Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
File: c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa (raw, json)
Hash identifier: tfELPqww55sSE0cEtaVNHtyFN3CZ3dhizWXv8a7TH40=
Subject key identifier: 14:96:71:CF:49:AA:F9:B1:6C:68:CA:BF:73:12:A1:1D:0A:10:70:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79A1D0AF21E63D83DBD23C4F73F1E07F80ABAB06
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:a1:d0:af:21:e6:3d:83:db:d2:3c:4f:73:f1:e0:7f:80:ab:ab:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=380d8ef179705b5ae36a230cc23ba4001030b6ba39a556acee6a3bf87189c045, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:88:02:08:53:31:49:5c:69:a3:37:9d:f9:4f:
a3:40:f4:a9:b9:0b:a2:c2:13:35:c1:73:5b:6d:37:
fd:6c:b6:b4:8d:a0:72:3f:8d:53:ce:7c:30:0e:0e:
20:81:ce:ea:5f:47:e2:33:9f:f4:42:79:59:0e:96:
28:cb:6b:ec:72:50:1c:69:bb:ba:36:d2:c5:c1:a6:
48:2f:e9:7f:66:ca:36:d7:f9:c0:9c:47:36:64:5c:
cc:96:63:03:cd:3e:c3:c1:fa:ee:b9:42:63:77:9c:
38:fa:03:e6:e9:8d:7a:05:90:b6:3f:fc:47:36:e6:
76:2c:3b:85:28:58:8a:a4:66:b3:41:86:cc:f6:3f:
a4:57:cf:e2:0d:4b:5e:c3:b4:f7:2a:8f:ba:4e:ba:
d5:0a:1b:de:91:92:4d:07:bc:29:89:2f:c4:8d:21:
96:35:67:a4:ce:d7:e8:59:1e:c1:cd:94:58:9f:c5:
4d:e9:94:7f:05:6d:e5:4e:c7:e4:44:f0:45:ad:f7:
48:26:3f:35:ae:c7:42:e2:29:1a:6d:73:ae:13:b5:
73:32:1d:92:ee:30:f5:88:0b:ba:0f:3e:3a:0a:a8:
9d:c9:78:e1:93:bc:7e:24:a3:a7:8a:f5:ed:e9:f7:
cf:29:2e:ee:59:e2:9a:d5:3b:d1:5b:49:19:8b:0e:
b4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:96:71:CF:49:AA:F9:B1:6C:68:CA:BF:73:12:A1:1D:0A:10:70:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2b:7a:4a:24:93:aa:9d:c1:3d:f2:03:72:bf:20:cb:5c:ba:87:
4e:eb:98:53:03:c0:1e:bd:b3:d0:b8:25:75:55:45:d1:6b:43:
fd:28:42:6b:85:03:7d:b6:24:da:f5:a6:90:80:ab:f1:16:9f:
d9:0b:9f:c3:42:cc:99:49:57:78:36:00:5d:c4:bf:32:ec:32:
09:77:22:70:1e:2e:12:65:ff:f7:29:4d:3a:9c:f1:91:19:c4:
4f:57:04:57:e6:c1:9c:79:a7:97:c7:fa:ca:2e:9f:70:a4:8b:
fb:9e:71:d2:9b:0f:b5:00:9d:19:dc:27:d8:e8:64:f4:f0:49:
53:36:bf:bd:07:86:10:33:f6:8c:9a:cc:04:92:22:ea:aa:ce:
87:dc:a3:6b:14:8e:20:a2:3c:ba:9a:d1:fe:32:eb:e5:57:a8:
f7:58:70:7e:76:e5:1a:cc:b0:e1:b9:c3:9b:e8:58:42:24:d8:
a4:1e:9e:6b:2e:fc:10:e0:3b:ea:34:c3:7c:74:ed:0f:66:44:
8b:44:aa:a9:5b:db:d4:e6:8e:4a:e7:81:95:7c:dd:4e:d3:f8:
47:7b:c4:fc:a8:e9:32:e7:02:0e:6d:df:06:ae:9b:83:07:16:
3e:37:aa:fa:ea:74:3e:68:f4:cb:ab:dc:36:c7:38:3d:32:a5:
f8:11:2e:73
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeaHQryHmPYPb0jxPc/Hgf4CrqwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MGQ4ZWYxNzk3MDViNWFlMzZhMjMwY2MyM2JhNDAwMTAzMGI2YmEzOWE1
NTZhY2VlNmEzYmY4NzE4OWMwNDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2IAghTMUlcaaM3nflPo0D0qbkLosITNcFzW203/Wy2tI2gcj+NU858MA4O
IIHO6l9H4jOf9EJ5WQ6WKMtr7HJQHGm7ujbSxcGmSC/pf2bKNtf5wJxHNmRczJZj
A80+w8H67rlCY3ecOPoD5umNegWQtj/8Rzbmdiw7hShYiqRms0GGzPY/pFfP4g1L
XsO09yqPuk661Qob3pGSTQe8KYkvxI0hljVnpM7X6Fkewc2UWJ/FTemUfwVt5U7H
5ETwRa33SCY/Na7HQuIpGm1zrhO1czIdku4w9YgLug8+Ogqoncl44ZO8fiSjp4r1
7en3zyku7lnimtU70VtJGYsOtJUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQUlnHP
Sar5sWxoyr9zEqEdChBwDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzA1ZGE2ZDAtNGJiYi00ZmI0LWI1NTgtNWVmZWMxZjU1NTA2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQArekokk6qdwT3yA3K/IMtcuodO65hTA8AevbPQuCV1
VUXRa0P9KEJrhQN9tiTa9aaQgKvxFp/ZC5/DQsyZSVd4NgBdxL8y7DIJdyJwHi4S
Zf/3KU06nPGRGcRPVwRX5sGceaeXx/rKLp9wpIv7nnHSmw+1AJ0Z3CfY6GT08ElT
Nr+9B4YQM/aMmswEkiLqqs6H3KNrFI4gojy6mtH+MuvlV6j3WHB+duUazLDhucOb
6FhCJNikHp5rLvwQ4DvqNMN8dO0PZkSLRKqpW9vU5o5K54GVfN1O0/hHe8T8qOky
5wIObd8GrpuDBxY+N6r66nQ+aPTLq9w2xzg9MqX4ES5z
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org