Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: 5cMOZFjARcTcg32I5pRLaB/yrnPzBcVkxdPNPDMjatU=
Subject key identifier: DC:DD:85:EB:AE:BD:66:23:37:B8:B2:B3:99:1C:BB:F9:3A:20:E6:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64CDACA88A48FAA866210A099C4442182FD098D7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:cd:ac:a8:8a:48:fa:a8:66:21:0a:09:9c:44:42:18:2f:d0:98:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=ce2b64e500907b4b9fb72e38905c3a4ecff1acfbdc5af0fea91ca7868054f15a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d7:f5:df:ee:28:92:7c:f9:2e:56:80:1d:21:
a6:75:f9:38:73:a7:7c:be:21:54:57:58:2e:9b:6d:
c9:de:3d:d0:ac:f8:26:d1:d0:6d:7f:a7:0c:15:28:
55:e0:29:3c:04:f6:bd:57:95:c7:5c:b8:62:1c:f2:
a1:b5:8f:1d:25:41:e7:4b:bb:7b:b3:6c:aa:24:0e:
ef:3c:2d:77:4d:bb:23:99:68:de:eb:a7:8f:6e:2b:
96:0b:be:55:ba:90:94:50:90:be:75:f0:89:c3:ee:
c6:85:b4:2f:1a:13:8b:7f:1a:d5:14:78:e1:ca:b8:
57:b0:63:cf:62:6b:d2:20:21:dc:b9:30:14:f3:c4:
b8:93:62:70:4e:35:4c:85:eb:74:57:bd:81:57:28:
a8:4f:11:82:a5:44:3a:de:40:1e:93:82:28:0d:7c:
d2:71:b3:39:79:69:f5:ec:03:c1:42:0b:4e:5f:d4:
33:a5:b0:16:8a:8d:53:80:6e:3e:51:88:e8:42:b6:
5b:63:c9:9f:ee:1a:14:5b:da:4f:da:6c:b5:d4:d8:
d2:03:f1:47:d4:28:60:37:fc:af:47:85:04:ee:f8:
b0:dd:8f:45:93:2a:74:de:22:82:dc:91:14:81:24:
07:6d:16:d8:e3:92:26:96:d2:8a:49:81:ac:8c:d6:
df:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DD:85:EB:AE:BD:66:23:37:B8:B2:B3:99:1C:BB:F9:3A:20:E6:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:e6:8f:ae:f8:ed:03:53:0d:9b:94:de:3b:fb:99:07:68:4d:
8f:18:f4:88:49:aa:21:2a:f0:e1:d0:31:26:ac:f2:b3:e1:1e:
74:ac:e6:36:e9:7a:ed:98:d2:09:d9:57:26:b4:72:e4:3b:fb:
06:e4:70:27:a5:d2:20:4b:6e:3b:89:8d:9f:c1:28:95:04:07:
2e:fc:63:88:2d:ce:d0:25:26:f5:13:36:3c:41:19:64:8f:3d:
c2:a9:6f:dc:1a:6b:90:5c:fa:34:8a:55:1f:a5:1d:55:d1:7e:
49:38:de:ae:ea:c0:6b:f3:a1:a9:bb:70:68:35:c5:44:97:34:
89:f9:d7:3b:53:78:da:54:f7:1d:3e:01:3a:6f:d5:d7:26:2a:
35:ba:e6:73:be:e2:e1:91:fa:16:c4:92:77:44:fc:ad:b3:7a:
f0:eb:b8:44:fd:cd:6d:93:bc:a9:ab:2d:6c:f4:76:57:13:b8:
00:dc:40:4c:c4:16:63:d1:20:72:0c:0d:c8:33:19:bc:27:d0:
34:e2:0c:2d:32:22:01:6b:9b:5e:de:c8:7d:a1:e4:6d:f8:71:
87:d0:95:f5:eb:74:cf:a5:f1:d1:0e:3c:aa:c5:2c:f9:75:4f:
18:ba:6a:00:e7:0f:ba:a8:c3:8c:94:c5:96:8a:77:02:aa:c7:
f4:26:ac:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZM2sqIpI+qhmIQoJnERCGC/QmNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMmI2NGU1MDA5MDdiNGI5ZmI3MmUzODkwNWMzYTRlY2ZmMWFjZmJkYzVh
ZjBmZWE5MWNhNzg2ODA1NGYxNWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjX9d/uKJJ8+S5WgB0hpnX5OHOnfL4hVFdYLpttyd490Kz4JtHQbX+nDBUo
VeApPAT2vVeVx1y4YhzyobWPHSVB50u7e7NsqiQO7zwtd027I5lo3uunj24rlgu+
VbqQlFCQvnXwicPuxoW0LxoTi38a1RR44cq4V7Bjz2Jr0iAh3LkwFPPEuJNicE41
TIXrdFe9gVcoqE8RgqVEOt5AHpOCKA180nGzOXlp9ewDwUILTl/UM6WwFoqNU4Bu
PlGI6EK2W2PJn+4aFFvaT9pstdTY0gPxR9QoYDf8r0eFBO74sN2PRZMqdN4igtyR
FIEkB20W2OOSJpbSikmBrIzW34cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTc3YXr
rr1mIze4srOZHLv5OiDmPDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQBp5o+u+O0DUw2blN47+5kHaE2PGPSISaohKvDh0DEm
rPKz4R50rOY26XrtmNIJ2VcmtHLkO/sG5HAnpdIgS247iY2fwSiVBAcu/GOILc7Q
JSb1EzY8QRlkjz3CqW/cGmuQXPo0ilUfpR1V0X5JON6u6sBr86Gpu3BoNcVElzSJ
+dc7U3jaVPcdPgE6b9XXJio1uuZzvuLhkfoWxJJ3RPyts3rw67hE/c1tk7ypqy1s
9HZXE7gA3EBMxBZj0SByDA3IMxm8J9A04gwtMiIBa5te3sh9oeRt+HGH0JX163TP
pfHRDjyqxSz5dU8YumoA5w+6qMOMlMWWincCqsf0Jqzv
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:29 2023 by rpki-client on console-ams.rpki-client.org