Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
File: ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa (raw, json)
Hash identifier: 2uKd2KQfTUIPe9TtLi02TXPLuLMLJgSNf4ASVasdaIk=
Subject key identifier: 51:3E:C5:08:C7:91:CB:4D:26:F0:26:13:D0:04:44:67:1F:86:C0:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5A22A56E92139E07E133A2C14B7EAB33FA61E438
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:22:a5:6e:92:13:9e:07:e1:33:a2:c1:4b:7e:ab:33:fa:61:e4:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=dfc0208382a163b074a045a43e233fa2f28ae579c02ee73f3d73da3f351a2eca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:43:d1:ec:17:49:ac:60:f8:c7:28:0b:cc:4c:
35:b1:36:ed:6a:9c:c5:5d:d4:10:e0:68:54:fa:75:
1a:d9:27:ce:ce:80:85:e0:15:24:04:9d:e4:85:b1:
76:2e:72:7e:65:52:65:3b:38:dd:a2:53:a3:06:05:
71:00:98:df:d6:ea:60:fd:6e:3a:4c:70:b9:71:41:
69:60:ae:4a:0c:e7:59:b0:28:dc:43:8a:a7:f5:e6:
2a:10:98:6c:aa:b4:40:39:49:76:7f:63:a9:93:c4:
09:2a:ff:74:c7:7b:16:83:4f:e3:ad:0f:ad:28:8f:
17:f9:51:1c:c3:99:6f:ee:f6:e7:11:2e:29:51:6f:
f3:c5:71:87:9f:84:46:d6:af:a5:5d:40:49:be:38:
09:b4:26:d9:db:59:7f:96:87:26:49:24:59:22:7f:
2b:c9:a2:72:7a:e9:b6:61:58:71:a6:88:06:63:34:
de:6c:bc:74:bf:da:87:04:04:24:41:b3:a0:0c:1b:
f3:9d:e4:33:f3:83:9b:db:36:b3:03:3f:9d:4e:5f:
31:d7:48:c2:5a:9a:b6:dc:3a:e7:87:7b:39:9d:13:
c9:6f:bc:0d:4f:74:64:56:2a:70:aa:2c:d5:22:31:
3a:c9:8c:c7:18:46:f2:49:1e:b5:a1:04:96:e7:1c:
a3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3E:C5:08:C7:91:CB:4D:26:F0:26:13:D0:04:44:67:1F:86:C0:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d0:2e:e1:ce:2b:61:15:6e:2f:19:4c:e9:a5:32:23:25:c3:4d:
86:35:05:93:1f:6c:cf:ff:cb:bd:5a:bd:fd:b0:cf:d9:f1:fe:
85:5a:53:09:bf:e3:cb:ba:e3:f1:5f:d6:a4:e6:6a:30:57:ae:
ac:b0:57:75:ff:f6:b7:fa:c7:6c:e8:8f:1a:c7:97:45:45:83:
f4:cd:c3:75:66:50:df:44:23:8d:a3:46:ed:b2:33:c7:a7:39:
21:67:39:66:ea:c3:86:a2:7c:33:8e:46:11:9d:6b:8a:5b:e6:
5c:b6:60:37:8c:f5:fb:6d:c5:f5:7c:34:aa:2d:1a:bb:c2:d6:
02:f4:dc:8a:12:52:92:0a:0e:c6:08:62:76:2d:d2:f6:99:0a:
54:d8:9f:0e:d9:b7:b7:5b:c2:aa:95:43:a3:0c:ae:8f:7f:12:
35:22:72:f7:f3:68:86:e8:ec:f3:0d:31:af:3d:52:2a:f8:38:
56:3f:90:cf:de:1c:6e:cf:45:40:dd:80:94:a3:96:35:fa:4a:
40:90:ff:64:be:01:9e:15:f7:de:e1:dd:39:65:00:0a:88:d3:
32:c5:4a:f5:a1:49:03:8f:26:ca:1e:72:8c:db:e9:61:92:98:
1d:39:d2:9e:4a:1a:bc:1f:92:b6:20:a2:e5:8e:cd:cb:5b:2d:
9b:09:2e:cf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWiKlbpITngfhM6LBS36rM/ph5DgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmYzAyMDgzODJhMTYzYjA3NGEwNDVhNDNlMjMzZmEyZjI4YWU1NzljMDJl
ZTczZjNkNzNkYTNmMzUxYTJlY2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5D0ewXSaxg+McoC8xMNbE27WqcxV3UEOBoVPp1Gtknzs6AheAVJASd5IWx
di5yfmVSZTs43aJTowYFcQCY39bqYP1uOkxwuXFBaWCuSgznWbAo3EOKp/XmKhCY
bKq0QDlJdn9jqZPECSr/dMd7FoNP460PrSiPF/lRHMOZb+725xEuKVFv88Vxh5+E
RtavpV1ASb44CbQm2dtZf5aHJkkkWSJ/K8micnrptmFYcaaIBmM03my8dL/ahwQE
JEGzoAwb853kM/ODm9s2swM/nU5fMddIwlqattw654d7OZ0TyW+8DU90ZFYqcKos
1SIxOsmMxxhG8kketaEElucco9sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRRPsUI
x5HLTSbwJhPQBERnH4bAPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2U4N2RiYjktNDQxMy00MmMyLWJhODEtNDRjY2RmOTViZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQDQLuHOK2EVbi8ZTOmlMiMlw02GNQWTH2zP/8u9Wr39
sM/Z8f6FWlMJv+PLuuPxX9ak5mowV66ssFd1//a3+sds6I8ax5dFRYP0zcN1ZlDf
RCONo0btsjPHpzkhZzlm6sOGonwzjkYRnWuKW+ZctmA3jPX7bcX1fDSqLRq7wtYC
9NyKElKSCg7GCGJ2LdL2mQpU2J8O2be3W8KqlUOjDK6PfxI1InL382iG6OzzDTGv
PVIq+DhWP5DP3hxuz0VA3YCUo5Y1+kpAkP9kvgGeFffe4d05ZQAKiNMyxUr1oUkD
jybKHnKM2+lhkpgdOdKeShq8H5K2IKLljs3LWy2bCS7P
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org