Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: s0CP7aaGxbMtvXnEmffGviBWYpdgT0EmA/unZfnilRg=
Subject key identifier: E3:C9:24:15:73:BA:A0:8E:CD:9D:32:87:64:0E:38:83:80:99:AB:94
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 45A8BE4E83EC3646880E5B14E48D3914C80A195E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:a8:be:4e:83:ec:36:46:88:0e:5b:14:e4:8d:39:14:c8:0a:19:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=0e57174f904c86e9b061faa8081bb919ba606590ad08cccda50a0b66238bbe4b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:eb:52:4e:be:ca:32:01:61:34:21:4f:4d:39:
72:e3:90:bc:b5:cd:be:34:1c:46:0a:5c:36:5f:dc:
08:c0:b9:21:38:bc:2a:d1:0b:ba:db:36:70:50:f3:
e5:13:7a:85:a9:72:d7:7e:e4:07:68:3f:78:e8:0c:
5e:16:42:d9:46:bd:e0:4e:37:64:e0:fa:42:23:8e:
51:7a:9e:ff:da:75:3b:59:05:29:ec:25:18:ed:ca:
cb:aa:e0:54:e7:08:43:70:61:09:e3:28:44:02:8e:
e3:92:30:9b:7d:88:6a:01:c2:aa:da:c6:cc:c9:fd:
29:da:fa:39:07:5a:52:77:39:1c:19:a3:b4:67:b7:
a6:82:73:a9:d0:f7:7e:6c:c1:c2:82:c4:3c:6b:fb:
df:7e:f9:27:a4:44:4e:94:d7:96:34:57:f4:5e:0c:
6a:de:84:7a:c5:aa:da:d0:51:fc:ca:f4:85:23:b6:
55:33:26:29:53:78:66:73:cd:1c:2c:57:3b:5c:82:
af:7d:eb:a7:4f:cc:52:cd:c5:d7:0a:39:ef:37:56:
4a:79:a0:b0:41:bd:01:e7:1e:32:ce:fc:70:b1:3f:
03:88:ac:d8:ba:c0:2e:18:2f:c8:06:25:b6:56:17:
48:70:95:3c:bd:64:99:27:bc:bc:f3:d4:2c:3d:60:
d4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C9:24:15:73:BA:A0:8E:CD:9D:32:87:64:0E:38:83:80:99:AB:94
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a0:2d:f4:65:c7:bf:e8:cb:91:f3:fc:d2:9b:02:e3:41:d5:d2:
49:4b:97:96:fc:c0:68:b7:4c:9d:06:e7:2f:7e:72:f7:ed:ff:
ed:e9:09:93:f2:1a:2e:14:ef:a8:e1:6c:12:e8:17:18:4d:9b:
bf:f4:4b:44:0b:4b:78:20:ba:47:9a:35:a1:48:a7:28:e5:41:
b0:7b:49:d3:f6:11:e2:e7:13:8e:ac:1c:66:b6:ae:4f:80:35:
40:6e:fb:17:48:96:27:70:c5:67:5f:39:7d:0a:88:4b:e5:79:
ad:29:5a:67:a8:ef:24:8a:29:d4:7b:7d:da:c1:e3:71:31:52:
fc:a5:3c:69:5f:9d:dc:3f:90:e5:22:77:b5:74:99:77:29:43:
ef:40:a1:3b:bf:08:94:16:c0:c8:aa:1c:6c:52:6b:0e:c4:4f:
fb:74:ef:59:fc:40:4a:4d:d5:88:e8:74:a6:b8:b1:e9:e5:8d:
ca:cb:6f:b4:42:75:39:93:66:90:c5:d6:7e:32:77:5b:52:27:
3c:01:9e:ca:da:c5:70:00:fe:8f:eb:4f:09:a3:d4:c9:56:c1:
da:b8:d1:74:79:b2:7d:5e:52:3d:a8:99:9a:5c:a5:b2:55:da:
c0:1c:a3:f0:44:aa:b3:11:d1:a8:7b:f1:e1:31:b8:ab:c2:b4:
2d:34:9c:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURai+ToPsNkaIDlsU5I05FMgKGV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlNTcxNzRmOTA0Yzg2ZTliMDYxZmFhODA4MWJiOTE5YmE2MDY1OTBhZDA4
Y2NjZGE1MGEwYjY2MjM4YmJlNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODrUk6+yjIBYTQhT005cuOQvLXNvjQcRgpcNl/cCMC5ITi8KtELuts2cFDz
5RN6haly137kB2g/eOgMXhZC2Ua94E43ZOD6QiOOUXqe/9p1O1kFKewlGO3Ky6rg
VOcIQ3BhCeMoRAKO45Iwm32IagHCqtrGzMn9Kdr6OQdaUnc5HBmjtGe3poJzqdD3
fmzBwoLEPGv73375J6RETpTXljRX9F4Mat6EesWq2tBR/Mr0hSO2VTMmKVN4ZnPN
HCxXO1yCr33rp0/MUs3F1wo57zdWSnmgsEG9AeceMs78cLE/A4is2LrALhgvyAYl
tlYXSHCVPL1kmSe8vPPULD1g1PECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjySQV
c7qgjs2dModkDjiDgJmrlDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAoC30Zce/6MuR8/zSmwLjQdXSSUuXlvzAaLdMnQbn
L35y9+3/7ekJk/IaLhTvqOFsEugXGE2bv/RLRAtLeCC6R5o1oUinKOVBsHtJ0/YR
4ucTjqwcZrauT4A1QG77F0iWJ3DFZ185fQqIS+V5rSlaZ6jvJIop1Ht92sHjcTFS
/KU8aV+d3D+Q5SJ3tXSZdylD70ChO78IlBbAyKocbFJrDsRP+3TvWfxASk3ViOh0
prix6eWNystvtEJ1OZNmkMXWfjJ3W1InPAGeytrFcAD+j+tPCaPUyVbB2rjRdHmy
fV5SPaiZmlylslXawByj8ESqsxHRqHvx4TG4q8K0LTScYA==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org