Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: 8Sr7exsh4IN9ypJc0TZ6RHlkm2xiOHY3jb0jB0kmtek=
Subject key identifier: 30:EE:77:66:D3:71:CA:2D:83:44:72:1E:C4:A6:9E:1C:CD:CE:4D:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 68C1A478BC4BE7FE6AD03C76B81B13A00BA5E1BB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Wed 06 Sep 2023 00:00:00 +0000
ROA not before: Wed 06 Sep 2023 00:00:00 +0000
ROA not after: Wed 11 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Sep 2023 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:c1:a4:78:bc:4b:e7:fe:6a:d0:3c:76:b8:1b:13:a0:0b:a5:e1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 6 00:00:00 2023 GMT
Not After : Oct 11 23:59:59 2023 GMT
Subject: serialNumber=aefdfee522cec0f7759d0f7f2685a9bc0a395fe2de524601e931bd258c6d308a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7e:52:9b:85:05:1e:7f:27:db:a4:7a:d6:df:
20:3b:2d:90:be:ce:32:91:0c:e9:2b:1d:af:5e:67:
f9:11:26:d2:8d:07:01:f8:79:91:c0:88:dc:16:65:
e3:67:b3:94:0a:16:41:6c:51:a4:3d:65:77:a1:ec:
e2:51:c0:ed:d4:88:92:25:6a:ba:4b:7d:cc:c0:47:
18:37:9c:e3:15:e9:91:91:46:86:3b:b7:83:97:56:
8f:b9:8f:b0:fe:ff:68:ec:30:0a:f0:35:af:74:fe:
8c:fb:c8:6e:b0:56:91:ff:ee:b9:a8:37:60:16:35:
cf:cb:5c:cb:98:dd:86:25:5c:d0:a3:39:f4:f8:b9:
79:6f:98:e6:b0:bc:f9:94:11:45:69:2c:da:41:bc:
88:fc:7f:f3:5a:03:12:6b:bf:b9:88:0c:8e:ed:64:
67:0a:ba:37:2d:56:a4:33:8f:60:cd:06:ad:32:78:
cb:01:e0:46:52:0f:67:b5:38:e2:ff:fc:f0:eb:64:
72:10:f9:a5:10:e5:fe:45:3a:7b:bc:59:d7:1b:49:
a1:f1:8d:c0:2b:0e:af:9e:3e:2f:fa:91:5a:54:35:
3b:1c:45:79:77:df:42:43:42:08:93:a8:1f:1d:66:
83:33:d5:7e:9f:95:76:c8:ee:14:ae:53:61:60:1c:
95:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EE:77:66:D3:71:CA:2D:83:44:72:1E:C4:A6:9E:1C:CD:CE:4D:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:a8:db:1c:89:09:4b:c3:b4:60:b1:0e:82:bd:bc:81:03:31:
0a:4e:89:8e:78:7e:c1:cb:0c:ed:d8:41:8a:fa:91:1e:14:99:
d3:b5:3e:1c:92:a9:00:38:fd:2a:0d:7a:b5:48:5f:b7:f9:b1:
c2:c3:f4:1a:69:72:93:d9:69:a3:c1:13:9a:49:54:cc:e8:95:
8b:51:47:65:3a:35:e5:c1:06:e7:36:5d:3e:a4:73:4f:1e:c7:
03:4f:ec:18:f2:ba:ce:bd:6e:2b:b1:59:4e:73:fc:51:7d:19:
b0:c0:36:47:7d:47:cc:3c:e3:d4:f1:ae:be:aa:ce:05:fc:e2:
31:e9:67:77:48:53:46:49:ae:dd:b1:07:28:f3:1f:5f:6a:71:
5b:c9:54:72:96:9f:0d:5c:8c:72:b9:22:46:ba:ec:40:62:6d:
0a:7e:c8:f8:a5:75:09:77:6e:37:48:38:44:8f:cf:87:dd:29:
e3:b8:4e:eb:17:4e:56:4f:ea:e6:fb:34:16:08:9b:f9:21:11:
4c:37:e5:8f:4a:af:a1:b1:4a:59:d7:b9:0b:6f:ea:1d:8a:80:
04:2f:ed:3f:9f:58:40:36:da:e7:1f:95:47:61:15:d8:74:0d:
60:c4:95:4d:1c:2d:03:18:70:b6:5d:8e:70:e8:67:8b:54:de:
a8:c9:b5:88
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaMGkeLxL5/5q0Dx2uBsToAul4bswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDYwMDAwMDBaFw0yMzEwMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlZmRmZWU1MjJjZWMwZjc3NTlkMGY3ZjI2ODVhOWJjMGEzOTVmZTJkZTUy
NDYwMWU5MzFiZDI1OGM2ZDMwOGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANd+UpuFBR5/J9uketbfIDstkL7OMpEM6Ssdr15n+REm0o0HAfh5kcCI3BZl
42ezlAoWQWxRpD1ld6Hs4lHA7dSIkiVqukt9zMBHGDec4xXpkZFGhju3g5dWj7mP
sP7/aOwwCvA1r3T+jPvIbrBWkf/uuag3YBY1z8tcy5jdhiVc0KM59Pi5eW+Y5rC8
+ZQRRWks2kG8iPx/81oDEmu/uYgMju1kZwq6Ny1WpDOPYM0GrTJ4ywHgRlIPZ7U4
4v/88OtkchD5pRDl/kU6e7xZ1xtJofGNwCsOr54+L/qRWlQ1OxxFeXffQkNCCJOo
Hx1mgzPVfp+VdsjuFK5TYWAclRkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQw7ndm
03HKLYNEch7Epp4czc5NyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQBdqNsciQlLw7RgsQ6CvbyBAzEKTomOeH7Bywzt2EGK
+pEeFJnTtT4ckqkAOP0qDXq1SF+3+bHCw/QaaXKT2WmjwROaSVTM6JWLUUdlOjXl
wQbnNl0+pHNPHscDT+wY8rrOvW4rsVlOc/xRfRmwwDZHfUfMPOPU8a6+qs4F/OIx
6Wd3SFNGSa7dsQco8x9fanFbyVRylp8NXIxyuSJGuuxAYm0Kfsj4pXUJd243SDhE
j8+H3SnjuE7rF05WT+rm+zQWCJv5IRFMN+WPSq+hsUpZ17kLb+odioAEL+0/n1hA
NtrnH5VHYRXYdA1gxJVNHC0DGHC2XY5w6GeLVN6oybWI
-----END CERTIFICATE-----
Generated at Wed Sep 6 00:32:41 2023 by rpki-client on console-ams.rpki-client.org