Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: UiId1pu3FgRkaQLpjSL2RPF7NBTK2Sdk4E2IM46pIl4=
Subject key identifier: 9A:BE:4B:C0:19:55:21:EE:D4:93:A9:E0:2E:2F:2B:D7:95:2C:DF:58
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A455BFB1CF36C0C26F7C69CA734BA9CDB51AF0D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:45:5b:fb:1c:f3:6c:0c:26:f7:c6:9c:a7:34:ba:9c:db:51:af:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=47a0072c50e8a415555a0b6219857ed255836a945fbdb154f7e2a2e33dadda8c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cf:1c:31:25:d5:d2:d8:af:26:54:f5:72:a8:
16:e1:db:83:c0:bc:04:cf:55:3e:ae:bb:0f:d4:00:
9b:19:3f:32:80:da:5c:95:cb:25:3f:c2:d7:f0:96:
f4:98:7e:ac:16:5a:e3:f7:c5:76:55:a0:89:2f:91:
3e:65:cc:bb:bf:b8:a5:df:e6:eb:97:1e:84:ce:3b:
2e:b5:79:f7:ca:44:62:7e:e0:2b:3b:17:fd:5e:f9:
34:81:e8:53:59:b4:a2:23:53:e6:69:97:18:a0:9e:
46:80:a8:4e:ac:77:99:3a:f3:a3:f7:14:22:32:28:
b7:6a:28:28:5a:55:e6:60:79:2e:48:83:54:72:a9:
b7:46:a9:07:e9:98:ee:02:03:51:65:6e:c3:ae:2f:
74:ac:ca:89:03:02:3d:a6:c5:f7:b9:8e:b0:40:62:
06:1a:8a:ec:29:c0:a1:b1:16:37:e1:c4:31:87:d4:
de:d8:b6:59:8c:19:2d:8d:b2:e7:e6:32:e8:a4:63:
db:9c:23:8c:f6:b9:9b:51:22:e1:ed:c3:b5:03:b4:
3f:dd:85:c8:22:d9:de:e7:03:67:43:a7:6f:80:5f:
37:6d:3a:3b:c7:61:f6:57:77:22:d4:01:9f:ba:87:
13:3f:63:26:68:f2:f6:d0:f5:f0:f9:d6:49:46:2b:
f2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BE:4B:C0:19:55:21:EE:D4:93:A9:E0:2E:2F:2B:D7:95:2C:DF:58
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:d9:92:bf:ce:cf:a8:34:ef:fd:13:62:f5:72:d3:e1:82:d6:
28:94:ed:19:95:fb:32:65:a3:b7:6f:28:b3:71:12:6f:11:d9:
b3:99:66:58:56:5b:0a:9a:77:46:e5:3e:df:46:b3:64:fb:e7:
51:3d:cc:29:57:cc:71:fc:17:42:b7:37:d7:60:9a:71:59:6f:
82:b8:cc:57:d4:e0:34:ea:ec:22:b8:b4:43:2b:01:32:d9:ba:
d2:8a:8f:42:29:52:1d:d0:5e:ad:e9:c8:c5:3b:ab:b1:6c:8f:
42:b2:80:dc:32:50:41:50:2f:b9:50:82:d4:70:b6:6e:45:0b:
3e:37:e4:5c:3a:1a:eb:6d:bb:0f:85:f6:01:f4:49:24:45:31:
8d:88:2e:4f:dd:21:91:9a:bf:f8:96:8b:b7:4a:59:a7:06:27:
aa:41:22:63:7b:3f:81:c4:8e:81:d9:63:bf:bb:97:7b:03:32:
a0:a5:26:50:42:be:86:fd:fd:68:42:82:18:aa:e1:a1:bc:8a:
50:59:e5:ab:07:34:bb:67:37:28:a7:e9:d7:9e:51:5b:b7:c8:
2e:e6:37:51:10:fe:6b:d4:df:25:4a:04:f4:89:32:af:01:9d:
79:72:31:bd:54:66:f9:69:49:9a:b7:e1:3c:33:c4:80:d8:60:
4a:5f:77:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKkVb+xzzbAwm98acpzS6nNtRrw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3YTAwNzJjNTBlOGE0MTU1NTVhMGI2MjE5ODU3ZWQyNTU4MzZhOTQ1ZmJk
YjE1NGY3ZTJhMmUzM2RhZGRhOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLPHDEl1dLYryZU9XKoFuHbg8C8BM9VPq67D9QAmxk/MoDaXJXLJT/C1/CW
9Jh+rBZa4/fFdlWgiS+RPmXMu7+4pd/m65cehM47LrV598pEYn7gKzsX/V75NIHo
U1m0oiNT5mmXGKCeRoCoTqx3mTrzo/cUIjIot2ooKFpV5mB5LkiDVHKpt0apB+mY
7gIDUWVuw64vdKzKiQMCPabF97mOsEBiBhqK7CnAobEWN+HEMYfU3ti2WYwZLY2y
5+Yy6KRj25wjjPa5m1Ei4e3DtQO0P92FyCLZ3ucDZ0Onb4BfN206O8dh9ld3ItQB
n7qHEz9jJmjy9tD18PnWSUYr8oUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSavkvA
GVUh7tSTqeAuLyvXlSzfWDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQCo2ZK/zs+oNO/9E2L1ctPhgtYolO0ZlfsyZaO3byiz
cRJvEdmzmWZYVlsKmndG5T7fRrNk++dRPcwpV8xx/BdCtzfXYJpxWW+CuMxX1OA0
6uwiuLRDKwEy2brSio9CKVId0F6t6cjFO6uxbI9CsoDcMlBBUC+5UILUcLZuRQs+
N+RcOhrrbbsPhfYB9EkkRTGNiC5P3SGRmr/4lou3SlmnBieqQSJjez+BxI6B2WO/
u5d7AzKgpSZQQr6G/f1oQoIYquGhvIpQWeWrBzS7Zzcop+nXnlFbt8gu5jdREP5r
1N8lSgT0iTKvAZ15cjG9VGb5aUmat+E8M8SA2GBKX3dG
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:47:33 2023 by rpki-client on console-fra.rpki-client.org