Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
File: dd037aef-fb5d-4fe4-8126-0957b823de58.roa (raw, json)
Hash identifier: k9YSWl4SNQnqt0Bf71xXJ3dFxAlQ/aM7YItTrjgSoG8=
Subject key identifier: 1C:CE:22:D7:10:F0:CF:D6:12:36:59:FC:EB:D9:97:0B:39:1B:9E:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21898036B4961E50E975BE757FEF0862A32C4A86
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:89:80:36:b4:96:1e:50:e9:75:be:75:7f:ef:08:62:a3:2c:4a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=72b4385de60ebc9f35b9b6a3b38c78845164a9a3b6a83a238f511426d778e2f9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3c:35:3d:54:ed:6e:fa:2a:5b:ae:83:f4:25:
83:16:46:04:29:36:25:7b:7e:a7:92:ef:9d:dd:d8:
96:4e:1b:3b:eb:9a:f6:e8:18:ce:92:32:a6:cb:c1:
34:f0:f9:78:1d:01:25:55:eb:dc:56:a3:12:00:5a:
f8:a4:26:24:d2:15:bc:04:4f:b9:ee:7c:33:63:7e:
91:da:94:3f:68:e9:aa:d9:b3:bc:ba:e8:7e:80:39:
40:3e:f4:89:0e:9a:0b:58:45:ce:65:f6:27:08:3c:
b5:92:1e:82:0b:cc:61:5a:43:e3:16:21:93:87:36:
3b:f7:e1:25:61:d2:ff:74:3e:d3:e6:51:77:b2:c1:
d9:c4:ed:23:af:b2:a6:1d:1e:63:c4:6a:d3:f7:e2:
83:ae:59:69:a6:6c:bc:7b:8b:62:07:52:dc:93:96:
24:ce:06:ae:b1:7c:ff:de:91:c6:64:ce:17:68:ff:
0b:0b:8f:19:bd:78:bd:29:b9:47:ea:e5:a1:5f:aa:
f8:39:0a:9b:7a:43:05:53:98:1c:d5:f0:3f:26:3d:
da:91:8f:ed:c7:37:93:23:7d:c8:0c:53:b4:81:f4:
af:60:4c:87:40:64:a8:a1:f4:bc:b5:ab:c8:4c:26:
46:84:37:f3:71:66:5d:fa:13:1b:4f:86:7f:18:bb:
34:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CE:22:D7:10:F0:CF:D6:12:36:59:FC:EB:D9:97:0B:39:1B:9E:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dd037aef-fb5d-4fe4-8126-0957b823de58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1100::/40
Signature Algorithm: sha256WithRSAEncryption
06:28:b1:38:ba:b3:1d:36:96:19:3d:df:af:e9:09:78:01:cc:
b1:6a:ba:00:0b:bb:7a:82:c2:9a:5c:54:52:c1:60:3f:d7:a2:
44:83:fe:f7:07:a7:e9:69:8d:c4:94:5b:89:ec:ad:96:f2:c0:
7f:25:04:6e:0c:2f:58:9a:73:38:b7:fe:c9:6c:cf:8f:f2:94:
ee:54:fc:d5:90:7b:61:50:8d:cf:26:db:60:dd:fc:70:26:51:
44:ab:f5:d3:c4:31:1f:94:18:99:72:01:71:fc:c3:fc:f9:f4:
bf:11:3c:29:89:ad:ed:85:95:e4:ad:f8:7d:70:54:1a:3a:02:
df:cd:1c:b3:82:80:dc:5c:cd:73:c7:f1:50:67:6f:aa:c4:51:
be:8c:67:2e:b3:0f:83:c5:c6:0c:77:0f:dd:82:b5:ef:d4:4a:
92:3b:48:a2:bf:9e:17:eb:ab:ff:56:d8:e8:86:c0:73:6e:19:
2f:36:96:a1:16:a3:29:e7:f8:a3:5e:8d:7c:be:99:ee:e8:27:
26:78:c6:0b:54:44:c1:92:cc:90:58:ed:86:fc:6f:80:2e:93:
24:b6:8a:8f:43:80:6e:f0:59:f3:7d:f8:53:e0:0e:07:4a:63:
a9:22:3e:00:de:65:75:58:e8:08:83:9a:fc:0e:fe:cc:5b:1a:
2e:e7:f9:65
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIYmANrSWHlDpdb51f+8IYqMsSoYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYjQzODVkZTYwZWJjOWYzNWI5YjZhM2IzOGM3ODg0NTE2NGE5YTNiNmE4
M2EyMzhmNTExNDI2ZDc3OGUyZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKs8NT1U7W76Kluug/QlgxZGBCk2JXt+p5Lvnd3Ylk4bO+ua9ugYzpIypsvB
NPD5eB0BJVXr3FajEgBa+KQmJNIVvARPue58M2N+kdqUP2jpqtmzvLrofoA5QD70
iQ6aC1hFzmX2Jwg8tZIeggvMYVpD4xYhk4c2O/fhJWHS/3Q+0+ZRd7LB2cTtI6+y
ph0eY8Rq0/fig65ZaaZsvHuLYgdS3JOWJM4GrrF8/96RxmTOF2j/CwuPGb14vSm5
R+rloV+q+DkKm3pDBVOYHNXwPyY92pGP7cc3kyN9yAxTtIH0r2BMh0BkqKH0vLWr
yEwmRoQ383FmXfoTG0+Gfxi7NK8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQcziLX
EPDP1hI2Wfzr2ZcLORue6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGQwMzdhZWYtZmI1ZC00ZmU0LTgxMjYtMDk1N2I4MjNkZTU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoBBXgR
MA0GCSqGSIb3DQEBCwUAA4IBAQAGKLE4urMdNpYZPd+v6Ql4AcyxaroAC7t6gsKa
XFRSwWA/16JEg/73B6fpaY3ElFuJ7K2W8sB/JQRuDC9YmnM4t/7JbM+P8pTuVPzV
kHthUI3PJttg3fxwJlFEq/XTxDEflBiZcgFx/MP8+fS/ETwpia3thZXkrfh9cFQa
OgLfzRyzgoDcXM1zx/FQZ2+qxFG+jGcusw+DxcYMdw/dgrXv1EqSO0iiv54X66v/
VtjohsBzbhkvNpahFqMp5/ijXo18vpnu6CcmeMYLVETBksyQWO2G/G+ALpMktoqP
Q4Bu8FnzffhT4A4HSmOpIj4A3mV1WOgIg5r8Dv7MWxou5/ll
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:32 2023 by rpki-client on console-fra.rpki-client.org