Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cc65de9d-dc78-4e7d-96ff-16c3294057be.roa
File: cc65de9d-dc78-4e7d-96ff-16c3294057be.roa (raw, json)
Hash identifier: e5WwvYE9Fl7IRfU00tZBAuwRHvWurD65Db2WcxoVAqI=
Subject key identifier: 14:14:54:13:38:87:A2:10:75:FB:86:E0:85:62:53:15:FD:7F:DE:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68A831C50121AEBEAEE721B19FA8BB6A69C0B7CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cc65de9d-dc78-4e7d-96ff-16c3294057be.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a8:31:c5:01:21:ae:be:ae:e7:21:b1:9f:a8:bb:6a:69:c0:b7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=ae38fb27255b40a547f48559bef7c15f573770b3c7d15d05fccf3982a2817e39, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7c:a9:b9:4a:68:18:dd:df:b7:cf:45:d2:b5:
6c:57:81:c5:7b:30:33:e2:88:1e:dc:ca:82:09:af:
84:af:8b:c9:ed:e0:f8:4b:15:30:5f:cb:f8:07:88:
d8:ab:14:80:1b:7d:6f:37:45:ae:02:2a:b9:75:ff:
27:e6:8f:41:17:b7:4c:5c:43:16:cb:de:ae:e0:17:
05:35:7b:7f:7d:be:75:6f:ca:94:b1:3c:ef:94:cb:
e0:71:eb:4c:24:93:a9:c0:31:88:e3:e4:9e:ea:24:
77:b6:58:72:93:72:5b:28:30:8a:90:29:8c:8a:f2:
d2:47:dd:30:20:b3:e7:51:f2:2b:c0:99:c5:f4:ed:
66:c6:32:04:40:5a:46:35:f2:ac:71:e7:e7:76:01:
25:80:c1:24:d4:7a:97:ab:62:5c:e2:ef:f9:55:0a:
40:6d:14:4c:37:bf:99:21:73:6b:d0:72:68:c8:43:
64:79:fc:ea:56:2b:b4:34:1a:9b:5c:60:95:e4:56:
31:32:c2:25:f6:86:66:7b:5c:c3:bd:ac:dc:2c:b4:
68:bd:f7:6e:fc:5d:44:5d:af:43:07:f2:85:ff:24:
10:45:aa:13:b8:84:da:2f:10:e6:88:bc:d2:c1:70:
3f:ab:5a:9f:82:ba:9e:a4:ec:1b:5c:c8:08:0d:16:
08:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:14:54:13:38:87:A2:10:75:FB:86:E0:85:62:53:15:FD:7F:DE:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cc65de9d-dc78-4e7d-96ff-16c3294057be.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:8f:72:86:e0:85:85:83:b4:9d:d5:43:6e:d4:4c:57:bd:09:
ea:17:e5:51:c0:43:c2:fa:78:70:5a:88:17:e9:ae:c4:96:16:
0c:5b:60:43:0e:36:d0:fa:fe:96:b5:4b:95:41:d2:b7:23:cf:
36:0e:0c:ee:7a:ca:a4:29:32:2c:a6:e5:be:2e:b4:f2:74:b4:
2a:41:c3:b3:e8:13:65:6c:8f:29:c5:44:8c:27:5a:14:07:b9:
f9:a2:ab:0e:7b:01:75:af:13:cc:72:2c:86:f1:3f:65:77:8f:
1e:a7:ce:48:98:fa:4d:26:cf:13:1b:88:3a:4d:b9:42:b4:5e:
f6:28:db:2d:85:ee:a2:38:4d:94:4c:ef:dc:f3:12:b0:fe:0e:
bf:5b:d0:a9:9e:0a:04:3a:e3:8b:0d:66:64:ec:51:b4:94:02:
34:5f:b1:d6:e8:30:5d:2f:db:dd:b9:88:15:27:4e:9e:de:18:
f4:ab:2f:1c:67:6a:c5:bf:e5:7a:0f:62:29:47:9f:5e:d5:24:
ff:56:7b:57:a1:05:f9:9b:c3:1c:f3:54:1e:e7:63:61:4b:e0:
ef:ad:f2:5b:7d:96:1f:86:c0:49:62:78:6e:af:a6:5d:f0:a1:
ac:01:7b:26:98:7b:2b:d7:1b:27:37:65:f5:eb:b5:ed:a1:7f:
9d:a4:05:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaKgxxQEhrr6u5yGxn6i7amnAt84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlMzhmYjI3MjU1YjQwYTU0N2Y0ODU1OWJlZjdjMTVmNTczNzcwYjNjN2Qx
NWQwNWZjY2YzOTgyYTI4MTdlMzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKx8qblKaBjd37fPRdK1bFeBxXswM+KIHtzKggmvhK+Lye3g+EsVMF/L+AeI
2KsUgBt9bzdFrgIquXX/J+aPQRe3TFxDFsveruAXBTV7f32+dW/KlLE875TL4HHr
TCSTqcAxiOPknuokd7ZYcpNyWygwipApjIry0kfdMCCz51HyK8CZxfTtZsYyBEBa
RjXyrHHn53YBJYDBJNR6l6tiXOLv+VUKQG0UTDe/mSFza9ByaMhDZHn86lYrtDQa
m1xgleRWMTLCJfaGZntcw72s3Cy0aL33bvxdRF2vQwfyhf8kEEWqE7iE2i8Q5oi8
0sFwP6tan4K6nqTsG1zICA0WCK0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQUFFQT
OIeiEHX7huCFYlMV/X/efzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2M2NWRlOWQtZGM3OC00ZTdkLTk2ZmYtMTZjMzI5NDA1N2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQBej3KG4IWFg7Sd1UNu1ExXvQnqF+VRwEPC+nhwWogX
6a7ElhYMW2BDDjbQ+v6WtUuVQdK3I882DgzuesqkKTIspuW+LrTydLQqQcOz6BNl
bI8pxUSMJ1oUB7n5oqsOewF1rxPMciyG8T9ld48ep85ImPpNJs8TG4g6TblCtF72
KNsthe6iOE2UTO/c8xKw/g6/W9CpngoEOuOLDWZk7FG0lAI0X7HW6DBdL9vduYgV
J06e3hj0qy8cZ2rFv+V6D2IpR59e1ST/VntXoQX5m8Mc81Qe52NhS+DvrfJbfZYf
hsBJYnhur6Zd8KGsAXsmmHsr1xsnN2X167XtoX+dpAW7
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:28 2023 by rpki-client on console-ams.rpki-client.org