Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: yXWvnySbomt3aZpjcJScYR9xHz0mCjOUGJoOBknoJQ4=
Subject key identifier: C9:AA:C8:BD:F3:C2:53:91:A8:9C:29:B8:42:3F:FE:F9:E2:BA:CB:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AF54D9774EBC8FABC97B6A47C914C3CE3EBA5CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Mon 18 Sep 2023 00:00:00 +0000
ROA not before: Mon 18 Sep 2023 00:00:00 +0000
ROA not after: Mon 23 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 19 Sep 2023 14:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f5:4d:97:74:eb:c8:fa:bc:97:b6:a4:7c:91:4c:3c:e3:eb:a5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 18 00:00:00 2023 GMT
Not After : Oct 23 23:59:59 2023 GMT
Subject: serialNumber=09bdf6b577473b0a856f938874575b29f1b50188c05c7cfee71d76d0d5117a00, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:16:e4:84:93:4d:17:06:39:c2:89:d1:ce:6b:
63:8b:26:58:b1:88:63:52:3d:74:80:d6:3b:71:04:
e8:69:10:d8:7d:b5:67:d3:a8:71:75:59:b0:4b:1d:
d5:15:48:01:3e:f6:8f:10:c0:1b:24:c8:b4:b0:df:
be:5d:bf:af:e2:d0:c2:9c:4e:29:50:6a:2b:f9:1e:
a1:d1:f4:6a:88:38:1e:e8:d8:36:ad:a7:a3:57:d0:
b9:56:f8:dd:57:81:bc:bf:cc:9b:84:f3:d2:52:fe:
c4:f0:14:d6:07:07:fc:e1:5e:15:29:b7:6c:b3:90:
cb:7e:8c:27:33:69:72:d1:af:c9:f5:b4:cb:f0:67:
8b:16:bf:69:3c:44:28:48:8c:b4:85:99:7a:35:b4:
f2:47:10:18:26:df:2b:1f:87:95:b4:43:9f:36:1c:
0a:82:58:2d:25:ef:71:47:65:dc:c5:62:2e:11:21:
67:1f:1e:74:10:d6:08:7f:d0:15:30:d6:1f:8c:65:
56:de:fe:6a:79:27:48:20:fb:22:61:d9:8e:b4:21:
df:56:31:0d:f0:c8:12:55:52:23:b8:9e:31:25:ea:
9d:79:77:7d:f8:27:17:14:b5:63:b5:8c:f5:4d:ab:
5e:e9:3d:37:77:ec:59:e5:e2:70:0b:4b:3d:12:cf:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AA:C8:BD:F3:C2:53:91:A8:9C:29:B8:42:3F:FE:F9:E2:BA:CB:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
7f:01:89:cd:2a:fe:44:0f:c9:d6:70:f0:26:90:92:4e:76:69:
3a:c0:3a:60:29:03:16:3d:02:a0:c7:e2:63:08:12:d5:24:63:
64:9b:0d:64:5f:e3:e0:1a:b5:4f:2d:ec:db:81:f5:a6:9a:14:
85:1b:59:45:68:64:af:90:d1:bf:f6:55:3e:a6:4e:e8:ae:66:
91:df:b8:24:dd:4a:09:e4:ee:ea:16:04:30:4c:0f:a2:ab:1a:
cd:92:56:6c:22:e9:67:70:d2:de:a8:1c:92:0d:44:e6:b1:a4:
62:b4:f9:10:37:4f:ea:4c:e6:08:ef:60:aa:5b:f5:1b:64:e2:
42:31:37:68:47:8d:ab:db:7a:b9:9a:ea:48:b4:a8:a2:05:e0:
88:2a:ea:ad:db:34:3c:cc:f2:25:b7:2c:c4:19:cd:6b:dc:c7:
ef:04:aa:b5:8a:ac:17:33:0b:73:32:5a:75:ad:4d:3c:95:02:
6c:8e:28:d9:e4:c6:1f:2c:e3:af:ca:e7:25:ef:1a:08:91:49:
a4:be:77:78:ac:c7:ad:90:ca:90:a7:a9:50:a2:10:4f:d3:9c:
01:5a:01:4c:f0:a2:a8:b6:40:9a:48:94:d4:05:10:eb:80:a4:
47:13:33:c2:18:45:01:1c:d9:8e:87:db:3d:b2:a7:51:43:8d:
99:99:bf:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOvVNl3TryPq8l7akfJFMPOPrpc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MTgwMDAwMDBaFw0yMzEwMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5YmRmNmI1Nzc0NzNiMGE4NTZmOTM4ODc0NTc1YjI5ZjFiNTAxODhjMDVj
N2NmZWU3MWQ3NmQwZDUxMTdhMDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALIW5ISTTRcGOcKJ0c5rY4smWLGIY1I9dIDWO3EE6GkQ2H21Z9OocXVZsEsd
1RVIAT72jxDAGyTItLDfvl2/r+LQwpxOKVBqK/keodH0aog4HujYNq2no1fQuVb4
3VeBvL/Mm4Tz0lL+xPAU1gcH/OFeFSm3bLOQy36MJzNpctGvyfW0y/Bnixa/aTxE
KEiMtIWZejW08kcQGCbfKx+HlbRDnzYcCoJYLSXvcUdl3MViLhEhZx8edBDWCH/Q
FTDWH4xlVt7+anknSCD7ImHZjrQh31YxDfDIElVSI7ieMSXqnXl3ffgnFxS1Y7WM
9U2rXuk9N3fsWeXicAtLPRLPE5sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTJqsi9
88JTkaicKbhCP/754rrLGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAfwGJzSr+RA/J1nDwJpCSTnZpOsA6YCkDFj0CoMfi
YwgS1SRjZJsNZF/j4Bq1Ty3s24H1ppoUhRtZRWhkr5DRv/ZVPqZO6K5mkd+4JN1K
CeTu6hYEMEwPoqsazZJWbCLpZ3DS3qgckg1E5rGkYrT5EDdP6kzmCO9gqlv1G2Ti
QjE3aEeNq9t6uZrqSLSoogXgiCrqrds0PMzyJbcsxBnNa9zH7wSqtYqsFzMLczJa
da1NPJUCbI4o2eTGHyzjr8rnJe8aCJFJpL53eKzHrZDKkKepUKIQT9OcAVoBTPCi
qLZAmkiU1AUQ64CkRxMzwhhFARzZjofbPbKnUUONmZm/aw==
-----END CERTIFICATE-----
Generated at Mon Sep 18 16:16:57 2023 by rpki-client on console-fra.rpki-client.org