Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: N4IGKbrcWIc9zJz4vcKJbYgyfIVsQ8WsHtXLnmTokTc=
Subject key identifier: 8B:DD:FD:AC:C9:A8:35:A9:E1:E9:E7:58:78:77:C7:5E:BC:AD:3F:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A2984692194E1650ED8ACA606C1990BC0E05988
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:29:84:69:21:94:e1:65:0e:d8:ac:a6:06:c1:99:0b:c0:e0:59:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=2bc5ecdf47e3f78bc149cac533b9db17b920bdec33faf1c86b6dc9c1e1fa6af2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2a:cf:04:94:b6:ec:0c:1e:50:a0:32:e9:f5:
e2:10:4f:7f:cc:05:c6:3e:4c:80:87:1d:3c:ba:83:
72:c2:1c:12:dc:3b:13:f4:d6:48:f8:92:11:61:fb:
d1:3b:11:61:c5:ec:17:fd:0d:f7:fb:13:d0:38:c1:
86:9e:2d:a3:4d:fb:d9:6a:e5:89:29:af:a3:72:d0:
66:94:f8:2c:72:18:5b:dc:b2:a7:d1:6f:96:3c:30:
ee:77:d9:7f:10:41:f4:a9:c7:c6:c6:bf:3c:0e:58:
03:27:4c:c0:16:89:90:f2:ad:95:8c:8c:23:d3:c5:
6f:71:45:b3:3e:bb:f9:ed:30:7a:b2:6e:d3:1d:f3:
36:7a:95:01:93:0f:2f:f4:e9:ff:42:38:58:12:13:
9e:39:9f:6f:35:3a:a6:63:52:8f:4c:c2:69:e4:34:
cd:bc:1a:17:43:52:91:c4:99:e0:87:d8:da:f6:f1:
fa:92:c8:62:5a:6f:3a:1a:55:71:e7:14:82:0a:c7:
00:26:9c:4e:1e:84:99:b5:38:2e:1e:32:ba:d1:b6:
15:95:ae:17:39:f3:e4:13:0e:46:df:29:be:f7:be:
2a:b6:32:d5:fb:99:6b:c4:95:09:1b:41:c6:93:d7:
82:91:07:a6:28:b4:59:41:36:b0:da:30:1d:1e:38:
b0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DD:FD:AC:C9:A8:35:A9:E1:E9:E7:58:78:77:C7:5E:BC:AD:3F:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
07:3d:b6:a8:6d:7e:05:a7:79:54:37:01:b1:a5:cf:e7:14:f6:
5f:d3:45:9a:e4:62:84:1b:33:52:d8:80:34:2f:dc:ef:4d:2d:
1f:59:75:01:a1:89:4e:89:e5:21:88:27:29:05:f8:af:62:97:
ef:fa:78:9b:4e:6e:77:d4:a3:13:7f:65:f4:86:0d:f9:df:f0:
0c:7a:aa:ab:f1:b1:3e:7b:af:e6:a5:17:81:c7:64:f0:b7:a6:
6f:85:82:ae:33:3e:58:06:f4:c7:e5:c9:72:7e:38:17:ab:8f:
87:90:66:96:c4:d5:8f:5c:24:24:58:d4:98:0e:76:b3:99:0a:
85:58:fc:ba:8a:db:c4:a2:82:db:f4:1f:76:6c:c9:97:2f:a9:
87:19:11:0f:8a:73:ab:8a:54:5a:9a:a6:67:75:a0:8b:84:df:
85:b5:4b:0c:37:72:64:cc:6f:a9:d6:da:b9:27:4b:37:2b:b5:
13:c5:f3:80:61:30:d9:f0:8f:e2:80:e1:16:71:d8:80:33:e9:
43:ee:b2:47:ec:aa:88:48:a4:65:2c:b4:3e:8f:62:e4:9b:ce:
1b:1c:7f:49:af:af:36:8c:dc:d6:f5:c6:94:a4:56:ae:7b:73:
ed:1a:45:9a:14:2b:d7:81:43:33:a9:aa:e8:62:78:35:1c:9e:
24:3b:1b:93
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeimEaSGU4WUO2KymBsGZC8DgWYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiYzVlY2RmNDdlM2Y3OGJjMTQ5Y2FjNTMzYjlkYjE3YjkyMGJkZWMzM2Zh
ZjFjODZiNmRjOWMxZTFmYTZhZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJgqzwSUtuwMHlCgMun14hBPf8wFxj5MgIcdPLqDcsIcEtw7E/TWSPiSEWH7
0TsRYcXsF/0N9/sT0DjBhp4to0372WrliSmvo3LQZpT4LHIYW9yyp9Fvljww7nfZ
fxBB9KnHxsa/PA5YAydMwBaJkPKtlYyMI9PFb3FFsz67+e0werJu0x3zNnqVAZMP
L/Tp/0I4WBITnjmfbzU6pmNSj0zCaeQ0zbwaF0NSkcSZ4IfY2vbx+pLIYlpvOhpV
cecUggrHACacTh6EmbU4Lh4yutG2FZWuFznz5BMORt8pvve+KrYy1fuZa8SVCRtB
xpPXgpEHpii0WUE2sNowHR44sKsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSL3f2s
yag1qeHp51h4d8devK0/cTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEABz22qG1+Bad5VDcBsaXP5xT2X9NFmuRihBszUtiA
NC/c700tH1l1AaGJTonlIYgnKQX4r2KX7/p4m05ud9SjE39l9IYN+d/wDHqqq/Gx
Pnuv5qUXgcdk8Lemb4WCrjM+WAb0x+XJcn44F6uPh5BmlsTVj1wkJFjUmA52s5kK
hVj8uorbxKKC2/QfdmzJly+phxkRD4pzq4pUWpqmZ3Wgi4TfhbVLDDdyZMxvqdba
uSdLNyu1E8XzgGEw2fCP4oDhFnHYgDPpQ+6yR+yqiEikZSy0Po9i5JvOGxx/Sa+v
Nozc1vXGlKRWrntz7RpFmhQr14FDM6mq6GJ4NRyeJDsbkw==
-----END CERTIFICATE-----
Generated at Fri Sep 8 16:41:10 2023 by rpki-client on console-ams.rpki-client.org