Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: g5Y/Rg659aQXk3KFEsAro9L9SNf99kd4j65pUZGlRSo=
Subject key identifier: E1:90:E5:68:D5:D6:B5:18:10:7E:A9:81:51:69:EC:9C:B9:22:6C:28
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DC8C530F5898CB77E9B0826201AAAF28E323F80
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Sep 2023 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:c8:c5:30:f5:89:8c:b7:7e:9b:08:26:20:1a:aa:f2:8e:32:3f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=5ad7b503be56e8dc67555492282eef534b38118491aa1682b6b203e10ffa46ce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:53:63:11:b5:6b:4a:62:09:94:e5:ac:e6:ab:
6d:d5:b6:20:45:e2:8a:79:b9:9b:e9:7e:98:81:4e:
ff:91:c0:2c:30:da:6a:eb:46:90:72:fb:9f:27:ea:
ab:b4:e2:86:a2:8b:1e:a3:50:1e:d4:75:21:62:be:
a2:88:d2:d0:95:18:79:30:fb:de:79:f6:5e:66:be:
ac:eb:c5:7c:5c:c0:fc:1b:73:87:5a:0d:8e:4b:32:
cd:41:da:69:43:1d:ae:b8:be:f2:f8:b8:c7:72:52:
e3:29:1b:a7:ae:00:9c:94:78:67:37:f6:3b:5d:34:
1e:b8:c7:49:c7:4c:89:a7:79:5a:3d:51:85:58:83:
cf:aa:ae:83:de:18:b5:b6:f6:cf:4c:2f:1b:9f:d9:
be:3f:a6:bb:0b:86:a7:0a:53:e6:ce:40:ae:63:42:
11:9c:43:ab:10:7b:5f:98:fd:44:8e:c1:31:62:a5:
59:7f:96:7b:da:d2:dc:bd:d3:da:a1:c8:f0:21:cb:
7c:af:da:72:91:88:c6:b2:9f:80:ef:79:cd:7e:d3:
60:11:dc:11:b2:d1:c1:fd:09:95:6a:cd:81:62:ed:
da:eb:49:8b:27:61:e0:42:2d:c6:e2:14:56:b9:25:
d1:66:6e:bf:74:61:07:6b:13:8c:45:50:f2:d4:4f:
57:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:90:E5:68:D5:D6:B5:18:10:7E:A9:81:51:69:EC:9C:B9:22:6C:28
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:f3:8f:bb:74:f7:c1:32:81:a2:1b:eb:45:bf:e6:7e:47:0d:
ea:d5:e4:77:7a:33:f9:80:31:bb:00:ab:ca:7d:10:cf:d8:33:
dd:c8:17:4a:87:40:47:b0:59:f2:59:30:8b:76:ae:76:43:7c:
c8:fa:2a:f5:7c:be:a7:2b:96:24:2e:76:88:26:c3:54:df:d7:
dd:69:45:b4:5b:c7:02:32:dc:9d:78:53:28:df:bc:be:20:61:
aa:c9:58:e8:32:d6:da:15:b0:fc:7a:8a:7d:5b:4f:60:75:5e:
6a:4b:1a:d6:96:ec:e6:67:91:61:4d:6c:44:cd:2f:00:06:9c:
fe:40:35:7a:f4:55:30:1d:5c:d2:ac:e8:8a:b5:a2:09:17:b3:
7d:92:43:80:c5:16:fb:b3:2b:83:11:ea:91:ef:a8:67:67:59:
0e:56:fb:13:46:b5:54:0e:fe:47:d9:0b:46:af:a5:f6:b9:78:
6c:e2:fa:e0:2a:5f:eb:4e:76:1d:a3:c0:bc:df:f1:6f:42:b9:
a7:09:13:4f:e6:f3:71:d2:6a:0f:c5:2d:d0:43:f9:1c:93:9b:
c8:83:81:00:ef:d4:ba:aa:ba:06:6f:57:c9:02:ac:a7:85:4f:
c8:59:f5:c0:1c:b5:30:a2:55:b4:69:00:24:b8:0f:2c:13:49:
b0:8d:4d:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfcjFMPWJjLd+mwgmIBqq8o4yP4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhZDdiNTAzYmU1NmU4ZGM2NzU1NTQ5MjI4MmVlZjUzNGIzODExODQ5MWFh
MTY4MmI2YjIwM2UxMGZmYTQ2Y2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxTYxG1a0piCZTlrOarbdW2IEXiinm5m+l+mIFO/5HALDDaautGkHL7nyfq
q7TihqKLHqNQHtR1IWK+oojS0JUYeTD73nn2Xma+rOvFfFzA/Btzh1oNjksyzUHa
aUMdrri+8vi4x3JS4ykbp64AnJR4Zzf2O100HrjHScdMiad5Wj1RhViDz6qug94Y
tbb2z0wvG5/Zvj+muwuGpwpT5s5ArmNCEZxDqxB7X5j9RI7BMWKlWX+We9rS3L3T
2qHI8CHLfK/acpGIxrKfgO95zX7TYBHcEbLRwf0JlWrNgWLt2utJiydh4EItxuIU
Vrkl0WZuv3RhB2sTjEVQ8tRPV+sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThkOVo
1da1GBB+qYFRaeycuSJsKDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQC484+7dPfBMoGiG+tFv+Z+Rw3q1eR3ejP5gDG7AKvK
fRDP2DPdyBdKh0BHsFnyWTCLdq52Q3zI+ir1fL6nK5YkLnaIJsNU39fdaUW0W8cC
MtydeFMo37y+IGGqyVjoMtbaFbD8eop9W09gdV5qSxrWluzmZ5FhTWxEzS8ABpz+
QDV69FUwHVzSrOiKtaIJF7N9kkOAxRb7syuDEeqR76hnZ1kOVvsTRrVUDv5H2QtG
r6X2uXhs4vrgKl/rTnYdo8C83/FvQrmnCRNP5vNx0moPxS3QQ/kck5vIg4EA79S6
qroGb1fJAqynhU/IWfXAHLUwolW0aQAkuA8sE0mwjU3g
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org