Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: hAU27TU8SvSmD7EnSEMnAg1dnb+8WlwEgOLFhC4QZpE=
Subject key identifier: E0:15:B9:DE:C1:7B:D0:B4:1A:81:BB:6F:3B:B0:32:7A:23:7C:D5:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7426D0250F4DEDD5FD570FB475DAA29157459C7B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Tue 03 Oct 2023 00:00:00 +0000
ROA not before: Tue 03 Oct 2023 00:00:00 +0000
ROA not after: Tue 07 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Oct 2023 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:26:d0:25:0f:4d:ed:d5:fd:57:0f:b4:75:da:a2:91:57:45:9c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 3 00:00:00 2023 GMT
Not After : Nov 7 23:59:59 2023 GMT
Subject: serialNumber=2be986a7ccf0daec5b450a7efbef0ce72befdc1b0c8992cb0a9b9570e3833e35, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:23:5a:ae:c0:91:67:47:0d:09:18:d7:93:58:
7b:88:72:20:5c:42:64:b3:c6:a7:25:a9:62:18:3f:
59:ad:aa:d7:0f:68:36:38:03:5b:92:f6:95:12:44:
a9:b6:f9:7f:93:d0:f1:af:45:e3:9f:b8:a5:49:9a:
2f:f3:5c:7f:5c:c5:50:01:02:4e:55:27:5f:b3:27:
e9:ac:33:83:43:62:e1:4e:db:99:7a:2f:71:f4:47:
e0:b8:1f:68:9c:07:1e:c3:c2:98:00:3a:a8:c4:1a:
a9:da:81:e4:f1:1a:cf:67:d9:5f:c8:d9:5e:bc:58:
69:ad:fd:32:a8:99:87:9a:6c:66:06:02:e4:a3:f9:
1f:5c:4f:a2:75:2d:bb:b5:e5:1d:0e:85:8c:f2:a4:
1f:de:69:ff:01:1c:2e:41:48:0b:b1:a6:32:a2:b1:
50:cf:29:b2:6a:a0:6c:8a:1f:da:fc:5d:1f:70:57:
0b:7b:74:c0:05:95:d8:a2:2c:4f:81:80:70:d6:ef:
01:d2:75:c9:3a:21:85:b6:bb:bc:69:7d:1a:e4:9a:
10:18:96:93:48:f2:d6:80:c4:dc:21:17:6e:88:3d:
f5:fa:62:10:04:6d:7b:66:42:29:72:61:13:34:52:
a4:98:6b:d7:42:d3:24:2b:73:af:d1:64:56:11:5e:
60:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:15:B9:DE:C1:7B:D0:B4:1A:81:BB:6F:3B:B0:32:7A:23:7C:D5:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0e:f3:9d:ae:fb:b0:a6:cb:df:e0:7a:f3:b9:b4:ea:1a:f0:42:
fc:f3:97:d2:a6:a1:9d:fe:3f:30:7a:a9:80:f4:b5:95:81:cb:
73:57:15:4b:15:da:06:bd:7c:97:d6:13:4b:6e:8a:d6:38:8f:
cf:6f:0a:c1:a6:75:4c:ce:da:74:e7:2f:eb:f8:9c:8d:f2:be:
7e:69:04:41:05:a3:51:b3:b3:71:55:6a:86:5b:da:e3:de:90:
dc:52:50:d7:a8:a9:c9:df:42:6f:a7:8e:07:4e:e4:76:d5:1f:
44:8c:cc:86:44:cf:c1:7a:78:a6:aa:4c:f5:91:32:3e:c1:4f:
65:47:ce:1e:fd:db:55:ee:97:a2:93:1f:41:aa:08:a9:d6:4f:
e0:39:47:ee:8d:bf:ea:d5:d6:57:de:4b:41:b0:b4:50:ed:66:
fc:ba:9b:28:6a:1f:32:84:86:76:f1:c5:08:20:7b:f8:4d:2b:
66:7c:57:92:ef:10:e4:94:d8:b5:65:33:ab:c3:b2:2c:04:4b:
5d:a1:28:24:ee:b9:e8:06:99:7c:e4:c6:3d:1a:97:8b:36:6d:
6d:2a:5c:70:28:40:83:46:97:c4:ec:cd:ef:09:6c:c8:e4:c9:
f6:b8:a3:5a:d2:0b:31:55:87:fa:fc:13:89:aa:16:1a:0b:f3:
1a:a4:07:39
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdCbQJQ9N7dX9Vw+0ddqikVdFnHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzEwMDMwMDAwMDBaFw0yMzExMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiZTk4NmE3Y2NmMGRhZWM1YjQ1MGE3ZWZiZWYwY2U3MmJlZmRjMWIwYzg5
OTJjYjBhOWI5NTcwZTM4MzNlMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAjWq7AkWdHDQkY15NYe4hyIFxCZLPGpyWpYhg/Wa2q1w9oNjgDW5L2lRJE
qbb5f5PQ8a9F45+4pUmaL/Ncf1zFUAECTlUnX7Mn6awzg0Ni4U7bmXovcfRH4Lgf
aJwHHsPCmAA6qMQaqdqB5PEaz2fZX8jZXrxYaa39MqiZh5psZgYC5KP5H1xPonUt
u7XlHQ6FjPKkH95p/wEcLkFIC7GmMqKxUM8psmqgbIof2vxdH3BXC3t0wAWV2KIs
T4GAcNbvAdJ1yTohhba7vGl9GuSaEBiWk0jy1oDE3CEXbog99fpiEARte2ZCKXJh
EzRSpJhr10LTJCtzr9FkVhFeYO0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgFbne
wXvQtBqBu287sDJ6I3zV2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQAO852u+7Cmy9/gevO5tOoa8EL885fSpqGd/j8weqmA
9LWVgctzVxVLFdoGvXyX1hNLborWOI/PbwrBpnVMztp05y/r+JyN8r5+aQRBBaNR
s7NxVWqGW9rj3pDcUlDXqKnJ30Jvp44HTuR21R9EjMyGRM/Benimqkz1kTI+wU9l
R84e/dtV7peikx9Bqgip1k/gOUfujb/q1dZX3ktBsLRQ7Wb8upsoah8yhIZ28cUI
IHv4TStmfFeS7xDklNi1ZTOrw7IsBEtdoSgk7rnoBpl85MY9GpeLNm1tKlxwKECD
RpfE7M3vCWzI5Mn2uKNa0gsxVYf6/BOJqhYaC/MapAc5
-----END CERTIFICATE-----
Generated at Tue Oct 3 15:52:36 2023 by rpki-client on console-fra.rpki-client.org