Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: Lp5Lgmv6Dk3FHKZORaspUNopy0FBpZeExL/Ik58AcvQ=
Subject key identifier: 77:D2:8E:21:54:5D:05:CB:AF:6D:CC:ED:8C:65:08:20:C0:04:29:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F81EE23F512C8F6ED08250617396180F5D7075F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:81:ee:23:f5:12:c8:f6:ed:08:25:06:17:39:61:80:f5:d7:07:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=7e209e01bbf5eef490408a08800d65788e6e86b65024c0c134582fd11925b9f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:24:da:f2:4b:88:be:b6:ac:aa:2d:4c:ae:a2:
aa:75:26:8f:47:48:b9:07:df:20:5a:ec:de:46:42:
2c:18:31:19:8d:66:ee:df:28:1e:96:7f:c2:0e:78:
68:69:3d:d5:f5:2f:a1:bb:90:74:2f:6b:51:69:e2:
1e:2b:9e:01:0f:a0:38:4b:11:29:9e:7d:4a:10:94:
ef:d7:6e:f3:9c:ec:ff:96:7f:2b:89:90:33:21:f9:
cb:87:4a:5a:25:43:bd:de:3b:2c:36:ed:e9:f0:76:
dc:1c:b3:fc:1c:9f:b3:c1:0b:a9:7b:7b:1d:ac:ac:
f0:2d:77:48:f2:72:d2:25:13:08:9b:e4:7d:6b:58:
a4:d0:12:7b:16:f2:d1:c4:5c:f9:1a:08:8a:75:01:
b1:f5:59:9b:1a:c0:ce:78:6c:23:e4:89:ad:e8:be:
9c:54:a6:d9:b4:fd:b9:a0:6d:79:cf:e7:26:ab:b2:
64:51:a6:56:fa:a6:a9:f2:fd:91:93:cb:04:4a:37:
44:11:d4:95:46:b6:ec:d8:63:93:a7:05:60:5e:df:
10:36:48:59:d8:f5:77:9b:8e:0f:7d:df:59:71:34:
5e:47:67:38:70:3d:d2:de:f9:54:a8:95:79:05:33:
a4:cd:f7:b8:20:ec:0e:bd:d4:14:55:cd:4f:f0:5b:
b1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D2:8E:21:54:5D:05:CB:AF:6D:CC:ED:8C:65:08:20:C0:04:29:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:f4:06:6b:89:91:59:21:f5:1b:36:24:5f:41:14:f7:93:99:
ca:21:5e:34:d5:d5:3d:5f:60:a4:88:f0:24:a7:f3:9d:3b:71:
b3:b2:73:66:00:c7:5c:75:eb:55:07:99:57:f8:0a:c0:39:8c:
8e:11:8f:9a:10:93:03:c1:a1:e8:4b:fb:d1:5a:3d:f2:20:74:
88:d6:57:73:14:dd:c1:ac:ee:8c:b3:3e:81:f3:e9:cd:b1:16:
43:6f:d9:a8:fc:ab:55:fe:5f:e8:c4:86:e1:1b:41:c3:96:38:
27:9e:c6:08:9e:f9:b8:ce:90:5c:a8:1d:ac:6f:64:d0:3f:dc:
74:b4:d4:47:83:df:1e:92:8b:e4:79:f5:9b:0d:3e:8d:a0:f3:
03:47:03:1c:21:bc:35:88:f3:d9:ba:f1:09:47:3d:00:bd:c4:
a8:ed:7d:46:d0:85:ab:21:d3:c9:0a:f4:0f:5c:4e:08:f6:b9:
be:61:6e:7c:e2:12:6f:35:62:4d:18:d5:23:7f:f6:fe:7d:ea:
bd:e6:50:c3:03:ef:c9:95:1c:67:e2:bc:52:bf:51:2d:a6:05:
14:cc:79:d6:6d:e4:66:ad:39:6c:9e:9a:83:be:bc:cb:cc:5b:
22:3f:e1:27:e3:92:70:b4:90:6e:5e:ac:b9:5c:9d:b0:eb:9f:
a9:3a:0d:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL4HuI/USyPbtCCUGFzlhgPXXB18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlMjA5ZTAxYmJmNWVlZjQ5MDQwOGEwODgwMGQ2NTc4OGU2ZTg2YjY1MDI0
YzBjMTM0NTgyZmQxMTkyNWI5ZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAk2vJLiL62rKotTK6iqnUmj0dIuQffIFrs3kZCLBgxGY1m7t8oHpZ/wg54
aGk91fUvobuQdC9rUWniHiueAQ+gOEsRKZ59ShCU79du85zs/5Z/K4mQMyH5y4dK
WiVDvd47LDbt6fB23Byz/Byfs8ELqXt7Hays8C13SPJy0iUTCJvkfWtYpNASexby
0cRc+RoIinUBsfVZmxrAznhsI+SJrei+nFSm2bT9uaBtec/nJquyZFGmVvqmqfL9
kZPLBEo3RBHUlUa27Nhjk6cFYF7fEDZIWdj1d5uOD33fWXE0XkdnOHA90t75VKiV
eQUzpM33uCDsDr3UFFXNT/BbsdMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR30o4h
VF0Fy69tzO2MZQggwAQpzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQAI9AZriZFZIfUbNiRfQRT3k5nKIV401dU9X2CkiPAk
p/OdO3GzsnNmAMdcdetVB5lX+ArAOYyOEY+aEJMDwaHoS/vRWj3yIHSI1ldzFN3B
rO6Msz6B8+nNsRZDb9mo/KtV/l/oxIbhG0HDljgnnsYInvm4zpBcqB2sb2TQP9x0
tNRHg98ekovkefWbDT6NoPMDRwMcIbw1iPPZuvEJRz0AvcSo7X1G0IWrIdPJCvQP
XE4I9rm+YW584hJvNWJNGNUjf/b+feq95lDDA+/JlRxn4rxSv1EtpgUUzHnWbeRm
rTlsnpqDvrzLzFsiP+En45JwtJBuXqy5XJ2w65+pOg0U
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:19:12 2023 by rpki-client on console-fra.rpki-client.org