7:
01:9c:1f:83:4f:bb:2a:8f:b5:cb:9c:16:c7:8a:69:
22:75:40:f3:a0:c6:64:7d:df:b0:6a:d4:c2:a7:c9:
bf:8f:e9:32:e6:ea:8b:10:86:56:91:2c:67:7b:ae:
80:4c:51:49:a1:65:1b:93:d5:af:a3:dc:60:4b:62:
ff:d4:48:bb:4b:fa:38:9d:9b:77:7b:3b:a8:77:60:
a2:19:37:33:29:ef:be:50:09:fb:d5:ef:fe:ff:af:
98:45:cb:0e:dc:05:c0:6a:6b:24:41:6f:44:10:c2:
87:40:c1:22:6f:38:8b:d0:0d:8b:40:d2:29:f9:c5:
8f:a4:68:91:3b:b4:42:7a:3e:63:ad:67:83:5f:75:
cd:19:ff:37:cd:f0:2d:74:4c:71:aa:16:ba:fa:6c:
e8:aa:9f:75:2a:75:33:4c:67:d7:ea:17:e7:6f:6b:
ad:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FC:8A:B3:FD:E1:DF:22:24:20:15:E9:D9:4C:F9:D4:11:8D:7D:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:94:aa:c8:07:96:00:ad:d8:82:4a:e8:22:5d:64:9d:72:bd:
b4:ef:60:72:b0:82:4c:f2:81:36:54:42:4c:5c:0a:44:b9:8d:
16:38:a2:9e:e3:5b:9e:16:07:2e:ee:58:5b:8c:88:19:c1:d2:
12:d5:8c:50:fd:cf:55:eb:57:37:16:0e:e6:10:6f:16:3d:ff:
a7:e6:8e:1b:17:0b:4f:f5:f2:05:40:09:fe:22:3e:69:1d:8c:
e9:ae:cc:3a:25:f3:98:d9:4e:23:a5:02:36:38:77:51:e1:74:
27:5f:89:62:2d:d9:4c:39:5b:2b:e9:98:9e:4e:ad:47:5d:09:
e2:3c:77:47:cd:05:8a:56:21:14:53:e8:10:97:ee:bf:cb:14:
6b:46:6e:87:9b:be:a9:07:d4:ab:22:e6:7f:a2:35:02:bd:9b:
5d:d1:f2:c3:54:f8:3b:37:32:88:35:46:24:e7:e7:6b:f4:43:
77:25:39:52:64:4c:46:55:4d:14:b8:5f:87:20:e0:e8:e1:a3:
9b:ef:61:e2:65:7d:13:72:73:1c:dc:90:4c:d7:f5:11:f5:9b:
2c:39:86:da:fd:d0:59:4c:7f:d1:c3:03:b3:d4:77:26:98:5a:
ca:32:ed:3d:e8:74:ee:0d:84:60:31:e8:40:d9:54:db:4b:9e:
0d:88:58:2d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ4Cm8JdllX3MUwbVffG/+DQNL5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1MTY0ZDkyZWI1NzZlNzU1MjI5NjVhNWZmZDczMGY0Nzc5NjY5ZDBlYjQw
OGJmNjc3NjliMGY0NDA4MmY2NmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+K1ukRCvWuVqnX15yNsl4DsXlTSRsOpJmFXXBBEgf2UL2QYL5cgrPlBnaw
ltDwoOnAw08aJ2FgxhiY0SYPW9vcpZFPeAEgH1+vhAvh1pLKUEjmCd5bWHXXAZwf
g0+7Ko+1y5wWx4ppInVA86DGZH3fsGrUwqfJv4/pMubqixCGVpEsZ3uugExRSaFl
G5PVr6PcYEti/9RIu0v6OJ2bd3s7qHdgohk3MynvvlAJ+9Xv/v+vmEXLDtwFwGpr
JEFvRBDCh0DBIm84i9ANi0DSKfnFj6RokTu0Qno+Y61ng191zRn/N83wLXRMcaoW
uvps6KqfdSp1M0xn1+oX529rrRsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTj/Iqz
/eHfIiQgFenZTPnUEY19hDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBxlKrIB5YArdiCSugiXWSdcr2072BysIJM8oE2VEJM
XApEuY0WOKKe41ueFgcu7lhbjIgZwdIS1YxQ/c9V61c3Fg7mEG8WPf+n5o4bFwtP
9fIFQAn+Ij5pHYzprsw6JfOY2U4jpQI2OHdR4XQnX4liLdlMOVsr6ZieTq1HXQni
PHdHzQWKViEUU+gQl+6/yxRrRm6Hm76pB9SrIuZ/ojUCvZtd0fLDVPg7NzKINUYk
5+dr9EN3JTlSZExGVU0UuF+HIODo4aOb72HiZX0TcnMc3JBM1/UR9ZssOYba/dBZ
TH/RwwOz1HcmmFrKMu096HTuDYRgMehA2VTbS54NiFgt
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org